Default Account Names, Passwords and Privileges | Finisar Surveyor

Surveyor

User’s Guide

each port on which you have installed a THGm analyzer card. Do not select ports for other devices. Click OK.

Use the Local Ports for Switching Taps tab in the dialog box to tell Surveyor which local COM port is attached to the tap device. Click the check box opposite the correct port number.

You can change the ports to be scanned or the local port for a tap device at any time. Select the System Settings... option of the Configuration menu to display the System Settings dialog box.

3.With Remote plug-in, you are asked for an account name and password in the Login dialog box.

Surveyor provides two default accounts, guest and su. Table 3-1 shows the password and privileges associated with these accounts. Choose an account, complete the dialog box, and click OK.

Table 3-1. Default Account Names, Passwords and Privileges

Default Account Name	Password	Privileges

guest	public	full

su	manager	super-user

Normally, you can use either account to access all remote resources. If a remote resource will not permit access with either of these accounts, then get the user name and password from the resource owner and establish an account on that resource. To access a remote resource, you must have an account and password set up on the remote system containing the resource or use the remote system’s guest account.

You can also password-protect local resources. See the section called “Protecting Local Resources” in the “Resources and Modes” chapter.

4.Surveyor starts (arms) your local devices automatically the first time you start the software. For subsequent launches of Surveyor, local devices are not started automatically.

From the Resource Browser, click on the button that corresponds to the analyzer card or adapter that you want to control with the Surveyor software. The resource can be local or remote. A monitor window appears for the analyzer adapter you select.

