The Complete Magazine on Open Source

5 useful open source tools for Windows systems administrators

swiss knife

Much of the work that Windows systems administrators do is tedious, repetitive, boring and time consuming. Thankfully, there are open source tools available that can greatly assist them in these mundane tasks. A selection of these tools is discussed in this article.

Anyone trying to install new software on a Windows desktop or laptop, by clicking on the .exe file, often gets a new window asking whether it should be Run as Administrator. Often, you click on ‘Yes’ and go ahead with the installation. But have you ever wondered who that administrator actually is and what role a Windows sys admin plays? If you haven’t given it a thought, then there is much you need to learn about.
Windows systems administrators take care of the configuration and reliable functioning of Windows computer systems or servers. They not only create user accounts, run Defrag once in a while or clear out caches to make sure there aren’t any viruses, but also ensure that the performance, resources, uptime and security of the Windows system meets the user’s needs without exceeding budget limits. They can troubleshoot, acquire, install or even upgrade different Windows components, train or supervise staff and provide routine automation in order to meet the needs of different users.
Let’s have a look at the various significant responsibilities that a Windows sys admin assumes:
1. Monitoring and maintaining the performance of the Windows system
2. Setting up and maintaining Windows user accounts
3. Creating different file systems
4. Monitoring Windows network communication
5. Software installation
6. Updating the system as soon as a new version of Windows comes out
7. Framing the backup creation and recover policy
8. Implementing different policies for the use of the network and computer system
9. Setting up security policies for users
10. Managing Windows passwords and identity

Figure 1

Figure 1: Oracle VirtualBox manager window

How open source tools can aid Windows sys admins
Most of us want to avoid various manual tasks as much as possible by making tools do these tasks for us. Similarly, Windows sys admins try to use various tools to perform different sets of actions, which help them to get these tasks done faster, with greater accuracy and fewer errors. At the same time, sys admins cannot be dependent only on tools for all their tasks, as there are certain actions that need their intervention. Open source tools can assist Windows sys admins in a range of tasks, some of which are listed below.

Creating new users: According to Microsoft, there are more than 200 million users accessing Windows all across the globe; so we can’t even imagine sys admins creating accounts for all new users manually. Hence, this task is taken care of by using shell scripts.
Locking/unlocking user accounts or resetting user passwords: Just as it’s difficult to create any new user account, it also becomes impossible to either lock or unlock any user’s account manually, as and when required. It is not feasible to even reset any user’s password manually as there may be millions of such users requesting for these activities. Therefore, all such activities are carried out with the help of various available open source tools.

Figure 2

Figure 2: PAL v2.2.1 wizard (Image credits: Google Images)

Network troubleshooting: This activity requires a lot of hands-on experience and training, but open source tools (like Wireshark) can help ease traffic analysis with the number of powerful features that they come with.
Creating backups for Windows based systems: It becomes quite painful for administrators to create backups for Windows based systems. An open source tool named AMANDA (Advanced Maryland Automatic Network Disk Archiver) helps Windows sys admins set up a single master backup server, which can support both Windows desktops and other servers present over the Windows network.
Locating all devices connected to the network: A Windows sys admin must locate all the tools that connect to the network and also the various pieces of hardware that have been installed on the system. OCS Inventory Tool or Zenmap help to do this quite easily and fast.
Defragmenting different system files and registry archives: In order to ensure improvements in the performance of Windows systems, it’s very important to defrag different system files, paging files and registry archives. This can be easily done using an open source tool called UltraDefrag.
Managing service upgrade schedules: A Windows sys admin has to manage different service upgrade schedules on a system and monitor the service uptime. An open source tool called Nmap is quite handy in carrying out this activity without much manual intervention.

