I’m constantly looking for tools and applications to help improve how I administer my network. Over the years, I’ve gathered a nice collection of applications, utilities, hardware, and other tools that I use on a regular basis to troubleshoot, perform routine maintenance, enforce security, measure performance, test software, and execute countless other administrator tasks. I’ve put together a list of my favorites along with a short description of each with the hope that some of these could prove useful for you as well.

What are your favorite administrator tools?

What utilities, applications, and other tools are invaluable to your work as an administrator? Post a message in the discussion below with a list of your favorite tools. (A short description of each and a link to them would be great too.)

Hyena is a marvelous tool to help control an NT network. It combines the mishmash of applets that Microsoft provides to control NT/2K/XP servers and workstations into a single, easy-to-use interface. Hyena makes it a snap to see and administer every NT domain and computer on the network, to audit system configurations, to change passwords and modify services on multiple machines at one time, and more.

NetMeeting is one of Microsoft’s best-kept secrets. Not only is it superb for allowing people to collaborate over a LAN, WAN, or the Internet, but it is also a wonderful remote-control application. We’ve tried many remote-control programs, such as VNC, PCAnywhere, and even Microsoft System Management Server (briefly), and none of those comes close to what NetMeeting offers for the price (free). In our widespread organization, NetMeeting is one of our most valuable applications.

Servers Alive is our network monitoring application. While we use the standard ping mechanism to check our network, Servers Alive extends this functionality to include the monitoring of specific ports and services. When one of our links or critical machines goes down, Servers Alive sends an e-mail and/or a page to the administrator(s).

NetIQ’s Qcheck is a network throughput measuring tool that we used constantly in our old location, where we had a patched-together LAN and a creaky old WAN. This tool was invaluable in finding bottlenecks on the network. It can do a ping or throughput test between any two machines that have endpoint software installed (and they offer the endpoints for multiple operating systems), and once the endpoints are installed, the throughput can be monitored from a third machine.

Netlab is a simple little app that I use for first-line network verification. It offers Ping, IP scanning, Traceroute, Finger, Whois, and other tools all in one interface.

Neotrace (now called McAfee VisualTrace) is our second-line network checker. We mainly use it for WAN/VPN connection problems. Two neat features of this app are its visual traceroute ability and the graphs displaying the variation in ping times. This makes it easy to spot connectivity problems and bottlenecks.

Although not technically an administrator’s utility, one of the most important pieces of software on our network is ScanMail for Exchange by Trend Micro. This application alone has probably been the most valuable tool we have purchased. It has caught every nasty, virus-laden attachment that has tried to get through via e-mail, with the exception of one—and that was due to a configuration mistake we made. We run it in specific attachment-blocking mode and have it block all .exe, .vbs, .pif, .eml, and .com attachments. If anybody wants to send us a legitimate version of these files, they must be zipped to get by ScanMail.

LANguard is a free port scanner, OS detector, and vulnerability scanner. We use it (among other things) to pound on our firewall from the outside to see what is visible and to scan the inside to see what is open to exploitation. We also use Nmap on a Linux box to do the same thing and then compare the results.

Snort is an excellent open source intrusion detection system with a dedicated following. Installing this app was quite an eye-opener, as it showed us how many times our door gets rattled by potential hackers during the day. This probing was not at all obvious from our firewall logs. Originally written for Linux/UNIX, it has been ported to the Windows environment as well. Some excellent directions for installation and use can be found at Silicon Defense.

Ethereal is our open source network sniffer of choice. While we have LANExplorer for our heavy-duty sniffing, Ethereal meets our day-to-day needs perfectly. It is chock-full of features and can read Snort packet capture logs. And you can’t beat the price.

Sam Spade is a free tool we use in conjunction with Snort to try to trace hack attempts and for network/WAN troubleshooting in general. It offers a number of utilities, including Dig, Ping, Traceroute, Finger, SMTP checks, and NSlookup. It’s also especially valuable for tracking down spammers.

PowerDesk Explorer is what Windows Explorer should be. We have been using this great app for years as our primary file explorer in Windows. Among its powerful built-in features are a configurable, dockable tool bar, folder size manager, file viewer, and file zipper/unzipper for many types of compression schemes.

CProxy is a Windows-based proxy server app we stumbled across by accident while looking for a solution to a firewall licensing problem. CProxy ended up taking care of the problem, but it also turned out to be a lot more useful than we expected. It has excellent logs, tracks URLs visited by all computers, blocks files with dangerous extensions, and for us, it exposed a large amount of pornography browsing done on company time.

VMware is ideal for running multiple operating systems on a single computer without needing a multiboot system or multiple machines. Our work environment has computers with many varied Microsoft operating systems and a few Linux systems. Our help desk troubleshooting is simplified because we can call up the OS in question on VMware and then walk users through the problem they are having.

Track-It is our main hardware/software inventory, purchasing, and help desk application. It was instrumental in getting our software licensing up to date, and the help desk database has grown to the point that Track-It is a great troubleshooting tool.

AVG AntiVirus is not our corporate antivirus app (see Trend Micro above), but it is the one we recommend to our home users. It is free, it checks e-mail, and it has an easy-to-use interface. We’ve used it with every type of Windows OS with no problem at all.

Sygate Firewall is not our corporate firewall, but it is the one we recommend to our traveling and home users. It checks inbound and outbound connections and has a packet capture utility built in.

Well, those are my favorite tools. I hope that some of them will become a valuable part of your toolbox as well. You probably know of some priceless utilities that I didn’t mention, so post a message in the discussion below with a list of your favorite tools.