Sunday, April 22, 2007

Free Network Utility Nuggets

I'm not part of our elite network operations group. They live in a castle in a magical land far, far away from us common IT support folk.

I suspect that were I to travel there, I would find it was actually Mordor.

Every time a site calls me about a router issue, I usually find that their all-seeing-eye has spotted it, alarms have already rang, and the Mordor faithful are already marshalling a response.

I do get the chance to use some networking tools for the hobbit-like humble tasks appointed to us who cover desktop and local network support duties. They can be dead-helpful for desktop troubleshooting and might be worth keeping handy on a USB stick...just in case...as almost all of these can be made to run "portable."

I like to think of these as Bilbo and Frodo's Sting, in answer to those who dwell in Mordor.

CCSchmidt.de

Found these networking tool bits last week via a post at TinyApps.org. All are good tools for checking out connectivity issues either for your pc or even connectivity issues with/to a remote target.

The German software site CCSchmidt.de is offering a set of network tools that might be of benefit to networking geeks.

There are some $/shareware tools that look quite nice, as well as a number of free tools.

Many require the additional freeware tool Regression Analysis Graph by Marius Ebel to function:

  • Interface Traffic Indicator (freeware) - measure incoming and outgoing traffic on various network devices. Alarms may be set.
  • Performance Pinging (freeware) - test network connectivity, response and performance. Lets you save data in a txt file. Nice realtime graphing.
  • MultiPing Grapher (freeware) - graph up to 10 different ICMP results.

Network Sniffers:

  • PacketMon (freeware) - AnalogX IP packet capture tool. Supports export of data and filtering.
  • SmartSniff (freeware) - NirSoft packet sniffer. Raw Sockets (natively) and IP capture if WinPCap is installed on the host.
  • EtherSnoop Light (freeware) - ArechiSoft network sniffer with filtering support
  • Portable Ethereal (freeware) - Grab this via its mirror on the Portable Freeware page. The original location has gone 404. I've been quite successful running this older version off USB and CD media. It may not have all the bells and whistles of the newer Wireshark build, but it does the job in a pinch. AND it doesn't require WinPCap to be installed on the pc you wish to run it on. Nice.

Network IP and Port Scanners:

  • Advanced IP Scanner 1.5 (freeware) - Famatech's nice tool to scan a range of IP address on your network. Get information about the workstations or networked items found. Easy to use interface.
  • Advanced Port Scanner 1.3 (freeware) - Famatech's tool to run a network IP range scan, then check the results in detail to find which ports are open on those located systems. You can export the list for auditing purposes.
  • Advanced LAN Scanner 1.0 Beta 1 (freeware) - Famatech's nice little local area network scanner that can provide a wealth of information when you are tracking down network elements.
  • CurrPorts (freeware) - NirSoft's application lets you see which communication ports are open on your computer and provides great information about that connection. It also lets you terminate any connection and automatically highlights suspicious connections.
  • VStat (freeware) - Robin Keir's beautifully simple tool to display which applications have open network connections and how/who they are talking to. Nice malware service hunting tool.
  • SoftPerfect Network Scanner (freeware) - Great GUI tool to scan for computers on a network find which ports are open/listening on the targets, and what resources are shared.
  • Vison (freeware) - Foundstone's forensic network tool that allows you to identify open TCP/UDP ports, which services are active on those ports, and then maps the ports to the application controlling them. Great for hunting malware connections on an infected machine.
  • SuperScan 4 (freeware) - Foundstone's nice network scanning tool.
  • HoverIP (freeware) - Hoverdesk utility that supports IP network adapter configuration, NSLookup, Ping, TraceRoute, and port scanning. Lots of useful tools in one package.
  • Tcpvcon, TCPView (freeware) - Microsoft Sysinternals tool to show all the TCP/UDP endpoints on your system and which process is responsible for the communication. Supports termination of those connections and resolution of IP addresses into domain name formats.

Network Info Getters

  • IPNetInfo (freeware) - NirSoft application to find out information on an IP address owner.
  • Trout (freeware) - Foundstone's brilliant traceroute/Whois application. It also supports active pinging instead of a limited run ping test. Great for extended monitoring to a remote connection.
  • VisualRoute Lite Edition (freeware) - Visualware's utility to see how your network packet travels, and any problems it might be encountering along the way.
  • AdapterWatch (freeware) - NirSoft's clever tool that provides useful information about your network adapter.
  • NetAlyzer (freeware) - Utility from the makers of SpyBot Search and Destroy. It gather's information on domain owners and traces network routes to target servers.
  • The Dude (freeware) - MikroTik's incredible network mapping tool to monitor and layout a graphical map of your network. This is a free utility and great for auditing/documenting a local area network.
  • Steel Inventory (freeware) - Steel Sonic's tool that allows administrators to scan for computers on a network, and then inventory the installed applications and configurations of those workstations. Great for change management and pc auditing.
  • ZNetWatch (freeware) - Wonder who is causing the bandwidth spike on a network? Someone downloading YouTube content or listing to streaming media? Or maybe a trojan/virus is spewing forth filthy traffic...but which one? Try ZBobB's ZNetWatch utility to monitor network traffic hogs. Neato!

I think I have one or two additional utilities on my work system I can't remember from home. I'll update when I figure out which others I've left off.

Home Network Management Tips

Scott Hanselman posted about his recent home broadband service upgrade to optical.

In his post he shared four great tips which I am summarizing below:

  1. On-line broadband service data may not match actual service provision. Always call a vendor and ask for confirmation that service is/is-not available for your location.
  2. Plan out your network layout before the service installer arrives. Have backup plans, if they can't meet your "best-case" installation desires.
  3. Make hard-copy printouts of all your network devices and their MAC addresses. Makes router re-configurations easier.
  4. Make a visual home network map (for posterity or spouses) just in case something happens and someone else has to sort your genius network design out.

It's all good!

--Claus

4 comments:

H. Carvey said...

Claus,

Thanks for this list. As a professional incident responder, things like this are important when providing accessibility to other first responders.

Harlan
http://windowsir.blogspot.com
Author: "Windows Forensic Analysis"

Claus said...

Hi Harlan!

You are quite welcome!

I don't use ALL of these tools ALL of the time, but when I need a particular, measured response, to a situation, it's great to have a toolbox full of wrenches to pull out.

Besides being freeware (and many are USB portable), they are all a lot less intimidating for most non-network certified technicians to approach and use. Tools for field technicians.

I hope to post a "real-life" response tutorial regarding a nasty malware infection that was bugging our workstations in the near future. By using a few network and process tools I quickly identified who the baddies were, what they were doing, and where I needed to go from there.

Thanks for the link to the blog. Looks wicked-great! I'm adding it to my feeds and will give your book a look as well!

--Cheers!

Anonymous said...

Hi Claus,

just one little correction. It is not so that some of the networking tools on the CCSchmidt website require the Regression Analysis Graph by Marius Ebel to function. There are some tools which use this graph component.

Best regards
Carsten Schmidt

Claus said...

Hi Carsten,

Thank you for providing the clarification!

These are wonderful tools you have developed, and it is very generous of you to offer them to the community!

Thanks for stopping in!
--Claus