3-2

Image 42

Finisar Surveyor manual Default Account Names, Passwords and Privileges

Contents

Surveyor License Trademarks and CopyrightsFinisar Software License Agreement Term Patent and Copyright Indemnification Limited Software WarrantyRestricted Rights Legend Limitation of Liability Internet Address Customer Support PhoneCustomer Support FAX World-Wide Web Mailing Address Table of Contents Configuring Surveyor Surveyor Resources and Modes Views Transmit Specification Capture and Display Filters Alarms 10-1 10-15 10-58 10-102 Multi-QoS 11-1 Counters 12-113-1 Utilities Keyboard Shortcuts Implementation ProfilePre-Defined Filter Templates Parser Names List of Figures 10-1 List of Tables Application Layer Host Table View, Table Column Descriptions 11-21 11-8 Surveyor Introduction Surveyor Functions Surveyor FunctionsFunction Description Introduction Finisar Analyzer Devices Analyzer DevicesProtocols Supported Finisar Device Description XNS Oracle Suite IPX/SPX Suite AppleTalk Phase2DECnet Phase Banyan Vines Suite IBM ISO Disk Caching Whats New in ReleaseCapture to Disk and THGsE Analyzer Support Capture Management Expanded Multi-QoS Support Smnp Extended AgentNew and Enhanced Protocol Decodes Surveyor RAM System RequirementsSystem Requirements PII Upgrading Surveyor Supported Analyzer Cards and Network Adapter CardsDesktop PC Installing Surveyor Installing the THGm, Windows NT Installing Analyzer HardwareInstalling Analyzer Hardware in a Desktop PC Installing THGm, Windows 2000/XP Installing Analyzer Hardware in a Notebook PC Cdrom Installation Installing More Than One Analyzer Card in a Notebook PC Compatibility Matrix Hardware/Software Compatibility Matrix Surveyor Surveyor System Launching Surveyor Default Account Names, Passwords and Privileges Basic Navigation Tips Surveyor Getting Started Buttons and Toolbars Surveyor ToolbarModule Toolbar Summary View Buttons and Toolbars Detail View Toolbar Getting Started Data Views Toolbar Getting Started Surveyor Filter Design Toolbar Filter States Design ToolbarDesign window Surveyor Capture View Toolbar Surveyor Getting Started File Formats Providing a Name Table to Surveyor Establishing Links for THGm Configuring the Interface Customizing Views and WindowsDocking Windows Capture View Display Options Configuring Surveyor Setting Histogram Colors Histogram Options Setting the Monitoring View for a Module Setting Histogram Zoom FactorSetting the Histogram Download Size Choose Monitor View Preferences Configuring Chart Views Table Views Module Settings Properties Hardware Device Properties Buffer Size Default Module SettingsModule Setting Default Values Packet Slice Slicing Size Stop-and-Save Capture Buffer Expert Analysis ModeNon-Well-Known-Ports Mode Modes Configuring Ports to Scan System SettingsMonitor M-QoS Only Mode WKP4620 Configuring Remote Communications RSP Time Out value Setting Update Timers Protocol Color Coding Default Display Timer Settings Display Timer Default Value Disk Options Cache File LocationDisk Capture Location History Log File Settings and Default Values Log Setting Configuring AlarmsConfiguring Counter Logging Mmddhhmm.ss Mmmonth ddday hhhour mmminute sssecond Configuring a Multi-Port Tap or Switch Configuring a Multi-Port Tap or Switch Connecting a Tap with THGs or THGsE Settings for Analyzer DevicesSetting the Local COM Port for Taps and Switches Resetting an Analyzer Device Click the Reset Host/Image Upgrade button Updating an Analyzer Device Advanced Configuration Customizing Expert Diagnostic InformationSurveyor.ini File Assigning Names to Protocols Monitor MONITOR.INI FormatMapping= port num,short name,long name Long name Port numShort name MONITOR.INI Examples Mapping=921,CXP,Company X Protocol Mapping=6063, XWIN6063,X Windows on portMapping=2900,VIDEO,Video Audio Network Communicator How Surveyor Assigns Protocol Names Monitoring Well-Known Ports Monitoring Non Well-Known Ports 11. Default Names for Non-WKP TCP Ports12. Default Names for Non-WKP UDP Ports Name TCP port values Ip addr Assigning TCP or UDP Ports to Protocol ParsersMapping=port num,ip addr,parser name,name Port num Parser name Parser Names Surveyor Resources and Modes