Who Are You (Ooh, ooh)?
Jeff Trawick, WildPackets Professional Services
The Peek analyzer’s Peer Map is an often-overlooked feature that can be very powerful when used to its full potential. Unfortunately, many Peek users simply go to the Peer map, glance at the traffic diagram, and then move on to other views provided by the analyzer. A quick look at the following Peer Map sample reveals an immediate problem.
The same dilemma arises whenever we look at all of the numeric addresses and port numbers in many other Peek analyzer views. So how can we easily see who these nodes are and gather more information about them?
The first thing we can do is to name each station in the Names Table. We can also use Peer Map’s hover text to see summary data for any given node. Once we have named a node and have set its node type, the Peer Map immediately becomes much more useful. Not only will we see hover text details for the node, we will also see the node name and node type icon:
If the entire Peer Map is populated in this manner, it becomes a detailed depiction of our network. Your efforts to enter this data in the Names Table also provides the device name in Peek’s other views. Don’t forget that you can also right-click in the Peer Map to resolve one or more device names, build filters, use the Select Related function, and perform other useful tasks. The fact that you can rearrange nodes and add a background map or floor plan for the Peer Map makes this view even more beneficial. You can even customize the Peer Map by address type, protocol activity, and top talkers (based on a number of criteria.)
So take some time to put these powerful capabilities into play. You will then be able to answer not only the question “Who are you?”, but also the questions “Where are you?” and “What are you doing?”