LAN analysis

A LAN analysis or network analysis is the examination of the data traffic that is sent or received in the local area network between the participating computers .

LAN analysis as a term encompasses all processes for examining the data that are sent or received via the media of a local data network . This is less about spying on private data than about technical monitoring or the diagnosis of technical errors that impair the availability and / or security of data and services. Because of the considerable effort and the considerable need for specialist knowledge, LAN analysis is only carried out reactively (in the event of damage) and rarely only proactively (for prevention).

Tools

Classic LAN analyzers examine the data traffic in real time while there is contact with the transmission medium; Well-known products include: Sniffer (Network General), EtherPeek (WildPackets), Observer (Networks Instruments) or Wireshark (Open Source / GPL). More recent developments are aimed at offline analysis of the recorded measurement data, for example: TraceMagic (Synapse Networks). The term “ sniffer ” now stands for the entire class of LAN analyzer.

Purpose / perspective

The need to keep the availability of data and services at 100% at all times leads to ever greater effort to either counter errors immediately after they occur or to make the occurrence of errors practically impossible by taking preventive measures. How far this ideal could ever be achieved is just as uncertain as the answer to the question of what effort may seem appropriate or justified for the goal.

From a technical point of view, it may seem sensible to carry out more than too little analysis (i.e. control) (in order not to get the "buck" later in the event of damage). From a commercial point of view, however, the increased costs speak against it - living with the risk of long-term disruptions or even total failure.

Data security vs. Data confidentiality

Finally, data security concerns are also affected: In order to counter attacks with viruses, Trojans, etc., continuous analysis / monitoring of the data network is mandatory. On the other hand, data confidentiality according to the Data Protection Act as well as the Works Constitution and Works Co-Determination Act must also be observed; For example, no secret automated performance control of employees may be operated, and the measurement data may not be stored for an indefinite period for an indefinite purpose. To do justice to all concerns and to carry out “LAN analysis” to a moderate and effective extent is usually possible, but difficult in individual cases.

Shady apps

The boundaries between tools for LAN analysis (on the one hand) and hacking tools (on the other hand) are fluid. In this gray area there is software that can be evaluated differently depending on the perspective.

In the broadest sense, the term network analysis also includes the targeted spying on data and user behavior. The secret services of this world are very interested in scanning their citizens' e-mails online and in real time. Here, too, the lines between legality and illegality are very blurred.

Serious LAN analysis tools can very well be misused for these purposes.

See also

• Wireshark
• WLAN sniffer
• Network analysis (computer science)

literature

• Aurand, Andreas: LAN-Sicherheit (2004), dPunkt-Verlag, 524 pages, ISBN 3-89864-297-6 .
• Interest-Verlag, loose-leaf collection: Operation, analysis and troubleshooting of WLANs , ISBN 3-8245-1451-6 .
• Interest-Verlag, loose-leaf collection: LAN analysis and troubleshooting , ISBN 3-8245-1450-8 .
• Walther, Frank: Networker's Guide (2000, 2003), Munich: Markt + Technik, 702 pages, ISBN 3-8272-6502-9 .

Web links

• http://www.lanpedia.de/LAN-WAN-Analysis/htm/ger/_0/LAN-Analyse.htm LANpedia: LAN / WAN analysis