It is the utilities that make computing easy and comfortable. This article on LAN tools describes a few useful and practical utilities
Various open source utilities are available to make the day-to-day tasks of LAN users and LAN administrators easy. This article tries to describe a few such interesting tools. The list is naturally a partial one, since the pool of utilities available is simply too large!
For more technical details of the tools mentioned in this article, please refer to documentation available on corresponding websites. Two of them – NMap and Wireshark- have been discussed extensively in earlier OSFY issues.
Use KeePass to remember all those passwords
One of the most cumbersome tasks for users as well as for administrators is remembering passwords. Along with improving security awareness levels, many organisations have enforced password policies such as the complexity norm (the password should have a minimum of one special character, and a combination of small and capital letters and digits). The policy could also mandate the minimum length (digit), age (password must be changed every 45 days) and history (you cannot repeat a password for predefined number of times) of the password to be selected.
Apart from various passwords that are used within the organisation, it is also necessary to remember personal passwords, as well as PIN numbers for personal email(s), credit/debit cards, social media platforms, mobile phone decryption, etc. Over and above this, it is recommended to use a different password for every application/website.
Since remembering so many passwords can get really challenging, try out KeePass, a tool that can be used to store all these safely.
As mentioned on the website, KeePass is a free, secure and open source password manager. You can put all your passwords in one database, which is locked with one master key or a key file. So you only have to remember one single master password or select the key file to unlock the whole database. The databases are encrypted using the best and most secure encryption algorithms currently known (AES and Twofish).
Download KeePass from http://keepass.info/download.html. The same page also gives links to contributed/unofficial KeePass packages available for various desktop and mobile operating systems, which include various Linux flavours, iPhone, iPad, Android, and a few more.
Antivirus software: Immunet and ClamAV
You can consider ClamAV as an antivirus engine thats available under GPL. As mentioned on clamav.net, it is used in a variety of situations including email scanning, Web scanning and end point security. It provides a number of utilities including a flexible and scalable multi-threaded daemon, a command line scanner and an advanced tool for automatic database updates.
Many email servers (for example, qmail) can use this to scan mails for possible virus-infected attachments.
For Windows users, there are two versions derived from ClamAV that are available.
Clamwin is available for free download from
http://www.clamwin.com/. It is of course free, but there is one shortcoming – you need to scan each file manually, since there is no auto-scanning option.
Immunet, which uses ClamAV, is available as a cloud based antivirus. The most interesting feature of Immunet is that it requires no updates of virus definitions on your system. Though Immunet was acquired by sourcefire.com, its free edition is available on http://www.immunet.com/free/index.html.
Though not an open source product, Zonealarm is a free antivirus with a firewall and is worth considering if you are an individual home user or need it for a certain type of not-for-profit organisation. This product from Checkpoint is simple to install and a very effective antivirus. Further, you can configure its firewall to allow only certain programs from your Windows system to access the Internet. Look at it this way – if you do not wish to allow particular software to access the Internet (like CD-burning software, installers of various software, etc), use a firewall to block them.
I believe any article on LAN tools must feature Nmap, which is the first tool that comes to mind for day-to-day network admin tasks.
As mentioned on nmap.org, Nmap (Network Mapper) is a free and open source (licence) utility for network discovery and security auditing.
Typically, Nmap discovery leads to the answer of the question, What constitutes my network? A typical process to use Nmap for discovery could start with scanning the IP range for active IP addresses. The scan technique to be used depends on your privilege level. For a non-administrator, a ping scan or a TCP connect scan could be used, whereas an administrator (root) can use a Syn scan. Once the active IP addresses are identified, enumeration of open ports (services) could be fired and finally, you may wish to identify the service running on the open port since often, non-standard ports are used to run services. For example, many a time, the Apache server default http port (80) is changed to some other port.
A few simple things that you can discover by using Nmap are:
- Active IP addresses in your LAN
- Open ports and corresponding running services
- Detecting the operating system on IP addresses
You could study http://nmap.org/nsedoc/categories/discovery.html for all readymade scripts and their uses.
Wireshark: Can you diagnose network problems without it?
Troubleshooting LAN problems is like blind firing or a process of trial and error, till you locate the problem. Wireshark is an excellent tool, which can read the traffic on wire basically, all network traffic originating from the system on which it is installed. Surprisingly, it is free and available for Linux as well as Windows.
Packets captured using Wireshark can be viewed from perspectives of TCP/IP layers:
1. Frame – the overall data
2. Ethernet II – MAC addresses
3. Internet Protocol – IP addresses
4. Transmission Control Protocols – source and destination ports and acknowledge numbers.
By looking at captured traffic, you can often locate important troubleshooting information such as packet loss, too much broadcast, the presence of IPv6 in the network even if it is not being used, worm or malware-generating traffic, etc.
There are various Wireshark features that drill through the captured traffic such as:
- Analysis – Display filter, decode as, follow TCP stream
- Statistics – Summary, protocol hierarchy
Only administrators will know the difficulty of preparing a list of IT assets without an automated tool. Managements do not consider investing in inventory tools due to budgetary constraints. Spiceworks offers one of the best solutions, at no cost.
Spiceworks started primarily as a network inventory tool, and has expanded to cover three additional and useful areas:
- Network monitoring
- Mobile device management
Spiceworks is really easy to set up, can track hardware and software inventory, and can integrate with the Windows domain. Over and above this, it has a vibrant community ready to help! Go ahead and try it out since it is really simple.
Most administrators love good old PuTTY. However, for managing various remote connections in addition to SSH, rlogin and Telnet, you may consider mRemoteNG. It also provides support for RDP, VNC and ICA (from Citrix).
One more embedded advantage is the copy and paste feature, which eliminates the requirement of additional software such as WinSCP.
Six other LAN tools are listed in Table 1. The list, however, is endless.