Favorite Networking Tools

BobSutan

BobSutan

[H]F Junkie
Joined
Apr 5, 2000
Messages
12,121
This is just a quick survey of the kinds of tools you guys use on the job. For example, some of the tools I'm curious about are:

- SSH Client (i.e. Putty)
- TFTP Server (i.e. Pumpkin)
- Syslog (i.e. Kiwi Syslog server)
- Network heartbeat monitor (i.e. What's Up? Gold)
- Log parser (no xp with these to date, but willing to learn)

Any other kinds of tools you guys can think of that you use on the job?


**Edit**
In an effort to help those that come along after us, please segment your posts into two categories such as: "Free" and "Not Free". If a tool is shareware or limited by a trial period, please make a note of it so as not to catch people by surprise.
 
Putty (Live and Die by this)

That is about the only tool I use through out my day as I only really work on routers and switches. There are a host of other network monitoring suites I use like Solarwinds engineers edition, devices from InterNAP, etc.... but mainly putty.
 
I use solarwinds tftp server for all our router and switch backups, its great.
 
3COMs Network Supervisor is a pretty good tool for getting a picture of new/strange networks you're taking over.
 
Here is a list of tools that I use just about every day:
Dameware Utilities
SolarWinds TFTP Server
xFinger v1.0 (http://www.gurgensvbstuff.com/index.php?ID=16)
Softperfect Network Scanner (http://www.softperfect.com/products/networkscanner/)
Angry IP Scanner
PsExec (http://www.sysinternals.com/Utilities/PsExec.html)
VMware Workstation 5.0
Quest Recovery Manager for Active Directory http://wm.quest.com/products/recoverymanagerad/
MRTG
Putty
Kiwi SyslogD
Deep Metrix IP Monitor v6
Quota File Sentinel (http://www.ntpsoftware.com)
Ghost 8 Enterprise
Hiren's BootCD 7.3 (http://thanki.tk)
Bricks Bandwidth Tester
Crimson Editor
EtherReal
NTsyslog (http://sourceforge.net/projects/ntsyslog/)
 
Sniffers (not free) - Fluke Networks Protocol Analyzer, Sniffer Pro

Sniffers (free) - Packatyzer, Ethereal

TFTP - SolarWinds (i've used about 10 different TFTP applications, and most of them will fail to certain cisco routers, solarwinds has never failed me) although i use the old Fore Networks TFTP app quite a bit too, sooo old ;)

LANGuard Network Scanner - for quick scans on a pc to see what it is
Putty
Nortel Optivity Switch Manager (now known as Enterprise Switch Manager)
Nortel java Device Manager
HP Open View
Fluke Networks Console, Reporter, etc
Solarwinds suite, mib browser / little tools
 
Damn this is a good thread. I don't need to add anything that's already been listed but you guys have some great stuff up here, including stuff that I didn't know about. :cool:
 
PuTTY
WinSCP

SmartCode VNC Manager (this thing rocks, $$ license but its great for SA/NA's)

Emco Inventory software
 
I've got Tectia's SSH client (win & linux), occasionally use Ethereal,
Cronolog for splitting up logs, and AWStats for parsing them.
Dell's OpenManage utils with some of my own scripting for system monitoring.

At home whoami.exe is some little util to tell me DNS and external IP and what not. Nice so I don't have to go into the router config or find a page to tell me my internet ip.
 
Advanced Net Tools
http://www.dreamsyssoft.com/advanced-net-tools/

Network Port Scanner can scan any IP address or range of addresses for any port or range of ports. This is a very powerful networking utility and has many advanced features including multi-threading, see the link for more information.
Share Scanner can scan an IP network for a list of servers and their shared drives shared drives.
TraceRoute tells you how many hops (routers) are between your PC and another destination. It will also show you the slowest connection point.
Ping Utility allows you to change the size of the packets, the timeout, and the number of packets to ping.
NetStats shows all of the current connections on your PC and their current state. It also shows what ports applications are listening on. You can set the refresh rate at any speed you wish.
Advanced DNS Utility shows you extended information on a given hostname or IP address. You can also lookup the mail exchange servers, or domain name servers for a specific domain. Query types available: A,ANY,NS,MX,SOA.
ARP Configuration allows you to add/remove ARP entries and view the ARP table all from a Windows GUI.
Route Configuration allows you to add/remove Routing entries and view the route trable all from a Windows GUI.
Adapter Configuration allows you to view all adapters and add remove IP addresses of individual adapters using a Windows GUI.
IP Configuration shows you all of the configuration information for all of the adapters on your system.
IP Availability allows you to see what IP addresses are available on a subnet.
Command Test, a utility for connecting to an open port and testing commands. Works like a telnet client but you can send 1 line at a time.
Whois Client where you can configure the whois server for multiple DNS name types.
With ANT you don't even need to use the main GUI interface, all menus are accessable from the system tray icon!
Plugins, allows you to create links on your ANT menu to any external application.
New feature to allow checking for updates on the web.
 
