Jump to content


Photo

Network Management & Tools


  • Please log in to reply
8 replies to this topic

#1 Hunter

Hunter

    The Flying Dutchman

  • General Admin
  • 12,474 posts

Posted 05 February 2004 - 01:58 AM

How to scan your network for free
Michael Mullins CCNA, MCP, TechRepublic, February 02, 2004, 12:00 GMT

To make sure that the only devices installed on your network are the ones you put there, take advantage of the free scanning tools that are available. Are you absolutely sure you know all the protocols and ports that are open on your network? If you're not the only person with the rights and permissions necessary to add devices to your network, you'll never know what's really "live and on the wire" -- unless you listen to your network. By periodically scanning your network, you'll be able to maintain a good view of what devices are connected to it and to determine whether those devices are communicating properly and using the allowed ports and protocols.

Start scanning
Depending upon the OS on your administrator's workstation, you could start by using scanning tools such as fping http://www.fping.com/ , which allow you to quickly scan a range of IP addresses to detect live network connections. This is one way to determine if someone is adding devices to the network without your knowledge and/or approval.

However, some devices (e.g., wireless devices) will need a different tool for discovery. If you're looking for rogue wireless access points (WAPs), you can use tools such as Kismet http://www.kismetwireless.net/ or NetStumbler http://www.netstumbler.com/. Finding an unauthorised WAP behind your security perimeter is bad news, but not finding one that's tapped into your network is even worse.

Take action
Ideally, you shouldn't find any surprises in your network scan results. If you do, though, take these steps.

Rogue WAPs
Immediately block the IP address of the WAP device at the switch where it's connected. This should provide you with enough time to find the physical device while the user is trying to discover what happened to his or her wireless network connection.

Non-wireless devices
If you find unknown non-wireless devices -- such as printers, departmental FTP/Web servers, etc. -- conduct an in-depth scan and determine exactly what the device's function is. Block the device from the network until you can physically locate it and disconnect it.

For a more thorough examination of the rogue device, you can use Ettercap http://ettercap.sourceforge.net/ or Winfingerprint http://winfingerprint.sourceforge.net/. Both utilities do an excellent job of decoding the type of OS that's running on a remote device, which should help you discover the device's original purpose. These utilities also show what services are running and what ports are listening for connections.

Final thoughts
As administrators, it's our job to ensure that only authorised and secured devices operate on the network. Besides the obvious security reasons, there are performance gains to turning off unnecessary network protocols. Turning off unnecessary protocols helps reduce network chatter and increases bandwidth utilisation.

I've mentioned a lot of network tools in this article, all of which are free. If you use these tools to listen to your network and map every IP address, you might be surprised by what you find

Source: http://insight.zdnet...39145260,00.htm

Edited by Chachazz, 05 June 2011 - 06:58 AM.


#2 Terryala

Terryala

    Board Grand Dad

  • General Admin
  • 17,910 posts

Posted 13 March 2005 - 06:56 PM

Wireshark? (formerly 'Ethereal') is a network protocol analyzer. It lets you capture and interactively browse the traffic running on a computer network. It has a rich and powerful feature set and is world's most popular tool of its kind. It runs on most computing platforms including Windows, OS X, Linux, and UNIX. Network professionals, security experts, developers, and educators around the world use it regularly.

Wireshark is "free software"; you can download it without paying any license fee. The version of Wireshark you download isn't a "demo" version, with limitations not present in a "full" version; it is the full version. (It is freely available as open source, and is released under the GNU General Public License version 2.)

For a complete list of system requirements and supported platforms, please consult the User's Guide

http://www.wireshark.org/

Grand Dad

Edited by Chachazz, 05 June 2011 - 03:41 PM.


#3 Chachazz

Chachazz

    Is GSF inventory

  • General Admin
  • 33,682 posts

Posted 21 October 2006 - 01:36 AM

Look@LAN Network Monitor is a freeware product, both for individual/home/personal use and for business/commercial/industrial use.

An advanced network monitor, which allows you to monitor your network in few clicks. Extremely easy to use and very fast in discovering your network's active nodes. Full of relevant features such as auto-detect of network configuration, monitoring, reporting, trapping, statistics and graphs, network tree view, network log, proof single node scan, os detection and so on. This solution is perfect for any kind of network size and design, as its network core has been developed to be able to work in any scenario.

