|
[Version 7.0]
[Version 6.5]
[Version 6.0]
[Version 5.0]
Q: When was LANWatch 7.0, the current version, released?
Q: When did Sandstorm purchase LANWatch from Precision Guesswork?
Q: Which operating systems can I run LANWatch on?
Q: What are the minimum system requirements for running LANWatch?
Q: How do I know if my network interface card supports promiscuous mode?
Q: What are some uses of LANWatch?
Q: Where can I find out more information on the protocols that LANWatch
displays?
Q: Can LANWatch parse Appletalk, IPX, SPX, SNA, and SMB?
Q: Can LANWatch monitor serial line traffic?
Q: I've entered many IP/Hostname combinations on the Options tab. Why do all of the hosts still come up by IP number only, and never display the hostname I have set for it?
Q: Why won't LANWatch let me modify my filter?
Q: I'm having trouble running the command line applications LWTSPLIT, PRNDMP32, DRED32, or TANA32 shipped by Precision Guesswork which I received before October, 2000. What can I do?
Q: I have a Windows 98 laptop with an IR port and I'm having trouble running LANWatch32. Can you help me?
Q: When I set an 802.2
Novell filter with the Filter Wizard, why are no packets displayed?
Q: When I set any 802.2 filter
with the Filter Wizard, why are no packets displayed?
Q: When I start LANWatch32 on Windows 2000, I'm getting an error stating that it can't open DRVLW and no packets are displayed. How do I fix this?
Q: Why am I seeing only broadcasts on my network, even though I know my ethernet card/driver supports promiscuous mode?
Q: I just upgraded my operating system to Windows 2000 or XP. What can I do to get LANWatch version 5.0 to install and run properly?
Q: I have a Windows 98 laptop with an IR port and I'm having trouble running LANWatch32. Can you help me?
Q: Why am I seeing only broadcasts on my network, even though I know my ethernet card/driver supports promiscuous mode?
Q: When was LANWatch 7.0 released?
LANWatch 7.0 was released on June 10, 2005 by Sandstorm Enterprises.
Back to top
Q: When did Sandstorm Enterprises purchase LANWatch from Precision Guesswork?
Sandstorm purchased LANWatch from Precision Guesswork
in December, 2001. LANWatch is a low priced network packet monitor
that complements Sandstorm's NetIntercept, a stream-oriented network
analyzer that performs stream reassembly, content recognition and
analysis. Some of the people responsible for the original development
of LANWatch are presently at Sandstorm. This in-house expertise and
background knowledge help in maintaining and enhancing LANWatch.
Back to top
Q: Which operating systems can I run LANWatch on?
LANWatch version 6.5 runs on Windows 95, 98, Me, 2000, NT and XP.
Back to top
Q: What are the minimum system requirements for running LANWatch?
System requirements include a minimum of 3.5 MB hard disk space, 16MB RAM, and an NDIS network interface/driver that allows promiscuous mode.
Back to top
Q: How do I know if my network interface card supports promiscuous mode?
Promiscuous (or Match All) mode is a required part of Microsoft's NDIS
3.0 specification. Both built-in network interfaces and add-on
(PCMCIA, ISA and PCI-bus) network interfaces usually support
promiscuous mode. If you have equipment whose manufacturer chose to
disable or omit this functionality, either in the drivers, or in the
hardware itself, you will have to either request an upgrade from the
manufacturer, or obtain a different LAN interface. Two ethernet
adapters that do not support promiscuous mode are the 3Com 3c574 and
3c575 PCMCIA cards. Occasionally hardware that does not support this
mode can be found in Token Ring systems: two vendors who have produced
Token Ring cards that cannot enable this mode are 3Com and IBM.
Please contact your vendor, especially if you are
installing LANWatch on a token ring system, if you are not sure if
the interface you have supports promiscuous mode.
Back to top
Q: What are some uses of LANWatch?
LANWatch is a packet-oriented network protocol analyzer. It will
capture either raw or filtered data, and display the contents of the
captured packets symbolically and in Hex/ASCII. It can be used to
diagnose LAN configuration problems, identify performance issues, and
develop and debug network software and applications from the MAC layer
to the Session layer. It can also detect network anomalies, and
perform forensic examination of captured network traffic.
Back to top
Q: Where can I find out more information on the protocols that LANWatch
displays?
A useful dictionary of various networking terms can be found at this Cisco Systems web page. Internet RFCs are
documents that specify the details of the IP protocol suite, and the
book Internetworking With TCP/IP by Douglas Comer (ISBN
0-13-216987-8) is a good introductory text. Typically, it is much
more difficult to get information about vendor-proprietary protocols -
an Internet search will often give you some starting points.
Back to top
Q: Can LANWatch parse Appletalk, IPX, SPX, SNA, and SMB?