Resource Browser Remote Resources Surveyor Software Naming Remote IP Resources Aliases Host Properties Dialog Box for Establishing an Alias Resource Protection Remote User PrivilegesPrivilege Description Hardware Devices Settings option from the ModuleModes Surveyor Resource Modes Description Resource Type Hardware Device Capabilities Synchronized Resources Hardware Device CapabilitiesNdis Hints and Tips for Resources Surveyor Views Static Data Summary View Module Window Tabs Within Summary ViewTab Description/Action Detail View Vlan Detail View Using Capture + Monitor Mode in Detail View Capture View Capture View WindowSummary Pane Exporting and Printing Decodes Configuring the Capture View DisplayCreating Filters from Capture View Display Options Histogram Options Other Options Histogram Color Coding Histogram Display and Button Controls Views Histogram Display Showing Colors Histogram Default Colors Histogram Display, Large Capture Example Histogram Button Controls Histogram Mouse Controls Sizing/Selecting Areas with the Mouse Line Graph or Stair Step Right Mouse Options in the HistogramSaving Portions of the Data Linear Scale or Logarithmic Scale Packet Editor Buttons Packet EditorResume Analysis Button Description/Action Editing in Hex View Data ViewsEditing in Decode View Ring Statistics View Token Ring Only MAC Statistics View Rx MAC Statistics View Capture MAC Statistics View Tx Frame Size Distribution View Chart Protocol Distribution View Protocol Distribution View, Chart Buttons Packets Protocol Distribution View, Chart Buttons ProtocolsChart Button Description/Action NET Display Button Description/Action Utilization/Error ViewProtocol Distribution View, Graph Type Buttons 10. Protocol Distribution View, Table Column Descriptions Host Table View 11. Host Table View, Table Column Descriptions Network Layer Host Table View 12. Network Layer Host Table View, Table Column Descriptions Application Layer Host Table View Host Matrix View 14. Host Matrix View, Table Column Descriptions Network Layer Matrix View 15. Network Layer Matrix View, Table Column Descriptions Application Layer Matrix View 16. Application Layer Matrix View, Table Column Descriptions Vlan Vlan View Address Mapping View 17. Vlan View, Table Column DescriptionsTable Column Description 19. Duplicate Address View, Table Column Descriptions Duplicate Address View Expert plug-in only18. Address Map View, Table Column Descriptions Vlan ID Expert View Expert plug-in only Application Response Time View Expert plug-in onlyMulti-QoS View Multi-QoS software only Hints and Tips for Using Views Surveyor Getting Started with the Filter Interface Press the Create/Modify Capture FilterFilter Design window Creating Filters with Filter Templates Available Filter Templates box Add Port Numbers to Custom Filter Templates Sample Filter Design window is shown below Station Addresses Creating and Applying a ConversationProtocol and Frame Type ISL, Q+EV2 Traffic Direction Indicator Apply Conversation to Template Check Box Defining Port Numbers Creating and Applying a Port NumberSelecting Filter Templates Conversation Element Description Multiple Byte Patterns in Filter Templates Creating Custom Filter TemplatesCustom Templates Based on Pre-Defined Templates Custom Templates Based on Specification of Byte Patterns Entering Values that Cross Byte Boundaries Bit-Level Filtering Filter Creation Creating Filter Template Combinations Not Filter ActionsOperator Buttons for Template Combinations Description Template Combination box Action Description Actions for Capture FiltersCapture Filter Actions Packets until the buffer is %% full field Actions for Display Filters Counter Conditions for FiltersDisplay Filter Actions Capture Filter Global Values Global Values that Affect Capture Filter ActionsFrame Types Capture Filter Global Description Multi-State and Multi-Statement Filters Frame types are shown in Table Example Filter States Design Window Filter Structure Filter States Changing States Changing Filter OperationGoTo Current State Filter Statements Capture and Display Filter Differences Activating Display FiltersActivating Capture Filters Filter Examples Filter