One of your key skills as a Microsoft network security admin is to be able to read network traces. In order to read network traces, you need a way to obtain them. One of the best (and free) network analysis tools available today is the Microsoft Network Monitor. No, I’m not talking about the old Network Monitor included with versions of Systems Management Server (SMS). I’m talking about the new, standalone version, Network Monitor 3.x.
However, you need more than just a network analysis tool. You need parsers that the tool can use to translate the protocols that you’re sniffing. The latest version of SMB, SMB2, hasn’t had a parser for Network Monitor. That is, until now.
Download your new parser for NetMon 3.1 at:
http://blogs.technet.com/netmon/archive/2008/05/06/smb2-parser-for-nm3-1.aspx
HTH,
Tom
Thomas W Shinder, M.D.
Site: http://www.isaserver.org/
Blog: http://blogs.isaserver.org/shinder/
GET THE NEW BOOK! Go to http://tinyurl.com/2gpoo8
Email: [email protected]
MVP – Microsoft Firewalls (ISA)