Aleksandar's computer workshop

Let's see what Aleksandar was fixing today.
My findings, tips & tricks related to computers, internet, programming and other stuff I was working with.

How to debug HTTP requests when developing and testing Web applications and clients

Have you ever found yourself wondering how browser interacts with your Web application? Have you encountered a strange performance bottleneck that you can't track down? Are you curious about which cookies are being sent, or what downloaded content is marked as cacheable?

In Web and Internet development you are unable to see directly what is being sent and received between your web browser / client and the server. Without this visibility it is difficult and time-consuming to determine exactly where the fault is.

Don’t give up, there are some applications to help you out.

On developers computer (client side) you will go for HTTP proxy like Fiddler or Charles.
For server debugging (in most situations) you can't use proxy. In that case you have to use network packet sniffer or network protocol analyzer like Wireshark (used to be known as Ethereal)

About Fiddler

Fiddler is a Web Debugging Proxy which logs all HTTP(S) traffic between your computer and the Internet. Fiddler allows you to inspect all HTTP(S) traffic, set breakpoints, and "fiddle" with incoming or outgoing data. Fiddler includes a powerful event-based scripting subsystem, can be extended using any .NET language and has ready powerful extensions.

Fiddler is freeware and can debug traffic from virtually any internet application, including Internet Explorer, Mozilla Firefox, Opera, and thousands more.

It will run only on Windows.

http://www.fiddler2.com/




About Charles

Charles is a web proxy (HTTP Proxy / HTTP Monitor) that runs on your own computer. Your web browser is then configured to access the Internet through Charles, and Charles is then able to record and display for you all of the data that is sent and received.

Charles makes debugging quick, reliable and advanced; saving you time and frustration!

Key Features

  • SSL Proxying – view SSL requests and responses in plain text
  • Bandwidth Throttling to simulate slower Internet connections including latency
  • AJAX debugging – view XML and JSON requests and responses as a tree or as text
  • AMF – view the contents of Flash Remoting / Flex Remoting messages as a tree
  • Repeat requests to test back-end changes
  • Edit requests to test different inputs
  • Breakpoints to intercept and edit requests or responses
  • Validate recorded HTML, CSS and RSS/atom responses using the W3C validator

It is shareware, and you may try Charles for 30 days.

It will run on Windows, Mac OS X and Linux/Unix.

http://www.charlesproxy.com/


About Wireshark

Wireshark is the world's foremost network protocol analyzer, and is the de facto (and often de jure) standard across many industries and educational institutions.
Network professionals, security experts, developers, and educators around the world use it regularly.
It is freely available as open source, and is released under the GNU General Public License version 2.
It is developed and maintained by a global team of protocol experts, and it is an example of a disruptive technology.
Wireshark used to be known as Ethereal. If you're still using Ethereal, it is strongly recommended that you upgrade to Wireshark.
Wireshark development thrives thanks to the contributions of networking experts across the globe. It is the continuation of a project that started in 1998.

Wireshark has a rich feature set which includes the following:

  • Deep inspection of hundreds of protocols, with more being added all the time
  • Live capture and offline analysis
  • Standard three-pane packet browser
  • Multi-platform: Runs on Windows, Linux, OS X, Solaris, FreeBSD, NetBSD, and many others
  • Captured network data can be browsed via a GUI, or via the TTY-mode TShark utility
  • The most powerful display filters in the industry
  • Rich VoIP analysis
  • Read/write many different capture file formats: tcpdump (libpcap), Pcap NG, Catapult DCT2000, Cisco Secure IDS iplog, Microsoft Network Monitor, Network General Sniffer® (compressed and uncompressed), Sniffer® Pro, and NetXray®, Network Instruments Observer, NetScreen snoop, Novell LANalyzer, RADCOM WAN/LAN Analyzer, Shomiti/Finisar Surveyor, Tektronix K12xx, Visual Networks Visual UpTime, WildPackets EtherPeek/TokenPeek/AiroPeek, and many others
  • Capture files compressed with gzip can be decompressed on the fly
  • Live data can be read from Ethernet, IEEE 802.11, PPP/HDLC, ATM, Bluetooth, USB, Token Ring, Frame Relay, FDDI, and others (depending on your platfrom)
  • Decryption support for many protocols, including IPsec, ISAKMP, Kerberos, SNMPv3, SSL/TLS, WEP, and WPA/WPA2
  • Coloring rules can be applied to the packet list for quick, intuitive analysis
  • Output can be exported to XML, PostScript®, CSV, or plain text  

It runs on Windows, OS X, Linux and UNIX

http://www.wireshark.org/

 

 

 

NetStumbler under Vista?

