| Useful Scripts and Programs | 2021-12-07 | Updated GitHub links |
|
find-reset-connections.sh - Find TCP connections that have been reset without being closed.
Documentation at find-reset-connections.sh.html | 2022-03-23 | Updated to fix a bug that was causing connections where host-A sent a FIN, Host-B sends data, Host-A sends a RESET and then Host-B sends a RESET to be identified as reset. |
Noah's Favorite Networking References | 2020-12-20 | Removed link to The ICSI Netalyzr, it is no longer available |
|
| check-subnet.sh Test whether an IPv4 address is part of a subnet or not. Useful when comparing a lot of addresses to a lot of subnets. Documentation at check-subnet.sh.html | 2019-12-01 | |
|
| dns-time.sh - Create a table of DNS server query response times and list of unanswered queries. Documentation at dns-time.sh.html | 2019-10-20 | Added a third table to take into account what the application sees if there are multiple name servers and the first one does not respond. |
tshark: The capture file being read can't be written as a "pcapng" file. How to extract frames into a pacp file when tshark reports the error "The capture file being read can't be written as a "pcapng" file." | 2019-06-02 | |
|
| find-reset-connections.sh - Find TCP connections that have been reset without being closed. Documentation at find-reset-connections.sh.html | 2019-05-14 | Updated to fix a bug that was causing connections where host-A sent a FIN but host-B sent the reset to be missed. Also sort the list of reset streams numerically and Print a message if no reset streams found. |
|
| local-drops.sh - For each retransmitted TCP segment determine if the segment is seen more than once. Documentation at local-drops.sh.html | 2019-04-24 | Added a title line labeling the columns and a data length column. Also redirect stderr to /dev/null, piping the tshark output through head results in a boken pipe error which is anonying |
Default TTL values for various OSes and protocols | 2019-01-06 | Added F5 Big-IP |
| List of various pages that I refer to | 2018-09-30 | Updated to remove pages I have stopped refering too |
| ping-message.sh A script to send an ICMP echo request (ping) with a 16 character message embedded in it instead of the standard sequence of ascii characaters. Documentation at ping-message.sh.html | 2018-06-03 | |
| ping-time.sh A script to send an ICMP echo request (ping) with a 16 character time stamp (HH:MM:SS.sssssssss) embedded in it instead of the standard sequence of ascii characaters. Documentation at ping-time.sh.html | 2018-06-03 | |
| A Perl script to calculate the delta time between timestamps at the start of a line | 2018-04-26 | replaced < and > with HTML escape sequences so web page displays script correctly |
|
| find-mangled-sequence-numbers.sh Find TCP connections where some middleware device has rewritten the TCP header sequence numbers but not the numbers in the SACK block. Documentation at find-mangled-sequence-numbers.sh.html | 2018-04-24 | |
|
| failed-connection-attempts.sh - Find TCP connection attempts that have a failed. There are 8 failure scenarios, Documentation at failed-connection-attempts.sh.html | 2018-04-08 | fixed identification of an RST failure and added SaR failure scenario |
|
| find-retran-failures.sh - Find TCP connections that appear to have failed because of retransmission failures. Documentation at find-retran-failures.sh.html | 2018-03-20 | |
|
| packet-matcher.sh - Extracts byte strings from a TCP stream in a template trace and looks for the strings in a target trace. The goal is to find a match TCP stream in the target trace file. Documentation at packet-matcher.sh.html | 2018-03-07 | Reqired a special profile to handle some prtocols, skip strings to many repeating chacaters, changed output format, and other things |
|
| time-summary.sh - Finds all files in the current directory and any sub directories and displays then start and end times in sorted order. Documentation at time-summary.sh.html | 2018-02-13 | will now skip files with no packets instead of displaying a time of n/a |