neotracePro, Cain, Putty, Telnet :D , AnalogX NetStat Live, My own concocted boot disk, Dameware Utils/Miniremote (a touch CPU hungry but EXTREMELY useful).
 
PuTTY, ethereal, nmap, Netflow Tracker, MRTG, BigBrother, RANCID (all free except for the Netflow Tracker).
 
Ethereal, MRTG, MTR, PuTTY, SecureCRT, ifconfig :p, x-win32, ethtool, smokeping
 
Awesome responses guys! Keep up the good work.

I do have a quick question though, how does Look@LAN stack up to LANGuard?
 
BobSutan said:
Awesome responses guys! Keep up the good work.

I do have a quick question though, how does Look@LAN stack up to LANGuard?
Click to expand...

In my experience LANGuard is deployed more so as a way to check up what your server has installed (or not installed), example would be security patches, what ports are open, services running, etc. Look@LAN has always been used as a monitoring tool for what your servers and network devices are doing and how they are performing (more network stats than anything else).

GFI is a great company as far as support goes. I cant speak for Look@Lan support as I have never had a reason to ping them about anything.

Is there a certain functionality you are trying to obtain or are concerned about?
 
BobSutan said:
Awesome responses guys! Keep up the good work.

I do have a quick question though, how does Look@LAN stack up to LANGuard?
Click to expand...


Just a Thought.

This would make for a great sticky. I have seen several of these threads.

Maybe edit the original post to include all the ones listed below.. In 2 sections even. A free and not free sections. Possibly with short descriptions.
 
If this gets stickied than we will need this information from my post in the "Network Monitoring Software" thread. It should help.

Solarwinds Free Windows Trial
Nagios Free, *nix Only
Big Brother Free but no Win2k3 server support
ipMonitor Free Trail but can't d/l from site as of now
Cacti Free Full Program
Servers Alive Free Trial
OpenNMS Free, *nix Only as of Now, Win Soon
HP Openview NNM Evaluation demo available
Zabbix Free, *nix only, for now
MRTG Free, but takes some time to make it work on Windows
GFI Network Server Monitor Full version free for 30 days
PRTG Free for single users and a 30 day trial with more features
 
Stickied.

In an effort to help those that come along after us, please segment your posts into two categories such as: "Free" and "Not Free". If a tool is shareware or limited by a trial period, please make a note of it so as not to catch people by surprise.

I'll let this thread roll along for a while stickied and later add it to the FAQ so we don't ever loose it.
 
BobSutan said:
Stickied.

In an effort to help those that come along after us, please segment your posts into two categories such as: "Free" and "Not Free". If a tool is shareware or limited by a trial period, please make a note of it so as not to catch people by surprise.

I'll let this thread roll along for a while stickied and later add it to the FAQ so we don't ever loose it.
Click to expand...

Thanks Bob! A lot of good stuff in here.

How about

Free
Netstumbler

and I think it's free

HP Web jetadmin Manage all those pesky HP printers.
 
Etherape is great for visually seeing whats going on with you network in realtime.
 
I had used Putty but I switched to SecureCRT as it offers tabbed terminal abilities.
Cacti
WildPackets IP Calculator
KeepPass - got tired of keeping track of all those passwords
Microsoft Visio
UltraEdit - Notepad replacement - great for long router configs and debugging perl scripts
Ethereal - For MRTG and SIP call traces
Filezilla - FTP and SFTP client
SolarWinds TFTP Server - Cisco crashed too much
Netstumbler
NMAP
Remote Desktop
Microsoft Admin Tools
TightVNC
MIB Browser - Havn't used it in a while....luckily
Firefox with reload every.... plug-in, keeps various MRTG/Cacti/netstat pages reloading so I don't have to think about it..
 