Example, Capture Conversation Surveyor Filter Example, Template Combination Filter Design Window, Template Combination Example Surveyor Filter Example, Capture TCP Port Traffic Filter Design Window, Capture TCP Port Example Surveyor Filter Example, Advanced Filter Advanced Filter, Filter States Design Window Rules of the Capture or Display Filter Hints and Tips for Using Filters Filtering Tips Unique to THG-class Devices Transmit Specification Transmit Specifications Transmit Specification Dialog Box Defined Streams List Box Radio Buttons and Fields for Defining a Stream Stream Buttons Transmission Mode and Status ControlsTransmit Specification Control Buttons Stream Function Buttons Transmit Specification Control Buttons Control Button Transmit Specification FunctionRepeating Frames Surveyor Bursts Stream Mode Rate SettingStream Modes Stream Modes Transmission Mode Specifying Transmit DataPacket Editor Changing Fields Directly in the Dialog Box Packet Editor Button Editing Function Packet Size DA and SA FieldsPacket Type Data Field Using Templates Creating Templates Transmit Specification Examples Transmitting Capture Files Transmit Specification Example, Packet Gaps Transmit Specification Example, Bursts Transmit Specification Dialog Box, Bursts Hints and Tips for a Transmit Specification Surveyor Alarms Current Module Alarms Current Module Alarms Alarms Alarm Editor Alarm Editor DescriptionMqos Multi-QoS Alarms Expert Alarms Transport LayerData Link Layer, Ethernet Using Alarms with Different Devices YES Thresholds and Alarms Alarm Actions Alarm Actions Description Support by Host Type Alarm Actions Log File SettingsMail Settings Settings Pager Settings Snmp Trap Settings Trap Settings for THGs Trap Settings for Surveyor Hosts Viewing the Alarm List and the Alarm Log Hints and Tips for Alarms Alarm Examples Alarm Example, Utilization Alarm Example, MAC Errors Alarm Example, MAC Errors Alarm Example, Frame Size Alarm Example, Frame Size Alarm Example, VoIP Calls Alarm Example, Call Jitter and Call Setup Time Alarm Example, Expert and Application Response 10. Alarm Example, Expert and Application Response Surveyor Expert Features Application Response Time View Expert System ViewsGetting Started with Expert View Duplicate Network Address View Expert Features Expert Overview Details Expert Overview Detail Table Example Expert Layers Layer Description Expert Application Layer Example 10-8 Expert Symptoms and Analyses by Layer Expert Analyses Expert Symptoms, Analyses, and Network Entities SymptomsTables in the Detail Area for Symptoms Analyses Tables in the Detail Area for AnalysesEntities Entities for the Transport Layer Example Application/Session Lists for Entities Transport Lists for EntitiesNetwork Lists for Entities Data Link Lists for Entities Expert Diagnostic Messages Expert Diagnosis Example Configuring the Expert System Working with the Expert System Module Settings for the Expert System Setting Expert Alarms Exporting Expert Data Printing Expert DataWorking with Timestamps Application Response Time Working with Analyzer Devices Application Layer Excessive Mailslot BroadcastsRate of change of SMB Mailslot Broadcasts=40 FTP Login Attempts Expert SymptomLogin attempts=4 Missed Browser Announcement Time passed since last announcement=4000 ms 3000 ms NCP File Retransmission Between 00000010.0207012303E3 and 302A9950.000000000001 NCP Read/Write Overlap NCP Request Denied Requests denied within 100 ms=5 NCP Request Loop Loops on same request in 100 ms NCP Server Busy Rate of change of NCP Server Busy=5 NCP Too Many File Retransmissions File retransmission ratio is 8 / 28 = 28% NCP Too Many Requests Denied Requests denied ratio is 8 / 28 = 28% NCP Too Many Request Loops Requests loops ratio is 8 / 28 = 28% NFS Retransmissions No Http Post Response Http Post request not responded No Server Response Smtp server not responded Slow Http GET Response Slow Http GET response=3608 ms 2000 ms Slow Http Post Response Slow Http Post response=2918 ms 2000 ms Slow Server Connect Slow FTP server connect=298 ms 200 ms Slow Server Response Slow Smtp server response=1258 ms 1000 ms SMB Invalid Network Name Invalid network name in tree