Five famous open source tools for Windows sys admins
VirtualBox
VirtualBox is actually a must-have open source cross-platform virtualisation application for any Windows sys admin seeking to run guest open source environments on Windows, Solaris Linux or Macintosh machines. Its cross-platform property helps admins to install it on existing Intel or even AMD based computers, irrespective of whether they are running Mac, Linux, Windows or Solaris operating systems. It also extends the capabilities of the existing computer so that it can run multiple operating systems (in different virtual machines) at the same time.
Admins can run different virtual instances of various operating systems, including Windows, OpenSolaris, Linux, OpenBSD, and even DOS. VirtualBox is the only solution that is available free of cost as an open source software (OSS) under the terms of the GNU General Public License (GPL) ver2. It is a simple but powerful tool, which can run on everything, ranging from small embedded systems to different desktop machines and even cloud environments. VirtualBox is useful because of the following features:
1. It allows Windows sys admins to run more than one operating system simultaneously; hence, they can run a software written for one operating system on another one without any reboot to use it. Since they can configure the specific kind of ‘virtual’ hardware that should be presented to each of these operating systems, they can even install an old operating system like DOS on any computer, in spite of the fact that the computer’s hardware is no longer supported by that operating system.
2. Different software vendors can use virtual machines run by VirtualBox to ship the entire configuration of a software. For example, installation of a complete mail server solution on any real machine can be a cumbersome task but VirtualBox can help to install such a complex set-up quite easily into a virtual machine.
3. Virtualisation can also reduce the hardware and electricity costs to a great extent. Computers today use only a fraction of their potential power most of the time and they run with low average system loads, wasting electricity in the process. Hence, instead of running so many physical computers that are used only partially, many virtual machines can be run on a few powerful hosts, which will balance the loads between them.
4. VirtualBox is also very useful in testing specific software with the help of virtual machines that can be run using it. It also helps in data recovery and backup.

Figure 3

Figure 3: Squiggle Messenger (Image credits: Google Images)

The Performance Analysis of Logs (PAL) tool
This is a powerful tool, which reads the performance monitor counter logs, and analyses them with the help of known thresholds that relate to the majority of the Windows products, including Exchange, Active Directory, Share Point and more. Let’s have a look at the various features of PAL:
1. It has an easy-to-use GUI interface that helps in creating batch files for the PAL.ps1 script.
2. It has a GUI editor, which helps in editing or creating the threshold files.
3. It generates HTML based reports, which makes it easy to copy and paste these to other applications.
4. It analyses different performance counter logs for thresholds that change their criteria on the basis of computer or hardware specifications.
5. It thresholds files for most of the Microsoft products like IIS, SQL Server, Exchange and Active Directory.
The PAL tool is basically developed using Powershell script, which requires a different set of arguments or parameters passed to it so that the performance monitor logs can be easily analysed using them.
The system requirements for this tool are:
1. Powershell v2.0 or greater.
2. Microsoft .NET framework 3.5
3. Microsoft Chart Control for Microsoft .NET framework 3.5

Squiggle
Squiggle is similar to a server-less LAN chat tool, which is ready for use the moment it is downloaded, unzipped and run. There is no installation required for it. This tool is ideal for smaller businesses, where Windows sys admins do not have Office 365 with Lync, which could be used for communication. Squiggle even helps to connect two LANs across different sub-networks or a WAN. Let’s check out its other features:
1. It helps in group chat, private chat and broadcast chat.
2. It’s basically a serverless peer-to-peer LAN chat, which does not require any installation.
3. It helps in multiple transfers simultaneously, and that too, at high speed.
4. It also has several other features like a spellcheck, emoticons, buzz and audio alerts.
5. It helps to perform voice chat.
6. It can even display pictures, messages, contact groups, chat commands and message aliases.
7. It shows the chat history and status history.
8. With its localisation feature, Windows sys admins can replace the already present translation file with a new one so that Squiggle can be used in some other local language.
The system requirements are:
1. NET Framework 4.0
2. Visual C++ 2010 redistributable
3. Windows 8 and above

RamHook
RamHook is an open source, keystroke logging application, which provides sys admins with the ability to capture and record all the keyboard input to a file. This tool is widely used to capture various keyboard inputs. Once these are captured, it generates a log file corresponding to the different keystrokes it has captured, which can be used further for different investigations and other applications. It can even be run in hidden mode, and the log file generated by it can be uploaded to a specified Web server. Its features are listed below:
1. It captures all keyboard inputs.
2. It’s highly customisable.
3. It can be run in hidden mode.
4. It’s a simple open source tool which is quite straightforward and easy to use.
5. It can upload generated log files to remote servers.
6. It also helps in Windows integration.

