Windows

Three network tools I couldn't live without


I recently decided to rebuild my Windows machine. I find it's something that needs doing every six months or so. Luckily, I now run my Windows machine as a VMware virtual machine so I don't have to start the re-install from scratch; I just roll back to a snapshot taken when it was nice and clean. I can then re-install what I consider to be essential tools and enjoy the machine running much more quickly without all of the junk that tends to build up over time.

What are the first applications I re-install? What are those applications we don't always think about until they're gone? Here are my top three networking tools:

PuTTY

I'm sure I've talked about this one before. PuTTY must be one of the best tools available for an administrator who may need to log on to a Linux/BSD server from a Windows machine. PuTTY is a GUI client application that enables remote access via SSH, Telnet, and Rlogin protocols. While there are plenty of other clients available, PuTTY always comes up on top. It's free, lightweight, easy to use, and extremely effective; what more could you ask for?

Download PuTTY from here for free. Don't worry about the myriad of download options. I usually just go for the Windows installer.

Wireshark Billed as "The World's most popular Network Protocol Analyser" and formerly known as Ethereal--Wireshark was created when Gerald Combs (creator of Ethereal) went to work for CACE Technologies (creators of the WinPcap library). The Ethereal trademarks could not be taken with him so a ‘fork' was created and the name was changed to Wireshark.

So what does it do? Wireshark is a protocol analyser. Similar in many ways to tcpdump; Wireshark adds an easy-to-use GUI and various sorting/filtering options. As Wireshark actually ‘understands' the protocols, it's able to rebuild and display data streams from the captured packets, which can really help while trying to track down that intermittent bug.

What makes Wireshark special? It runs on Windows, OS X, Linux, and UNIX; it supports hundreds of protocols; it has powerful filtering options; and it can be used to analyse data caught ‘on the fly' or saved previously with tcpdump. I have been told Wireshark is great for VoIP analysis, but I haven't used it for that.

Oh, did I mention it's free too? Download Wireshark here.

Nessus

Nessus is a top class vulnerability scanner produced by Tenable Network Security. Estimated to be used by more than 75000 organisations worldwide--Nessus is said to be the worlds' most popular vulnerability scanner.

Formerly an open source project, Nessus was moved to a proprietary license on the release of version 3; the scanning engine is still free, although support and up-to-the-minute vulnerability definitions are charged for. Those who don't want to pay still get the updates seven days after their release.

Nessus starts by performing a port scan on the chosen host or network. It then probes open ports to try and determine which services are running and tests those services against known vulnerabilities. I think Nessus is a great tool for testing the resilience of your network. The reports it generates are highly detailed and make a good basis for any status reports you may need to produce.

Nessus is available for OS X, Linux, BSD, and Windows. Download Nessus here (it's free but you will need to activate).

Of course there are many great network related tools available and everybody will have their own opinion on which is the most important; after all, everyone's requirements are different. Despite being a Windows-only application and being very basic when compared to Wireshark and Nessus; PuTTY is still the tool I just couldn't do without.

What are your top networking tools?

69 comments
ggardei
ggardei

Here are the network tools I can't live without... +Putty +VNC +Whois (linux) +Nmap (linux)

stevenmgoodman
stevenmgoodman

Look at the tools from PacketTrap, they're pretty handy. wwww.PacketTrap.com

Cerybro
Cerybro

Dont forget this stuffs... IP-Tools, Ideal Administration(like hyena), GFi LNSS

h2owe2
h2owe2

VanDyke's CRT is a great terminal emulation package that I use when configuring Cisco network deices. Likewise, ES-Computing's EditPlus text editor is a godsend

nick.espinosa
nick.espinosa

I agree with your choices. Apart from the 3 you've mentioned 1 needs special mention for Network Admnistrators - Beyond Compare is a notepad comparison tool that is very handy for me when comparing 2 almost identical files where it hi-lites the differences, in my case network configs. Nick E

lluis_pardo
lluis_pardo

Uh, oh... You are forgetting Total Commander ??!! I need it in all my PCs and in all my servers! Also, another tool that I always need, well ,a bunch of it, is pstools. http://heladodecan.blogspot.com

jeff
jeff

WinSCP, FileZilla, PingPlotter and Putty. Oh, that's four.