connect SMB Invalid Password Invalid password Session Layer No Wins ResponseWins request not responded within 1000 ms TNS Slow Server Connect Slow TNS server connect=298 ms 200 ms TNS Slow Server Response Slow TNS server response=238 ms 200 ms Transport Layer Idle Too Long Non Responsive Station Station 206.250.228.11 not responding TCP Checksum Errors SA=206.250.228.69 DA=206.250.228.11 TCP Fast Retransmission TCP Frozen Window 10-48 TCP Long Ack TCP Repeat Ack Acknowledgement number is less than the one before TCP Retransmissions TCP RST Packets TCP SYN Attack Rate of change of TCP SYN’s=150 TCP Window Exceeded CountData length of 128 bytes exceeds last window size TCP Window Probe Between 206.250.228.69/TCP/IP WKP1988 206.250.228.11/SMTP TCP Zero Window Expert Diagnosis Too Many Retransmissions Retransmission ratio is 49 / 50 = 98% Network Layer Duplicate Network AddressAddr=206.250.228.67 Hsrp Coup SA=206.250.226.11 DA=206.250.228.69 Hsrp Errors Hsrp Resign Destination Unreachable Icmp All ErrorsParameter Problem Source Quench Redirect Icmp Bad IP Header Icmp Destination Host Access Denied Cannot be reached by SA=206.250.228.11 DA=206.250.228.69 Icmp Destination Host Unknown Icmp Destination Network Access Denied Icmp Destination Network Unknown Icmp Destination Unreachable 10-69 Icmp Fragment Reassembly Time Exceeded Icmp Fragmentation Needed D/F set Icmp Host Redirect Icmp Host Redirect for TOS Icmp Host Unreachable Icmp Host Unreachable for TOS Icmp Inconsistent Subnet Mask Addr=206.250.228.69. Subnet mask=255.255.255.240 Icmp Network Redirect Icmp Network Redirect for TOS Icmp Network Unreachable Icmp Parameter Problem Icmp Port Unreachable Icmp Protocol Unreachable Icmp Redirect Icmp Required IP Option Missing Icmp Source Quench Icmp Source Route Failed Icmp Time Exceeded Icmp Time to Live Exceeded Illegal Network Source Address Addr=255.255.255.255 IP Checksum Errors IP Time to Live Expiring TTL=1 SA=206.250.228.69 and DA=206.250.228.11 ISL BPDU/CDP Packets ISL Illegal Vlan ID Vlan ID=1036 Ospf Broadcasts RIP Broadcasts Router Storm Rate of change of Router Broadcasts=5 Same Network Addresses Addr=255.23.252.6 SAP Broadcasts Total Router Broadcasts Unstable MST Rate of change of Topology=10 Zero Broadcast Address Addr=0.0.0.0 MAC Layer Bad Frames Broadcast/Multicast Storms Rate of change of Bcast/Mcast Packets=500 CRC error with more than 63 bytes CRC Frame counter Excessive ARP Rate of change of ARP Requests=20 Excessive Bootp Rate of change of Bootp/Dhcp Requests=25 Excessive Broadcasts Excessive Collisions Excessive Multicasts CRC error with less than 64 bytes Fragment Frame Illegal MAC Source Address Addr=FFFFFFFFFFFF CRC error with more than 1518 bytes Jabber Frame Network Overload Utilization=42% New MAC Stations Oversized Frame Oversized frame has more than 1518 bytes Overload Frame Rate Overload Utilization Percentage Physical Errors Rate of change of Errors=450 Runt Frame Runt frame has less than 64 bytes Same MAC Addresses Addr=00800F13A65B Total MAC Stations Hints and Tips for Expert Features Summary of Expert Counters and Symptoms Response Time Alarm editorConfiguration dialog box Summary of Expert Features Summary of Expert Features TOS ISL BPDU/CDP Surveyor TCP RST Surveyor Multi-QoS Using Multi-QoS with Analyzer Hardware Protocols Supported by Multi-QoS Multi-QoS User Interface Overview Call Summary Range Table All Calls TableChannel View Table Call Tables for a Specific Range Surveyor and Rtcp Jitter ValuesSummary Range Graphs Call Details for a Single Call Configuring Multi-QoS Multi-QoS Configuration Alarm Log Monitor Only Protocol Type Timeout ValueRefresh Options MQoS Window Management Multi-QoS Performance Optimization Call Filtering with Multi-QoS All Calls Table H323Red Phone Field Descriptions for All Calls Table All Calls Table Field Descriptions Call Jitter, Call Rtcp Jitter, Call Setup Time Call Range Graphs and Summaries Multi-QoS Configuration, Call Jitter Ranges Dropped Packets, Rtcp Dropped Packets Multi-QoS Packets Dropped Graph Example Multi-QoS Configuration, Packets Dropped Field Descriptions for Call Range Summaries Call Range Summary Field Descriptions VQMon Metrics