Specifications
© 2006 Cisco Systems, Inc.
All rights reserved.
Scenarios 3-30
NAM / Traffic Analyzer v3.5 Tutorial
© 2006 Cisco Systems, Inc. All rights reserved.
Scenarios 3-30
NAM / Traffic Analyzer v3.5 Tutorial
Scenario 2
Decoding the Packets
Scenario 2
Decoding the Packets
A lot of data seen on
TCP port 2020
A lot of data seen on
TCP port 2020
Header
Decode
Header
Decode
Raw
Data
Raw
Data
Summary
Data
Summary
Data
Decoding the Packets
If the Decode window that was automatically opened when the Quick Capture was selected was closed,
Dean could always view the decode by selecting Decode from the Capture > Buffers dialog with the buffer
to decode selected.
The Packet Decoder screen provides details of the captured packets. The top window provides a summary
of the packet, including size, source and destination, the highest-layer protocol decoded, and other
information based on the decoded protocol type. Dean can see that the “other” traffic is TCP traffic because
that is the highest layer decoded—no application information is available. Selecting a packet and looking at
the lower window gives a layered breakdown of the details. Dean can see that TCP ports 2020 are used.
Looking at the raw data for one of the packets, Dean notices that this is a Q-Bits database GUI tool in
development. Dean will next add it to the Protocol directory to monitor it by name.