You don't have Netstubler with you or it does not run on your Vista notebook?
For quick and dirty situations you can do bit of war driving with Vista, too!

Go to a command prompt, type
netsh wlan show networks mode=bssid
You will get all available networks with enough details mostly not available in Vista GUI.

It looks like this:

Other alternatives are:

Vistumbler
URL: http://www.techidiots.net/project-pages/vistumbler
Vistumbler is a netstumbler like program for Vista (or later...maybe).

Features
* Find Wireless access points - Uses the Vista command 'netsh wlan show networks mode=bssid' to get wireless information
* GPS Support
* Export/Import access points from txt file
* Export access point GPS locations to a Google Earth KML file
* Open Source ( AutoIt Scripting Language - http://www.autoitscript.com )
* Change column order, column title, and column width in the 'vistumbler_settings.ini' file
* Change search terms in the 'vistumbler_settings.ini' file. This means Vistumbler should be able to work with other languages. Change searchwords to what they are in the another language, Search terms can be found by running 'netsh wlan show networks mode=bssid' in a command prompt

Inssider
URL: http://www.metageek.net/products/inssider
Inssider is a Wi-Fi network scanner for Windows Vista and Windows XP. Although NetStumbler, the most popular Wi-Fi network scanner, is free, it hasn't been actively developed for years. We heard complaints that NetStumbler doesn't with Windows Vista and 64-bit Windows XP, so we decided to build an open-source Wi-Fi network scanner designed for the current generation of Windows operating system.

Features
* Works with internal Wi-Fi radio
* Wi-Fi network information (SSID, MAC, data rate, signal strength, security, etc)
* Graph signal strength over time
* Open source (Apache License, Version 2.0)

Using NSLOOKUP for DNS Server diagnosis

Nslookup.exe is a command-line administrative tool for testing and troubleshooting DNS servers (also known as name servers).

To use Nslookup.exe, please note the following: 

  • The TCP/IP protocol must be installed on the computer running Nslookup.exe 
  • At least one DNS server must be specified when you run the IPCONFIG /ALL command from a command prompt.
  • Nslookup will always devolve the name from the current context. If you fail to fully qualify a name query (that is, use trailing dot), the query will be appended to the current context. For example, the current DNS settings are att.com and a query is performed on www.microsoft.com; the first query will go out as www.microsoft.com.att.com because of the query being unqualified. This behavior may be inconsistent with other vendor's versions of Nslookup, and this article is presented to clarify the behavior of Microsoft Windows NT Nslookup.exe 
  • If you have implemented the use of the search list in the Domain Suffix Search Order defined on the DNS tab of the Microsoft TCP/IP Properties page, devolution will not occur. The query will be appended to the domain suffixes specified in the list. To avoid using the search list, always use a Fully Qualified Domain Name (that is, add the trailing dot to the name).


Nslookup.exe can be run in two modes: interactive and noninteractive. Noninteractive mode is useful when only a single piece of data needs to be returned. The syntax for noninteractive mode is:

nslookup [-option] [hostname] [server]

For example to check all MX records (email servers) for GSMBLOG.COM domain you have to type this:

nslookup -type=mx gsmblog.com

 and it will return something like this:

Server:  speedtouch.lan
Address:  192.168.0.254

Non-authoritative answer:
gsmblog.com     MX preference = 10, mail exchanger = mail.gsmblog.com

mail.gsmblog.com        internet address = 194.30.175.198

Or to validate the SPF (TXT) record you can use this command:

nslookup -type=txt gsmblog.com

it will return this:

Server:  speedtouch.lan
Address:  192.168.0.254

Non-authoritative answer:
gsmblog.com     text =

        "v=spf1 ip4:194.30.175.0/24 a mx -all"

More details:

http://support.microsoft.com/kb/200525

http://www.windowsnetworking.com/articles_tutorials/Using-NSLOOKUP-DNS-Server-diagnosis.html