Hi, this is not a technical question it is more a management querstion.
Let's say you work in an Active Directory enviroment, 50 Users, several Exchange Servers, several Domain Controllers, Printservers, Fileservers etc, the whole nine....
If somebody now has a problem lets say, "my outlook client is sooo slow and freezes".
it could be anything, maybe the DNS resolves not fast enough which generates a timeout at your outlook, so looking at an exchange <-> Outlook thing would be a waste of time. or maybe the user has a mapped drive, the OS cant look it up fast enough to wasting time analyzing something at the client <-> fileserver would be solve anything:
that said, i want to ask you guys, how do you perform such tasks ? how to you start, which settings do you check first, which last, how do you dissect the usefull informations from the daily network "trashtalk".
i ask this querstion as open as possible intentionally. it's not about solving the problems above it's more a general question of how you manage the big ammount of data you can collect with wireshark.
asked 10 Feb '14, 02:46
edited 10 Feb '14, 06:44
Kurt Knochner ♦