| Updated resume in HTML format | 2018-02-02 | |
| Updated resume in PDF format | 2018-02-02 | |
| Wireless LAN at JFK Airport | 2018-01-11 | |
| How can I capture the packet headers but not the data? | 2017-12-10 | |
| The Limitations of the Ethernet CRC and TCP/IP checksums for error detection | 2017-11-12 | Explicitly indicated that the TCP checksum includes the TCP data |
|
| throughput-per-sec.sh - Calculate throughput per second of a specific stream at resolutions of 1, 1/10, 1/100, and 1/1000 of a second. results are suitable for graphing. Documentation at throughput-per-sec.sh.html | 2017-10-16 | |
|
| packet-matcher-faster.sh - Compares IP ID and absolute TCP sequence and ACK numbers between two traces to match up TCP segments where the IP addresses and or TCP have been changed (i.e. NAT). Documentation at packet-matcher-faster.sh.html | 2017-09-17 | |
|
| build-filter.sh - Builds a tshark filter by ANDing or ORing the values in a list with a tshark variable. Documentation at build-filter.sh.html | 2017-09-07 | |
|
| fix-pcap.sh - Removes a partial packet at the end of a packet trace file. Documentation at fix-pcap.sh.html | 2017-09-06 | |
|
| find-ips.sh - Uses egrep to list all strings in a file that match an IPv4 address format and then sort -u to get a unique list. Really just a one-liner by this way I do not have to remember (or type) the egrep string. Its useful with build-filter.sh to create a filter to display all the IPs listed in say a log file. Documentation at find-ips.sh.html | 2017-08-30 | |
|
| stream_throughput.sh - Calculate the throughput of all TCP streams in a trace file. Documentation at stream_throughput.sh.html | 2017-07-26 | |
|
| split-pcap.py - Reads X.pcap and creates a set of X.pcap_IP1-Port1_IP2-Port2_split.pcap files, one for each TCP four-tuple. Reads only pcap files not pcapng. Requires Python and the scapy module. Documentation at split-pcap.py.html | 2017-07-13 | |
|
| bytes-in-flight.sh - Calculate the bytes in flight after each ACK. Documentation at bytes-in-flight.sh.html | 2017-07-10 | |
|
| percent-retransmissions.sh - For every connection in the trace file calculate the percentage of retransmissions for every source IP address as retransmissions / not-retransmitted source segments. segments must contain data, i.e.will not identify retransmitted SYNs or FINs without data. Documentation at percent-retransmissions.sh.html | 2017-06-01 | |
| average.sh - Average a value returned by tshark. Documentation at average.sh.html | 2017-04-01 | |
| start-packet-tracing.sh - Runs tcpdump in the background with 10 files of 100 Meg each. Documentation at start-packet-tracing.sh.html | 2017-04-01 | |
| unterminated-connections.sh - Find TCP connections that have not been closed or reset. Documentation at unterminated-connections.sh.html | 2017-04-01 | |
| measure_retrans_effect.sh - A shell script to measure the effects of retransmissions | 2017-09-30 | |
| split-pcap.pl - A Perl script to separate the TCP flows in a pcap file | 2017-07-09 | Added a link to the new split-pcap.py python script |
| Graphing the number of connections seen in a packet trace file | 2016-06-05 | |
| Pain Scale | 2016-05-15 | |
| A Perl script to calculate the delta values between 2 or more sets of numbers contained in a file | 2016-03-26 | Added the separator argument |
| ping-date.sh - A shell script to send a ping containing the current date/time as text | 2015-09-06 | |
| A Native Windows tool to capture packets (no downloading necessary) | 2015-04-05 | |
| A Better Tshark follow stream - A shell and perl script combination to make a better follow stream than the default "-z follow,..." that tshark has. | 2015-03-08 | |
| Calculating TCP throughput and why you cannot rely on Wireshark | 2014-11-01 | |
| Interesting traces summary page | 2014-05-04 | Added trace 38 "out of order versus retransmission" |
| Perl script to send a labeling frame for inclusion into a protocol analyzer trace file | 2013-12-10 | Added Broadcast flag to allow broadcasts in systems that require the flag |
