Microsoft Message Analyzer Operating Guide

https://technet.microsoft.com/en-us/library/jj649776.aspx

https://blogs.technet.microsoft.com/networking/

https://blogs.technet.microsoft.com/messageanalyzer/2012/09/17/meet-the-successor-to-microsoft-network-monitor/

https://blogs.technet.microsoft.com/messageanalyzer/

https://blogs.technet.microsoft.com/netmon/2007/01/26/part-2-tcp-performance-expert-and-general-trouble-shooting/

https://blogs.technet.microsoft.com/netmon/2006/10/17/intro-to-filtering-with-network-monitor-3-0/

https://blogs.technet.microsoft.com/netmon/2007/12/21/understanding-http-flow-with-netmon-3-by-yuri-diogenes/

https://blogs.technet.microsoft.com/netmon/2010/02/24/measuring-response-times/

https://blogs.technet.microsoft.com/netmon/2010/12/21/filtering-on-timestamps/

https://blogs.technet.microsoft.com/netmon/2010/12/01/new-videos-for-advanced-filtering-and-3-4-ui-features/

Network Monitor TCP Filtering

Data Fields:

Field

Description

Example
TCP.Port Filters on the Source or Destination port.  Used to find traffic based on port which is often associated with an application. TCP.Port==80
TCP.Flags.Reset Can be used to test and see if the reset flag is set. TCP.Flags.Reset==1
TCP.Window Window Size of the current TCP frame, but ignoring the scale factor. See Property.TCPWindowSize below. TCP.Window == 0

Properties:

Property Description Example
TCPRetransmit A property that is set when a TCP retransmit is found.  Retransmits are often an indication of a network infrastructure problem and network congestion. Property.TCPRetransmit == 1
TCPPayloadLength Represents the TCP Payload Size. TCPPayloadLength == 0
TCPCheckSumStatus This is a string that represents if the check sum is valid or not.  This could be "Good" or "Bad". TCPCheckSumStatus != "Good"
TCPDescription A property to show the TCP Description for the current frame as opposed to the top most protocol description.  This is useful as a frame summary column.  You can also use it to search for specific retransmitted frames by searching for the text in the TCP summary, as the example shows. TCPDescription.Contains("#472")
TCPAckNumber The current frame's Acknowledgement Number TCPAckNumber==1234
TCPSeqNumber The current frame's Sequence Number TCPSeqNumber==1234
TCPSeqeunceRange The TCP Sequence range, as a string, which is the current seq number to the current seq plus the length of the TCP payload. TCPSequenceRange.Contains("1234")
TCPShortAckNumber A WORD representation of the Ack number to make it easy to compare and remember. TCPShortAckNumber==1000
TCPShortSeqNumber A WORD representation of the Seq number to make it easy to compare and remember. TCPShortSeqNumber==1000
TCPFlags A string representation of the various TCP flags for the frame: CWR, ECE, Urgent, Ack, Push, Reset, Syn, Fin. TCPFlags.Contains("R")
TCPWindowSize The Window Size for the current frame including the scaling factor if the 3 way handshake is available in the same trace. TCPWindowSize==0

Return to the List of Top Level Protocols

netmon,messageanalyzer的更多相关文章

  1. WinPcap权威指南(一)

    WinPcap是一个开源的网络抓包模块,顾名思义,它只能工作在Windows下,但本文介绍的知识并不局限于任何操作系统和开发语言,因为网络协议本身是没有这些区别的.阅读本指南之前,请先下载WinPca ...

  2. 深入详解美团点评CAT跨语言服务监控(四)服务端消息分发

    这边首先介绍下大众点评CAT消息分发大概的架构如下: 图4 消息分发架构图 分析管理器的初始化 我们在第一章讲到服务器将接收到的消息交给解码器(MessageDecoder)去做解码最后交给具体的消费 ...

  3. Pyhton开源框架(加强版)

    info:Djangourl:https://www.oschina.net/p/djangodetail: Django 是 Python 编程语言驱动的一个开源模型-视图-控制器(MVC)风格的 ...

