Problems caused by bad TCP/IP configurations are much more common than problems caused by bad TCP/IP protocol implementations. Most of the problems you encounter will succumb to analysis using the simple tools we have already discussed. But on occasion, you may need to analyze the protocol interaction between two systems. In the worst case, you may need to analyze the packets in the data stream bit by bit. Protocol analyzers help you do this.
Network Monitor is the tool we’ll use. It is provided with Windows NT Server 4.0. Although we use Network Monitor in our examples, the concepts introduced in this section should be applicable to any analyzer, because most protocol analyzers function in basically the same way. Protocol analyzers display network statistics and allow you to select packets and to examine those packets byte by byte. We’ll discuss all of these functions.
The Network Monitor comes with Windows NT Server 4.0, but it is not installed by default. To install the monitor, go to the Control Panel, open Network, select the Services tab, and click on Add. From the list of services that is displayed, select and install “Network Monitor Tools and Agent”. Once the Network Monitor is installed, it is run from the Start menu [Start → Programs → Administrative Tools (Common) → Network Monitor].
When the Network Monitor starts, it just sits there. To see any interesting statistics or data, you must select Start from the Capture menu ...