| Why can't I turn Auto-Negotiation off on my Gigabit and 10 Gigabit links? | 2013-10-06 | |
| Stratus blog: Inconsistent success using public keys | 2013-06-03 | |
Stratus blog: Remote Command Execution | 2013-04-24 | |
| Stratus blog: Update to \93Changes in the STCP accept code may affect applications\94 | 2013-04-15 | |
| Stratus blog: How to access the graphical administrative interface of devices on the maintenance network | 2013-03-11 | |
| Stratus blog: Clone Wars | 2013-01-25 | |
| List all processes which have at least 1 STCP device clone locked | 2013-01-18 | |
| Listing processes attached to an STCP TCP socket | 2013-01-18 | Updated to indicate that macro will not list processes with unbound ports. You should run stcp_device_lockers.cm instead. |
| How many sockets can STCP really support and how do you determine the number currently in use? | 2013-01-17 | Updated for release 17.1, mention of the update_device_info command and modified the socket_count command macro to handle changes in analyze_system output for 17.1 |
| Stratus blog: Telnet versus SSH | 2013-01-11 | |
| Stratus blog: Host versus Hosts |
2012-11-18 | |
| Stratus blog: The Importance of -1 | 2012-10-29 | |
| Stratus blog: Third Party Keep-Alives | 2012-09-20 | |
| Third Party Keep-Alive | 2012-09-19 | |
| Stratus blog: STCP\92s Duplicate IP Address Detection | 2012-08-21 | |
| Stratus blog: packet_monitor and the TCP options supported in OpenVOS 17.1 | 2012-07-06 | |
| Command macros to display the names of users who are connected to a module via telnetd or sshd, the devices they are connected to and the IP address and port number they are connecting from. | 2012-06-07 | Updated map_telnetd_connections.cm and map_secured_connections.cm to work with 17.1 |
| Stratus webinar presented May 23, 2012: Securing the VOS Telnet Daemon | 2012-05-25 | |
| A VBS script to stop a dumpcap (Wireshark) trace when a packet is seen (or not seen) in a tracefile | 2012-05-20 | |
| Stratus blog: TCP Backlog Capture | 2012-05-18 | |
| Stratus blog: Taking the Scenic Route | 2012-04-14 | |
| Stratus webinar presented March 21, 2012: VOS OSL Server Processes, How many do I really need? | 2012-04-02 | |
| Stratus blog: YouTube video of "VOS OSL Server Processes, How many do I really need?" technical webinar presented March 21, 2012 | 2012-03-27 | |
| Stratus blog: How active is that connection in the window? | 2012-02-19 | |
| Stratus blog: YouTube video of "OpenVOS Network Application Performance" Technical Webinar presented Jan 18, 2012 | 2012-01-19 | |
| Stratus webinar presented January 18, 2012: Network Application Performance | 2012-01-18 | |
| Stratus blog: SSH keys: DSA versus RSA | 2011-12-22 | |
| Stratus blog: Maximum Transmission Unit (MTU) versus Maximum Segment Size (MSS) | 2011-12-01 | |
| Stratus blog: A (very) simple log server for VOS | 2011-11-17 | |
| Interesting traces summary page | 2011-11-06 | Added trace 35 "Checksum errors" |
| Stratus blog: You don't exist go away | 2011-10-07 | |
| Stratus blog: Issues with newly registered users and SSH | 2011-09-09 | |
| Stratus blog: Sharing the Load \96 Multiple Processes Listening on the Same Port Number | 2011-08-01 | |
| Stratus blog: The amazing appearing/disappearing host routes | 2011-07-07 | |
| Stratus blog: Changes in the STCP accept code may affect applications | 2011-06-26 | See Stratus blog: Update to \93Changes in the STCP accept code may affect applications\94 for some missing information |
| Stratus blog: Host name resolution, a whole new paradigm | 2011-05-30 | |
| Stratus blog: Whats in a hostname? | 2011-04-11 | |
| Stratus blog: Do you have enough OSL server processes runing? | 2011-03-23 | |
| Stratus blog: Flushing the STCP ARP cache | 2011-02-28 | |
| Stratus blog: Pardon me but do you have the time? | 2011-02-09 | |
| Stratus blog: Embedding passwords in a program is not very secure | 2011-01-24 | |
| Stratus blog: Don\92t forget to handle a graceful close, even if they can\92t happen | 2011-01-07 | |