  4. MPlayer

    名称   mplayer − 电影播放器 mencoder − 电影编解码器 概要   mplayer [选项] [文件|URL|播放列表|−] mplayer [选项] 文件1 [指定选项] [文件 ...

  5. python 爬取腾讯微博并生成词云

    本文以延参法师的腾讯微博为例进行爬取并分析 ,话不多说 直接附上源代码.其中有比较详细的注释. 需要用到的包有 BeautifulSoup WordCloud jieba # coding:utf-8 ...

  6. 面经 cisco

    1. 优先级反转问题及解决方法 (1)什么是优先级反转 简单从字面上来说,就是低优先级的任务先于高优先级的任务执行了,优先级搞反了.那在什么情况下会生这种情况呢? 假设三个任务准备执行,A,B,C,优 ...

  7. linux驱动(续)

    网络通信 --> IO多路复用之select.poll.epoll详解 IO多路复用之select.poll.epoll详解      目前支持I/O多路复用的系统调用有 select,psel ...

  8. HttpServletRequest对象(一)

    javaweb学习总结(十)——HttpServletRequest对象(一) 一.HttpServletRequest介绍 HttpServletRequest对象代表客户端的请求,当客户端通过HT ...

  9. Microsoft Message Analyzer (微软消息分析器,“网络抓包工具 - Network Monitor”的替代品)官方正式版现已发布

    来自官方日志的喜悦 被誉为全新开始的消息分析器时代,由MMA为您开启,博客原文写的很激动,大家可以点击这里浏览:http://blogs.technet.com/b/messageanalyzer/a ...

随机推荐

  1. CoreText原理及基本使用方法

    关于富文本的排版也是现在的一个技术点,以下是近日关于CoreText的学习记录以及个人理解,希望能对正在学习CoreText的朋友起到帮助. 1.框架坐标系 首先让我们先来看看CoreText坐标系和 ...

  2. Java后台传前台json数组

    function checkStore(){ var flag=1; $.ajax({ url:"widget?type=shop_cart&ajax=yes&action= ...

  3. 经典SQL语句大全以及50个常用的sql语句

    经典SQL语句大全 一.基础 1.说明:创建数据库CREATE DATABASE database-name 2.说明:删除数据库drop database dbname3.说明:备份sql serv ...

  4. SVN+Apache域用户认证配置方法_Windows(转,重新排版,部分内容更新优化)

    欢迎和大家交流技术相关问题: 邮箱: jiangxinnju@163.com 博客园地址: http://www.cnblogs.com/jiangxinnju GitHub地址: https://g ...

  5. 在centos中安装jenkins master测试环境

    在centos中安装jenkins   1)安装目录 pwd (/home/AAA)   2)检查java是否安装 [AAA@Centos_AAA jenkins]$ java -version  j ...

  6. SPSS数据分析—简单线性回归

    和相关分析一样,回归分析也可以描述两个变量间的关系,但二者也有所区别,相关分析可以通过相关系数大小描述变量间的紧密程度,而回归分析更进一步,不仅可以描述变量间的紧密程度,还可以定量的描述当一个变量变化 ...

  7. How do I install Adobe Flash on Debian Wheezy?

    aptitude install flashplugin-nonfreeif fail Check your settings in /etc/apt/sources.list. If this is ...

  8. .NET WebForm 简介

    WebForm是微软开发的一款产品,它将用户的请求和响应都封装为控件.让开发者认为自己是在操作一个windows界面.极大地提高了开发效率. 在学习WebForm时,其知识量比WinForm要多,在实 ...

  9. 用纯Css作三角形

    <style> //向上三角形 .triangle_up{ width:0; height:0; border-left:30px solid transparent; border-ri ...

  10. [转]HttpURLConnection的使用

    /* * URL请求的类别分为二类,GET与POST请求.二者的区别在于: * a:) get请求可以获取静态页面,也可以把参数放在URL字串后面,传递给servlet, * b:) post与get ...