Multi-QoS R-factor Example Multi-QoS Configuration, R-factor Ranges Ranges for R-factors Network R-factor User R-factor Utilization Graph 10. Multi-QoS Utilization Graph Example Field Descriptions for Call Details 11. Example Call Details Window H.323 Sccp Call Field Descriptions FID H.323 Call Field Descriptions Field Name Description SIP Call Field Descriptions Field Name Channel Table Details 10. Unknown Call Field Descriptions 12. Channel Table Example 11. H.323, SIP, or Unknown Channel Table Column Descriptions Multi-QoS 12. Sccp Channel Table Column Descriptions Filtering on Single Channels Call PlaybackPlayback PCMU/PCMA Data Customizing Multi-QoS Table Displays Customizing All Calls or Range Summary Tables Customizing Channel Tables 14. Multi-QoS Channel Table View Options, Sccp Example Exporting Multi-QoS Data Exporting All Multi-QoS Data to CSV FormatChoose Export Multi-QoS Data... from the File menu Exporting a Single Multi-QoS Table to CSV Format 11-34 Packet Counters MAC Layer Counter TypesCounter Type Description Error Counters Custom Counters Counters Last frame received Expert Counters Network Unknown, Destination Host Unknown, Destination Net Overload Utilization Percent Surveyor Multi-QoS Counters Counter Log File Overview Log Directory Structure Utilities Name Table Utility Utilities Building a Name Table From the Network NIS-to-Name Table Conversion Utility NIS2NAM output-name-table Get Version Information Utility Sniffer Translator UtilityInternet Advisor Translator Utility Sniffer Translator Utility, Tool Menu Options Convert Capture Files to Histogram Files Merge Histogram FilesFrom the Tools menu, choose Merge Histogram Files Export Utilities Extract Frames From a File Using a FilterLogging Utilities Exporting Packets Exporting Tables to CSV Format or Graphs to a Bitmap Exporting to Optimal CSV Format Exporting Counter Log Files to Excel Choose Export to Optimal Performance from the File menu 13-11 13-12 Table A-1. Buffer Types Used By Surveyor BuffersHow Resources Use Buffers Buffer Type Description Table A-2. Resource Use of Buffers Resource Buffer Usage Hardware Dependencies Table A-3. Hardware Real-Time FunctionsTable A-4. Hardware Transmit Functions Table A-5. Hardware Capture Functions Table A-6. Hardware Connectivity Capture Rate / Transmit Speed About Ndis ModeCaptured Packets Counters Ndis Configuration Options Setting the InterfaceSet Capture Buffer and Packet Slicing Size Pre-Defined Filter Templates Filter Templates HEX Fffffffffff ARPMacdabroadcast Macdamulticast Igmp EigrpIcmp DEC RIP IPX RsvpSAP IPX Http DNS TCPFTP Imap TCP SccpSmtp Telnet Mgcp UDP DhcpDNS UDP NB-DATAGRAM SIP NTPRIP UDP Snmp HEX F0F0 DsapHEX HEX E0E0 Nmpi Snaparp SnapHEX AAAA03 Snapcdp Isleigrp IslarpIsldns TCP Islftp HEX 01005EFFFFFF IslldapHEX Ffffffffffff Islmgcp TCP Isltcp IslsmtpIslssp Isltelnet HEX 0C HEX 0DHEX 0B HEX 2A HEX 0EHEX 0F Nonmac Keyboard Shortcuts Function Keys Standard and Navigational Keys Keyboard Shortcuts Surveyor Parser Name Protocol Recognized Parser NamesTable D-1. Parser Names, DLC Suite Table D-2. Parser Names, Applications and Others Table D-3. Parser Names, Apple Talk Suite Parser Name Protocol NameTable D-4. Parser Names, Banyan Suite Table D-5. Parser Names, Cisco Suite Protocol Name Table D-6. Parser Names, DECnet Suite Protocol NameTable D-7. Parser Names, Fujitsu Suite Protocol Name Table D-8. Parser Names, IBM Suite Table D-9. Parser Names, Internet Suite Table D-9. Parser Names, Internet Suite Protocol Name Table D-10. Parser Names, Internet Next Generation Suite Table D-11. Parser Names, Netware Suite Table D-12. Parser Names, PPP Suite Protocol Name Table D-13. Parser Names, XNS Suite Protocol Name Table D-14. Parser Names, H.323 Suite Table D-15. Parser Names, ITU Codecs Table D-17. Parser Names, Other Multimedia Protocol Name Table D-18. Parser Names, Intel Suite Protocol NameTable D-19. Parser Names, VPN Suite Protocol Name Surveyor Glossary Alarm Browser Avvid Capture Mode Dram Expert View Log Files Ndis NIS Pause Sccp Token Error Transmit Specification WKP Index Index-2 Index Index-4 Index-5 Index-6 Index-7 Index-8 Index-9 Index-10 Index-11 Index-12 Index-13 Index-14