Things that others haven't posted:
Newt (nessus for windows)
tcpdump
Notepad
Convert by Josh Madison
AbsoluteTelnet
Some tools that I made :)
Some tools that one of my coworkers made :)
 
Tools I use daily at my job:

Snort/ACID (intrusion detection monitoring)
Ethereal/TCPdump (packet capturing)
nmap (port enumeration/OS detection)
Nagios (host monitoring system)

Those are sort of the big four..
Then comes things like nessus and custom tools that I wrote that I don't use as often, but are still quite useful.

Security jobs are fun.
 
Putty
TightVNC
FreeDiff - compares two files for differences
EditPlus 2 - handy editor with many features
Filezilla - FTP server for windows
Path Copy - right click a file in windows, copy the entire path of it
 
Not Free
=========================
HP Openview (mixed feelings about it)
Compaq Insight Manager (Decent, doesn't give as many false positives as Openview)
IBM Director (kill me now, this program is garbage)
Solarwinds (basically tools found for free in linux, but windowized and expensive)
LanDesk utils (they work)

Free
=========================
PuTTY (rules)
MTR (also rules, it's a traceroute that 1)actually works 2) is fast)
tethereal
tcpdump
nmap (not everything is documented :rolleyes: )
Cacti (this is the best tool I've used, I just found a way to graph individual layer 4 traffic on cisco routers through NBAR...fuckign awesome)
Any other Linux util (ntop is kinda neat)


Oh, and one more thing, I fucking hate citrix based ticketing systems....they make me want to commit murder on a massive scale, just had to get that off of my chest.
 
I do lots of vulnerability testing, testing out new PoC/PoEs on my LAN. I also try things with friends when we can be bothered.


Tools I use are a mix of programs/private applications for testing specific exploits/vulnerabilities. My main all-round program is Eeye Retina since it one of the best security scanners around, tcpdump and putty also come in handy. Don't do much network maintenance so I don't use many varied tools.
 
I got a pic of a cacti graph that I customized. This is reading NBAR stats off of a cisco 1720 hooked up to a t1 csu/dsu to the internet.

my.php
 
Deepfreeze Enterprise. (Commercial)

This is the only app that lightens my load as an Admin. Users can break workstations to there hearts content.. One reboot and its back to my pristine state. Microsoft 'restrictions' do not cut the mustard with the amount of security flaws a typical user can inadvertently encounter on a daily basis just turning a pc on...

Tectia's SSH client (Commercial)
Great for sending files to your Unix servers securely and not having to fiddle with long command lines.. Sorry Putty.

Crimson Editor (Free)
Great for writing them vbscripts to automate everything in Active Directory.

Site Scope (Commercial)
Cost effective, flexible Unix and Windows mibs/rmon/snmp network monitor. Plugins for just about everything...Has all the tools of the big boys with out the price tag.
 
UltraVNC is unbelievable for a free piece of software. http://www.uvnc.com

The super-sweet part of UltraVNC is the "SC" (SingleClick) edition. Simply put, you NAT an address and expose a port to your "administrator workstation". You create a custom (<200k) exe file through the UltraVNC site, publish this EXE file to a website, and direct all users to this site.

Once there, the user runs the EXE file, and it creates a reverse-VNC connection that connects to the administrator's workstation (administrator runs the VNC listener). It even bypasses most firewalls (except for the odd software firewall, but you can instruct the user to allow) because it's creating an outgoing connection.

This is absolutely brilliant, and works tremendously.
 
securecrt
copssh
openssh
ethereal
etherape
netflow
arbor peakflow sp
rtg
mrtg
smokeping
whatsup pro
public routeservers :)
 
Cisco tools - free
SDM - Security Device Manager
Basically Cisco is finally starting to grow out of the "CLI is for real men" theme and actually make some cool gui software, if you're like me you have to mess with so many vendors different hardware its hard to learn one entirely, this helps me when i cant seem to remember that IOS command and dont wanna ? for hours through the IOS

CNA - Cisco Network Assistant
basically same thing but for switches

PDM - not free - PIX device manager
gui for PIX systems.

If you're on an OS X platform - free
Terminal - for all the ping, traceroutes etc.

Network Utility - gui with a tad more options but same tools as terminal based ones.

MacStumbler - we use this for AP testing in conjunction with...

AP grapher - graphs a printable readout of AP strength for a specific SSID *note however that if you are using this to graph a blind SSID it tends to make other scanners pick the hidden SSID up....seen it happen twice now.

Ordine - IP/Port Scanner
I think most of us know what port/IP scanners are.

NOT FREE OS X TOOLS

frameSEER - packet/traffic analyzer - breaks them down by each OSI layer as well...i highly reccomend this
 
You must log in or register to reply here.
Back
Top