Ntop
Ntop is an open source network traffic tool that illustrates network usage in real-time. It is more like the UNIX top command, with which we can view network flow statistics and filter or sort the obtained output data. It helps sys admins to know about the big bandwidth consumers. It produces different network utilisation graphs such as Cacti and MRTG. Windows sys admins prefer Ntop to take NetFlow and Flow data as inputs for analysis. If sys admins need to track down a user who’s using more resources than they like, Ntop’s operating system sniffing and fingerprinting of user identity information such as email addresses comes in very handy. It supports different management activities such as network optimisation and planning, and helps to detect network security violations. Ntop’s features are listed below:
1. It helps in network flows and local traffic analysis.
2. It provides multi-thread and multi-processor support on UNIX and Win32.
3. The Python lightweight API can be used for extending Ntop via scripts.
4. It supports both NetFlow and Flow as a flow collector. It can simultaneously collect from more than one probe.
5. The traffic statistics obtained are saved into RRD databases for long-run analysis.
6. It also helps in getting Internet domain, VLAN (virtual LAN) and AS (autonomous systems) statistics.
7. The discovery and categorisation of network assets are done according to their operating system and users.
8. It consists of various protocol decoders for many Internet protocols.
9. It provides RRD support for storing per-host traffic information, persistently.
10. It supports virtual or multiple network interfaces.
The platforms supported by Ntop are:
1. UNIX (including Linux, Solaris, *BSD and MacOSX)
2. Win32 (Win95 and above, including Vista)

Figure 4

Figure 4: Global traffic statistics illustration by Ntop (Image Credits: Google Images)

Factors considered by Windows sys admins while choosing an open source tool
Prior to purchasing any product in the market, several factors need to be considered. The cost factor would be one of the most significant, but Windows sys admins need not bother about this as open source tools are available free of cost. So let’s examine what other factors ought to be considered before opting for any open source tool.
1. The performance and efficiency of the tool is one of the most important aspects. One has to check whether the tool under consideration fulfils all requirements completely or not.
2. A cross-platform tool is what most Windows sys admins prefer.
3. It should be easy to learn and understand the tool so that it can be implemented and modified easily to meet specific requirements.
4. The tool should be highly secure.
5. Windows admins would also prefer a tool that has proper support available for it.

The security aspect of open source tools for Windows sys admins 
Information security is one of the biggest challenges as well as priorities for Windows sys admins. The security of information or data depends a lot on the software or tools in use. The trustworthiness of any tool, either open source or closed source, depends on some key aspects of how the tool was designed and developed. These include:
1. The expertise developers have to develop a secure tool.
2. The security testing processes carried out before the tool is released.
3. The quality of code used in the tool.
4. Various mature practices followed through the development cycle.
Once the open source software tool is made available to the public, anyone and everyone interested in the tool should be able to review the source code to assess its quality and reliability. As it allows a greater number of users and experts to go through the source code, the bugs threatening its security can be discovered and fixed early. Though open source tools have the potential to be more secure than their closed source counterparts, there should be a proper evaluation of their security parameters before implementing them.

Advantages of open source tools 
The various advantages of open source tools for Windows sys admins are:
1. They are more reliable as there are fewer chances of leakage in them.
2. No vendor dependence.
3. Free of cost for use.
4. They provide sys admins the flexibility to customise the code for site-specific needs.
5. Windows admins can get a feel of the tools before actually implementing them.
6. They are more secure.