RayG314
RayG314

Two tools for BEFORE rebuilding: 1) If external data storage is available, how about backing up the current system, with something like SyncToy. 2) How about running an audit/inventory of what's on the system. Something like WinAudit would give you more than enough information. Now you don't necessarily want to rebuild EXACTLY as it was before, not with the same versions of each application or utility, not with those applications or utilities that you haven't used in ages.

bill.friday
bill.friday

All the mentioned tools are fine but I have the need to run tools from other peoples Winx systems when troubleshooting to access my Linux boxes, Cisco devices and capture packets therfore my special tool is using a U3 USB drive. I recently picked up a 4Gig ScanDisk USB2 drive for $40. Applications have to be U3 compatible. The tools avaialble from the Internet that I use are Firefox, Wireshark, Putty, WinSCP, OpenOffice, Tunnelier for U3 and Angry IP Scanner. Since these run without have to install then except for Wireshark which installs WinPcap if needed and uninstalls it when racefully eject the U3 drive. Firefox is real handy to verify if the problem is IE or elsewhere. Many command line tools work natively and there are programs that allow you to U3ize simple windows applications. The one I have used is packagefactory which worked well for SuperScan4 (only app I tried so far). The simple scanners are real handy since I work in Research and have many special vlans with various ACLs. Since many of the systems I work on do not have Microsoft office having Open Office allows me to read DOC and Excel files which is the format used by the majority of our system and network documentation.

kgardiner
kgardiner

OPNET's ACE is one that I turn to often. It is somewhat expensive but once it has been deployed it is far superior to any sniffer, network or application analyzer that I have used. I lke the other choices although I would not run Nessus on my workstation.

apotheon
apotheon

In alphabetical order, a few I like are: lsof Nagios Nessus Nmap OpenSSH ping tcpdump traceroute Of course, to go along with those I often need filtering tools like grep and Perl -- but they aren't technically network applications in and of themselves. (edit: capitalization) (edit: Why is it that all the tools starting with N are capitalized, but the rest mostly aren't? I guess it's just one of life's mysteries.)

zloeber
zloeber

Putty and Wireshark are nice I will admit (I use putty every day myself). But if I were to choose just three, I'd have to choose tools which aggregate many others into it like zenoss (I can check at a glance at all my syslogs and be warned of down systems in no time flat). I also think that Rancid is wildly excellent for versioning IOS changes in your routers/switches. Arpwatch-ng is an unexpected goodie as well as it notifies me instantly when a IP address flip-flops or a new machine is introduced on the network. External monitoring is good to have as well, I use the free mon.itor.us site. Kind of ajaxian and trendy but it does a good job. nmap for the curious of course. WSUS for dem winders machines. Cacti for mrtg graphing. netdisco to map out switches. and many more of course. :)

AlanGeek
AlanGeek

If you're on Windows and need X capability, I've found Cygwin/X to be ideal, and it's also free. Of course, you could also keep a flash drive with DSL on it and have a full Linux environment at your disposal, too. Otherwise, PuTTY was my most-used app when I had to use Windows to get to my *nix boxes. -Alan

contact
contact

Core FTP is a nice Windows GUI FTP client which supports SSH. Tera Term Pro supports Telnet and SSH, as well as serial communication.

bpate
bpate

This tool is to quote the website "Qcheck - Network Performance Measurement What's good-looking, powerful, improves your quality of life, and is FREE? Qcheck, the network troubleshooting utility from Ixia, slices, dices, and checks network response time, throughput, and streaming performance. It even runs anywhere-to-anywhere traceroute!" http://www.ixiacom.com/products/performance_applications/pa_display.php?skey=qcheck I love using this tool to troubleshoot voip issues...gives me a realistic idea of how much bandwidth is available between two endpoints. Gives you an instant picture if there are any bottlenecks...expecting 100mbps and only getting 40...? I suggest changing the iterations to 5 and the data size to 1000 for a more accurate picture of high speed networks.

Oktet
Oktet

Is there any apparent reason you would not run Nessus on your workstation, or is it just your personal preference not to run it?

bpate
bpate

One tool I have found extremely useful is tail for windows. This gives you the ability to open a log file and set a search string. The machine will then beep every time there is a match on the search string. It will also highlight the entry in red. So if you think packets are bouncing off the firewall and want to see the log in real time with only the entries pertinent to your troubleshooting...use tail...did I mention it's free...another great one is grep for windows...did I mention it's free? http://tailforwin32.sourceforge.net/ http://gnuwin32.sourceforge.net/packages/grep.htm

toni.clarkson
toni.clarkson

I am a newbie with networks. What are dem winder machines? Thanks, toni

Mond0
Mond0

The last "News" post from their web site: "[i]We are currently searching for a new maintainer and developers. 2005-08-23[/i]"

Mond0
Mond0

What OS are you running? Tera Term hasn't been updated since 1999! In fact the sites states "[i]The author thinks that Tera Term (Pro) is Year-2000 compliant.[/i]"

libskrap
libskrap

I'll try it. if it does what the website says, it could help answer some questions about performance.

kgardiner
kgardiner

Just policy. I will expect a well protected (IPS) site to shut down a device running Nessus scans, and it is better to carve out the exceptions on machines which are less multi-purpose.

toni.clarkson
toni.clarkson

Thank you for making it easy to find your suggested tools. This saves time for all of us. The others I will need to google to find them. I am very new at this and trying to learn on my own about networks. I plan to set up one at home. At work I am just a Software Configuration Manager, but will soon be tasked with HW configuration Manager - which will include networks. So all this data is Great!!! Thanks to all, toni

JCitizen
JCitizen

Dem are duh wons dat got winders put on em! :D

chuckmba@adelphia.net
chuckmba@adelphia.net

I noticed that you made comments about people who used old software but never said what you use. What do you use? Just because it's old doesn't mean it doesn't do the job. Recently there was an article in TechRepublic of 10 pieces of software that the older version was better than the latest. I find the latest version of Office terrible. The only reason I installed it was because I got it free from Microsoft during release.

djdawson
djdawson

Actually TeraTerm Pro *is* still being developed and is up to version 4.55 - it's just hard to find, since the development is happening in Japan now. Here's a link to the project page for it, which includes built-in support for SSH: http://sourceforge.jp/projects/ttssh2/ Enjoy!