| Stratus blog: What is your IP address? | 2010-12-08 | |
| Stratus blog: SSH and Passwords, Oh My! | 2010-12-03 | |
| Instructions for using Microsoft Windows 2000/2003 server Network Monitor. This is a ZIP of a DOC file. The ZIP file 2.5 meg | 2010-11-26 | Added a disclaimer to VBS script that can trigger the trace to stop |
| Tools to help monitor STCP and TCP_OS networks and devices | 2010-11-26 | Added disclaimers to the Excel spreadsheet macro and the Perl script |
| Perl script that uses TCP to "ping" a host | 2010-11-26 | Added a disclaimer to the script |
| STCP tool that allows you to ping (sort of) when a firewall is blocking pings | 2010-11-26 | Added a disclaimer to the program |
| Listing processes attached to an STCP TCP socket | 2010-11-26 | Added a disclaimer to the macro |
| Count number of STCP TCP sockets being used and list current limits | 2010-11-26 | Added a disclaimer to the macro |
| C program that allows you to log into a remote system via "telnet" and execute commands in a script. Allows execution within a command macro | 2010-11-26 | Added a disclaimer to the program |
| Setting up Stratus STCP SSH to use public key authentication | 2010-11-26 | Added a disclaimer to the personal_ssh_setcp.cm file |
| Perl script to combine all packet_monitor protocol header lines into 1 line eliminating non-header lines | 2010-11-26 | Added a disclaimer to the script |
| Perl script to take the output from packet_monitor and reformat it for processing into a pcap file. | 2010-11-26 | Added a disclaimer to the script |
| VBS script to ping a host and execute a command if the ping fails | 2010-11-26 | Added a disclaimer to the script |
| Command Macro that sets up an output file and runs packet_monitor in a started process sending its output to that file instead of the terminal screen. Also sets up useful arguments and filters | 2010-11-26 | Added a disclaimer to the macro |
| A VBS script to periodically collect network statistics for baselining and trouble shooting Windows systems | 2010-11-26 | Added a disclaimer to the script |
| Command macro to loop through interface list doing a netstat -interface. | 2010-11-26 | Added a disclaimer to the macro |
| Monitor netstat output filtering out uninteresting lines | 2010-11-26 | Added a disclaimer to the macro |
| Command macro that runs netstat and filters the output for specific strings | 2010-11-26 | Added a disclaimer to the macro |
| Perl script to match lines from files | 2010-11-26 | Added a disclaimer to the script |
| Command macros to display the names of users who are connected to a module via telnetd or sshd, the devices they are connected to and the IP address and port number they are connecting from. | 2010-11-26 | Added disclaimers to the macros |
| VBS script to list all files in a directory tree by size. | 2010-11-26 | Added a disclaimer to the script |
| Command macro that lists the vterm parameters needed by telnet_msd for a set of vterms defined by a star name | 2010-11-26 | Added a disclaimer to the macro |
| Listing the STCP IP connections (sockets) associated with a process | 2010-11-26 | Added disclaimers to the macros |
| A scanner to find all hosts on a local subnet (uses ARP) | 2010-11-26 | Added a disclaimer to the macro |
| A macro to dump the stcp metering data and/or the TCB structure for a socket or sockets based on local or remote IP addresses or port numbers or state | 2010-11-26 | Added a disclaimer to the macro |
| A macro to dump the TCB and socket meters for all sockets associated with a process (or processes) | 2010-11-26 | Added a disclaimer to the macro |
| Command macro to display process data from a set of processes | 2010-11-26 | Added a disclaimer to the macro |
| Beacon packet to assist in protocol trace synchronization | 2010-11-26 | Added disclaimers to the programs |
| The 7 tests of highly reliable server applications | 2010-11-26 | Added a disclaimer to the program |
| Managing a large output file by creating multiple little output files | 2010-11-26 | Added a disclaimer to the macro |
