WINDOWS 2000 SERVER

CAPTURE TRAFFIC TO AND FROM A SERVER WITH NETWORK MONITOR

The ability to analyze network traffic passing through a server can be a valuable tool for troubleshooting problems with services, client applications, network access, and other problems. While it's useful to have a full-blown network sniffer device or application in some situations, a simple network monitor will often do the trick for a single server.

Windows 2000 Server's Network Monitor offers the ability to monitor traffic for the local server. To install Network Monitor, open the Add/Remove Programs applet from Control Panel, and click Add/Remove Windows Components. Select Management And Monitoring Tools, click Details, select the Network Monitor Tools check box, and click OK.

After installing Network Monitor, you can open it from the Administrative Tools folder. When Network Monitor opens, go to Capture | Networks to open the Select A Network dialog box, where you can choose which interface to monitor. To begin capturing all traffic to and from the server, go to Capture | Start.

You can also apply a filter to specify which traffic Network Monitor captures. To do so, go to Capture | Filter to open the Capture Filter dialog box, where you can specify protocols, addresses, and pattern matches for the filter.

When you're satisfied with the configuration, go to Capture | Start to begin the capture. Traffic statistics appear in the right pane. When you've captured enough data, go to Capture | Stop. To view the captured frames, go to Capture | Display Captured Data, or press [F12].