Wednesday, January 13, 2010

Microsoft Annotated netmon traces for common activity

I was digging through my MS blog subscriptions and found a nice post from the Netmon team about the availability of annotated netmon captures for various Microsoft protocols (link to downloads). I would like to say thank you to all involved in collecting this type of information for everyone. I have done some captures of my own in a Vmware lab before for certain OS activities, and I know what a pain it can be to try to get a clean capture of a specific operation. This kind of information is quite useful for looking at low level operations. It helps to see what is normal and abnormal when you don't necessarily know what normal should look like.

This is a great time again, thanks.

No comments:

Post a Comment