LANWatch will filter on and parse Appletalk, IPX, SPX, SNA, and SMB,
and a number of other vendor-specific protocols. Because these
protocols are proprietary and some details are viewed as trade secrets
by their developers, their parsers may not be as complete or
up-to-date as those for the Internet Protocol suite.
Back to top
Q: Can LANWatch monitor serial line traffic?
LANWatch can monitor serial line traffic to and from the
computer running LANWatch on Windows 95 and Windows 98. Through
version 6.5, LANWatch does not support serial line monitoring on
Windows NT/Me/2K/XP.
LANWatch for DOS will let you monitor serial line traffic to and from
another computer, see the LANWatch for DOS FAQ for
more information on how to accomplish this.
Back to top
Q: I've entered many IP/Hostname combinations on the Options tab. Why do all of the hosts still come up by IP number only, and never display the hostname I have set for it?
To get the hostnames to appear, open the Options -> Display menu, and under "Display Names:" check the "IP/Hostname" box.
Back to top
Q: Why won't LANWatch let me modify my filter?
If you have created a filter using the Filter Wizard you must edit it using the Filter Wizard. If you have created a filter using the No Wizard button, you must edit it using the No Wizard button. LANWatch will not allow you to create in one mode and edit in another.
Back to top
Q: I'm having trouble running the command line applications LWTSPLIT, PRNDMP32, DRED32, or TANA32 shipped by Precision Guesswork which I received before October, 2000. What can I do?
The command line applications LWTSPLIT, PRNDMP32, DRED32, and TANA32 shipped
by Precision Guesswork before October, 2000 could cause an access violation
under Windows 98, NT and 2000.
This problem was solved by Precision Guesswork's 6.0.1 release, but
existing copies of LANWatch32 6.0 can be corrected by downloading
replacement command line executables in this ZIP archive .
Back to top
Q: I have a Windows 98 laptop with an IR port and I'm having trouble running LANWatch32. Can you help me?
The solution to this problem is to disable the Ethernet Device that is
attached to the IR port. DO NOT REMOVE this device as Windows 98 will
simply reinstall it.
To disable this device, do the following:
1) Open System Properties
2) Select Device Manager
3) Select the + sign next to Network Adapters
4) Double click on Infrared Ethernet Adapter (or something like that)
5) Put a check in the box titled Disable in This Hardware Profile
6) Select OK until you exit the Device Manager and reboot your PC
90% of the time this fixes this problem under Windows 98. If this does not work,
please contact technical support by email at support@sandstorm.net,
or by phone at 781-333-3200.
Back to top
Q: When I set an 802.2 Novell filter with the Filter Wizard,
why are no packets displayed?
You may have a type of Novell that uses 802.3 Ethernet without the
standard 802.2 Headers. We have a special Novellraw filter for this,
which is not available through the Wizard. To set up this type of
filter, use the NO WIZARD button at the bottom left of the first
Filter Wizard page. In the filter specification box, enter 802.2
novellraw.
Back to top
Q: When I set any 802.2 filter with the Filter Wizard,
why are no packets displayed?
There is a bug in the Wizard that prevents it from correctly setting
this type of filter. Select the NO WIZARD button at the bottom left
of the first Filter Wizard page. Enter your filter by hand in the
filter specification box.
If you have any trouble with this procedure, please contact technical
support by email at support@sandstorm.net or by phone at
781-333-3200.
Back to top
Q: When I start LANWatch32 on Windows 2000, I'm getting an error stating that it can't open DRVLW and no packets are displayed. How do I fix this?
DRVLW may not have been installed properly. Open Control Panel ->
Network and Dial-Up Connections -> Local Area Connection Properties
If the DRVLW driver isn't listed, log in with Administrator privileges
and re-install LANWatch32, carefully following the instructions it gives
regarding DRVLW.
If DRVLW is installed, ensure that the account you are using has
enough privilege to access it (usually Administrator is required).
Back to top
Q: I just upgraded my operating system to Windows 2000 or XP. What can
I do to get LANWatch version 5.0 to install and run properly?
LANWatch version 5.0 cannot be installed on Windows 2000 or XP. You can
purchase an upgrade to version 6.5, which does work on those two operating
systems, via our quotes page.
Back to top
Q: Why am I seeing only broadcasts on my network, even though I know my ethernet card/driver supports promiscuous mode?
You have probably attached LANWatch to an Ethernet switch, rather than a hub.
Switches are set up to segragate data so that a given port will only
see packets destined to the ethernet card attached to it. The solution
to this problem is that the switch should have a monitor port or the
ability to configure a port as a monitor port. Plug the machine running
LANWatch into this port and you should be able to see all of the traffic
on your network.
| 
Sandstorm Home
Products
Support
