Free tools for analyzing client-server communication issues

saas

we have some issues with a client-server based application and we would like to better understand client-server communication without going to the software company that sold the application. At least we would like to perform the analysis in parallel.

Can you suggest to me a dummy proof application that we can easily get and install to analyze client-server traffic?

Many thanks!


Presumably your "client-server communications" occur over a network, so a network snffer, like Wireshark, is probably a good start. Hopefully the particular protocol that your application is using is one that Wireshark can decode. If not, then you'll need to save the captured traffic and analyze it with a tool that can decode the protocols in the stack, preferrably up to layer 7. (If any of the protocol stack along the way is proprietary you're probably in trouble for anything other than traffic analysis.)

If your protocol is HTTP(S) based, Fiddler might also be up your alley, though it's very easy to encapsulate an ugly, proprietary protocol inside HTTP(S) such that it's as incomprehensible as a binary protocol (Sage "ACT!" HTTP-based replication, I'm talking to you).

It's difficult to respond to your "dummy proof" request. To use a tool like Wireshark effectively (especially some of the nice advanced features like following TCP streams or detecting anomalies) you really need to have an understand of the protocol layer stack and what's going on. Until computers can get to the point of being "intelligent" there's no good software substitute for human knowledge.

Edit:

I've done some analysis for Customers who were experiencing "slowness" issues with opaque, proprietary layer 7 protocols (hello, Bentley "AutoPlant", I'm talking to you) and I can say that there's some good value in even simple traffic analysis (who talks to who when, and how much). The insinuation was that "the network" was being a bottleneck, so a little sniffing of the traffic in combination with running a "Process Monitor" trace on a client PC produced some nice graphs that showed comparisons of client CPU load, server CPU load, network I/O, and back-end SAN I/O. In the end, this was all just traffic analysis of a sort, but it helped identify a nasty "looping" bug in the client software that had nothing to do with "the network".

As another example, there was a question on here yesterday about slow logons with roaming user profiles where the caching behaviour of roaming user profiles Windows XP came into question. Not having access to the Windows source code (as I so often don't), I opted to perform traffic analysis to determine what the caching behaviour was. The client/server protocol, SMB, isn't opqaue, but I treated it as such since what I was really looking for was a data transferred metric.

How deep down the rabbit-hole you go just depends on what you're looking for.

Related

Changing startup parameters for MySQL
Authenticating Windows 7 against MIT Kerberos 5
How to properly backup mediawiki database (mysql) without messing up the data?
Amazon EC2 tools for Debian?
Warning for "Reallocated Event Count" S.M.A.R.T. attribute with a new/unused drive. How serious is that?
SSL setup: UCC or wildcard certificates?
Does Cloud Computing COST a premium? (or is it competitive with shared/managed/co-location)
--prefix to /usr/local or /opt?
Understanding that $A = \{x\in \ell_2: |x_n| \leq \frac{1}{n}, n = 1,2,...\}$ is compact in $l_2$.
Quaternions as a counterexample to the Gelfand–Mazur theorem
Are there two different ways to generalize the orthogonal group?
Show by contradiction that $a^n\to 0$