SVG Wireshark icon, from the GPL'ed Wireshark ...

Image via Wikipedia

I have been trying to track down a network issue I’ve been having at work for the last month and a half. It’s a real pain because it only happens once a week randomly, and it only lasts for 2 to 5 minutes. Since it’s so unpredictable, it’s nearly impossible to track down how, or why it’s happening.

Anyway, I decided to setup Wireshark on a laptop, plug it into a port on my switch with mirroring enabled, and collect some network traffic. The problem I have with Wireshark is that it doesn’t display information is a way that is easy for me to read.

A buddy of mine recommended uploading my capture files to an online analyzer called CloudShark. This thing is actually pretty cool, and really easy to use. Plus it has easy graphing options so you can get a better visual idea of all the 1’s and 0’s you’re looking at.

CloudShark bottom-morning

Another cool thing about CloudShark is that once you’re capture is uploaded, you can forward the URL of your capture files to some of your Network Engineer buddies to get their take on what’s going on in your network, and they don’t need to break out any analyzers of their own. Everything is displayed right in their browser!

Here is a link to an example capture file:

One thing I did notice is that you need to use CloudShark in Internet Explorer or Firefox. It doesn’t work so well in Chrome.

Know of any other good, free and easy to use packet analyzer tools? Are they cloud based like this one? Let us know what you like to use in the comments.

-=El Di Pablo=-