| Command Macro to gather STCP interface and Ethernet adapter statistics | 2010-11-26 | Added a disclaimer to the macro |
| A JavaScript based script to generate passwords | 2010-11-26 | Added a disclaimer to the script |
| Perl script to generate passwords | 2010-11-26 | Added a disclaimer to the script |
| Dead Gateway Detection on VOS | 2010-11-26 | Added disclaimers to the macros |
| Dead Gateway Detection on ftServer | 2010-11-26 | Added a disclaimer to the script |
| Stratus blog: IT Myths - TCP guarantees delivery of your data | 2010-11-22 | |
| Stratus blog: Application event notification via E-mail | 2010-11-01 | |
| Stratus blog: Network Traces and Data Security | 2010-10-24 | |
| Stratus blog: Telnetd and remote (TCP connected) printers | 2010-10-01 | |
| Stratus blog: Line termination problems when using SFTP | 2010-09-09 | |
| Stratus blog: Testing network connectivity \96 alternatives to ping | 2010-08-31 | |
| Stratus blog: When an employee leaves the company deleting log-in credentials is not enough | 2010-08-18 | |
| Stratus blog: TCP is a stream of bytes not messages | 2010-07-18 | |
| Stratus blog: SDLMUX revisited | 2010-07-08 | |
| Stratus blog: Accessing the ftStorage array's GUI interface from your workstation | 2010-06-29 | |
| Stratus blog: Services file not just for server processes | 2010-06-04 | |
| Stratus blog: Monitoring network adapter status | 2010-05-25 | |
| Interesting traces summary page | 2010-05-23 | Added trace 33 "FTP server's IP address is changing in the middle of an FTP session" |
| Stratus blog: Interop report - April 27th 2010 Las Vegas NV | 2010-05-04 |
| Stratus blog: Unblocking calls to the recv function without using non-blocking mode | 2010-04-28 |
| Stratus blog: Why didn't my bandwidth upgrade speed up my file copies | 2010-04-08 |
| Stratus blog: Explaining the traceroute command | 2010-03-30 |
| Stratus blog: Automating file transfers with SFTP | 2010-03-08 |
| Stratus blog: Automating file transfers with FTP macros | 2010-02-22 |
| Stratus blog: Five tips to help speed problem resolution | 2010-02-12 |
| Stratus blog: Using SNMP to monitor your connection to your switch | 2010-01-25 |
| Stratus blog: Do you know where your TCP connections really end? | 2009-11-23 |
| Stratus blog: Application Performance Problems and Latency | 2009-11-16 |
| Stratus blog: Dealing with Daylight Savings Time | 2009-10-21 |
| Stratus blog: Are you forwarding packets? | 2009-10-08 |
| Stratus blog: packet_monitor mirror ports and taps Oh My! | 2009-09-24 |
| Stratus blog: Pings can be Dangerous | 2009-08-30 |
| Stratus blog: Is your pre-production network testing effective? | 2009-08-18 |
| Stratus blog: Can you improve fault tolerance with multiple IP interfaces on the same subnet? | 2009-07-30 |
| Stratus blog: An easy way to improve TCP throughput across subnets | 2009-07-07 |
| Stratus blog: Things to consider on a Multihomed OpenVOS Module | 2009-06-19 |
| Stratus blog: Do You Know Your Network Neighbors? | 2009-06-16 |
| Stratus blog: Network Related Performance Problems? Check for low level Ethernet errors first | 2009-06-05 |
| Stratus blog: Getting the most out of packet_monitor | 2009-05-29 |
| Stratus blog: Are these processes really needed? | 2009-05-15 |
| Stratus blog: Telnet can't live with it, can't live without it | 2009-05-07 |
| Stratus blog: "SSH 2" versus "OpenSSL and OpenSSH release 2" | 2009-04-30 |
| Stratus blog: How to Reserve a Port Number for Your Application | 2009-04-23 |
| Stratus blog: When Sockets Go Bad | 2009-04-16 |
| Stratus blog: Whither TCP statistics | 2009-04-08 |
| Stratus blog: A host based firewall for VOS | 2009-04-02 |
| Stratus blog: SSH Tunneling | 2009-03-23 |
| Stratus blog: Test Monday (or: Are Your Network Connections Really Fault Tolerant?) | 2009-03-16 |
| Noah's resume (top page) | 2009-03-04 | minor changes to work history |
| Anonymizing VOS | 2009-02-06 | Updated with information about network time protocol |