Dumphrey
Dumphrey

look at what tera term needs to do.....telnet and serial console connections...thats it....its tiny, and I do mean tiny, and works perfectly with Cisco consoles. who cares if its from 1999, it works. If you NEED a secure connection to a router, a standalone laptop over a serial connection is about as good as it gets. Just because software is old, does not mean its useless....

apotheon
apotheon

"[i]Are you a The Dude user, too?[/i]" Nope. I run all my monitoring from the Unix side of things. Thanks for answering my question.

danrdj
danrdj

There are features/fixes I'm looking forward to-- ones that will make using the product simpler and less time-consuming. Examples are cut-and-paste, pdf exporting, weekly charts and scrolling-- relatively simple things. I'd also like to try out some new features that I didn't think of, such as the new syslog server, pdf exporting, and (though I probably won't use it) speech notification. So, I would say it has little or nothing to do with prior conditioning. Are you a The Dude user, too?

apotheon
apotheon

"[i]But what is taking so long on the 3.0 stable release?[/i]" Is there some specific reason you want the 3.0 release -- or do you just feel like you need a new release because that's what major corporate software vendors have led you to expect (frequent releases)?

danrdj
danrdj

I use The Dude as well, and really like it. But what is taking so long on the 3.0 stable release? I'm not truly complaining, b/c it's free. I'm making use of Pstools as well-- right now rolling out power management settings to remote branches. I'm not sure if you're in an AD domain or not, but I'd recommend SpecOps' GPUpdate, which is also free, for remote shutdown/reboot: http://www.specopssoft.com/products/specopsgpupdate/

JCitizen
JCitizen

fortunately you will still get support as you are grandfathered in; don't lose your license key! Thanks for your input!

MPHillier
MPHillier

I work in a school house and to monitor Printers and switches I use The Dude. To Scan our network \ reboot \ shutdown pc's I use Advanced IP Scanner. To access remote pc's I use LanSpy. I'd also like to add that since in a school house I'm constantly installing and uninstalling stuff so I use AutoIt to package my installations and remotely run them by using Pstools. Darn only three I could go on....

JCitizen
JCitizen

over the satelite contract; because I don't use it anymore.. In fact I start to feel like I'm flying blind every time I waste time in front of a boobtube!

Dumphrey
Dumphrey

a television anymore. Any dvd/video I watch is on my computer. My monitor is only 22', but compared to TVs I've owned in the past, its just the right size =)

Oktet
Oktet

"Sounds like you as bad as me getting up too early or staying up too late to go online," that is so true. I have not watched television in 3 years.

JCitizen
JCitizen

With the usual humdrum of IT, a guy just needs to let off steam once and a while! Sounds like you as bad as me getting up too early or staying up too late to go on line. It beats boring television anyday!

Oktet
Oktet

Damn, you guys are a funny bunch-love that lingo.

jim_olson
jim_olson

Easy to set up on a flash drive as well

brucedog2
brucedog2

I've downloaded the new TeraTerm and I'll have to give it a go but as a cisco admin, I use v 3.1 all the time, it's reliable and does what I need. Another favorite I couldn't do without is PrintKey2000.. a great free screen capture... small and simple, I keep finding new uses for it... when you need to grab a screen shot in a hurry.

TTate
TTate

ntop (www.ntop.org) is a good tool for watching traffic patterns and flows. It's a linux tool but you can view the results in any browser. You can find some bootable live-cd's with ntop on them so try starting with that.

Timbo Zimbabwe
Timbo Zimbabwe

Indeed. This is one of my favorite tools, along with NetScan Tools Pro.

tpatrick
tpatrick

If you have it configured and SNMP devices you can see down to the switch port as to who the offender is. If you have a layout from there you can catch them in the act.

libskrap
libskrap

does wug do a good job of identifying network traffic by user? I'm looking for something to quickly identify which users are downloading tons of files, sending same volumes, etc. thx for your comments.

khenning
khenning

- KEA! terminal emulator v4.2 from 1997, because I already have it, it works, and it's very configurable. (Has to be patched to run properly on _NT_! ;-) ) - WhatsUp Gold - But I have version 4!! Also because I already own it, it's reliable, and it's doing the job I need it to do, alerting me to down servers and services, WAN links, etc. - Hyena - Not so old, but it saves me a lot of time by putting nearly all my Windows tools in a single GUI.

Editor's Picks