| Default port numbers used by Stratus supported server and client applications? | 2008-10-06 | Updated with new applications and converted to an HTML file. The original file is still available here |
| Mapping TCP or UDP ports back to a VOS, ftServer, or ftLinux process | 2008-09-18 | Added procedure for processes using STCP UDP ports |
| Secure Web Browsing When You Are Away From Home | 2008-08-30 | added a comment about web proxies and bank certificates |
| How to identify and correct Ethernet duplex mismatch problems | 2008-08-27 | |
| Selecting TCP Port Numbers for Fun, Profit and Reliability | 2008-06-27 | convert to HTML, update for STCP UDP |
| Noah's home page | 2008-06-07 | Added a link to the "dates" page |
| Living with STCP | 2008-06-04 | correct TTWin version that supports SSH tunneling |
| Understanding STCP Send and Receive Windows | 2008-05-07 | information on stcp-1447 and stcp-2387 fixes |
| The TCP Keepalive feature as implemented under STCP | 2007-05 | describe stcp-2349 and stcp-2367 and the use of list_stcp_params and set_stcp_param |
| How many sockets can STCP really support and how do you determine the number currently in use? | 2006-12 | an updated version of socket_count.cm can be found here
|
| Demystifying STREAMS memory | 2006-10 |
| Password Generation for MS Windows. | 2006-09 |
| FTP Issues and Solutions | 2006-07-18 | information on sftp-248 and release 14.7.2ah |
| MAC address assignment of ftServer\AE V Series and Continuum\AE network interface adapters | 2006-05 |
| MAC Address Assignment of ftServer System Network Interface Adapters | 2006-01 |
| Using Dummynet to simulate a WAN over a LAN. | 2006-01 |
| The ARP cache (for all 6 TCP stacks) | 2005-12-07 | include some information on Red Hat |
| Assuring a Seamless Ethernet Failover with Proper Switch Configuration | 2005-11-07 | information on sdlmux-129 and multiple switch topologies |
| Instructions for using tcpdump to get a useful network protocol trace. | 2005-11 |
| Help, I'm stuck in FIN_WAIT_2 and I can't get out | 2005-07-05 | include STCP information) |
| Realistic Expectations for your Gigabit Network | 2005-07 |
| tping is a ping replacement for Microsoft Windows that uses TCP connections instead of ICMP. This is a ZIP file containing some documentation and the EXE file. | 2005-05 |
| VOS File Transfer Options | 2005-04 |
| Porting TCP_OS applications to STCP | 2004-09 |
| Tuning Your MSS | 2004-06 |
| Writing a server started by STCP's POSIX version of inetd | 2003-09 |
| Eliminating Underrun errors on the ftServer | 2003-09 |
| Fault Tolerant Networking on VOS | 2003-09 |
| How to map TCP ports back to a VOS or ftServer process | 2002-12 | an update to this article can be found here |
| Your application from the network\92s perspective | 2002-09 |
| Trouble Shooting with network traces | 2002-09 |
| TCP keep-alive NOT! | 2001-12 | an updated an update to this article can be found here |
| Some thoughts on security for the VOS Operating System | 2001-12 |
| Connection issues with STCP | 2001-06 |
| The performance impact of packet loss | 2001-04 |
| I see in the syserr log\85 | 2000-09 |
| Balancing the load, multiple TCP application servers | 2000-06 |
| DLMUX - fault tolerance for VOS Ethernet Devices | 2000-04 |
| Why won't my TCP based server start | 2000-02 |
| The secrets of inetd | 2000-01 |
| Check the low level Ethernet statistics | 2000-01 |
| LAN Network Administration for the VOS System Administrator | 1999-09 |
| Multi-homing is simple | 1998-10 |
| DL_MUX and RNI | 1998-09 |
| Full duplex Ethernet - faster Ethernet for a price | 1998-07 |
| FTX's TCP/IP Environment | 1998-04 |
| Host name resolution under TCP_OS | 1997-12 |
| SQE isn't tricky | 1997-10 |
| Routing made simple | 1997-09 |
| Terminals are tricky | 1997-06 |
| Taking the pulse of your network with netstat or what do all those numbers really mean | 1996-09 |
| Netstat probable causes color coded chart | 1996-09 |
| Resolving Network Problems with packet_monitor.pm and pm.pm (RTF document) | 1995-09
|
Send comments and suggestions