While Look@LAN lets you be able to entirely monitor a complex and wide network, with Medas VNS (Visual Network Statistics) you can keep under control your network primary nodes, such as routers, firewalls, NATs, switches, HUBs. Medas VNS gives you detailed statistics about any node that supports SNMP: network interface stastics and correlated analysis, protocol statistics about any TCP/IP layer, active TCP and UDP connections and services, TCP/IP networks list, routes list. This is a perfect software solution for anyone who wants to carefully monitor and manage a network by keeping under strict control its primary nodes.

More Info & Download:
http://www.lookatlan.com/

#4 Chachazz

Chachazz

    Is GSF inventory

  • General Admin
  • 33,682 posts

Posted 28 April 2007 - 08:47 PM

AirSnare is a completely free program. AirSnare is another tool to add to your Wireless Intrusion Detection Toolbox. AirSnare will alert you to unfriendly MAC addresses on your network and will also alert you to DHCP requests taking place. If AirSnare detects an unfriendly MAC address you have the option of tracking the MAC address's access to IP addresses and ports or by launching Ethereal upon a detection.

Requirements:
1)802.11b (wireless) network card. If Ethereal works with your network card, AirSnare should do the same. (AirSnare will work on a wired network card).

2) The computer that is going to be running AirSnare must be associated with the Access Point. What this means is the computer must have it's wireless client SSID set to the same SSID as the Access Point. (Setting the SSID on the AirSnare computer to: ANY has also worked in LAB testing.)

3) You must have the WinPcap Library installed. If you are running Ethereal (the free sniffer software) then you already have this, if not you can download it from http://winpcap.polito.it/.

4) Download AirSnare and install it. Start AirSnare. As long as you have the above installed you shouldn't get any errors.

More Info & Download: http://home.comcast....eboer/airsnare/

#5 Chachazz

Chachazz

    Is GSF inventory

  • General Admin
  • 33,682 posts

Posted 27 August 2008 - 04:16 PM

Spiceworks IT Desktop
Spiceworks IT Desktop delivers nearly everything you need to simplify your IT job. Designed for small- and medium-sized businesses, Spiceworks single, easy-to-use interface combines Network Inventory, Help Desk, Reporting, Monitoring and Troubleshooting. And, it connects you with other IT pros to share ideas, solve problems and decide what additional features you need in Spiceworks.

It's free, thanks to top technology vendors that sponsor Spiceworks: Inventory Everything on Your Network; Run an IT Helpdesk; Monitor Your Network for Trouble; Report on Your Network;Troubleshoot Issues on Your Network.

This may be ideal for your small/home network! Spiceworks



#6 Chachazz

Chachazz

    Is GSF inventory

  • General Admin
  • 33,682 posts

Posted 14 January 2009 - 06:13 PM

The Dude network monitor is a new application by MikroTik which can dramatically improve the way you manage your network environment. It will automatically scan all devices within specified subnets, draw and layout a map of your networks, monitor services of your devices and alert you in case some service has problems.
  • The Dude is free of charge!
  • Auto network discovery and layout
  • Discovers any type or brand of device
  • Device, Link monitoring, and notifications
  • Includes SVG icons for devices, and supports custom icons and backgrounds
  • Easy installation and usage
  • Allows you to draw your own maps and add custom devices
  • Supports SNMP, ICMP, DNS and TCP monitoring for devices that support it
  • Individual Link usage monitoring and graphs
  • Direct access to remote control tools for device management
  • Supports remote Dude server and local client
  • Runs in Linux Wine environment, MacOS Darwine, and Windows
  • Best price/value ratio compared to other products (free of charge)
More Info & Downloads:
http://www.mikrotik.com/thedude.php


#7 Chachazz

Chachazz

    Is GSF inventory

  • General Admin
  • 33,682 posts

Posted 21 January 2009 - 07:27 PM

Lansweeper - Free hardware and software inventory for windows networks

Lansweeper is a powerful freeware solution without any embedded ads to make a complete software, hardware, asset inventory of your windows network. No need to install a client on your workstations, all scanning is done through the use of WMI, fileshares and remote registry access. Use lansweeper with unlimited clients (no restrictions). One lansweeper service can handle over 10.000 clients (depending on your server specifications)

Lansweeper is scanning much more useful information than other programs:
  • User data User data, pictures, groups, logon times, ...
  • Hardware inventory All hardware information you could ever need
  • Software inventory All installed software, patches and available licenses
  • configuration All computer configuration information
  • windows All windows configuration information
  • Active directory All Active Directory user and computer details
  • Running processes All running processes
  • Registry keys Custom registry keys that you specify
  • Internet Explorer addons, bars, BHO's and activeX controls
Systems: Windows 2000/XP/Vista/Server 2003 & 2008

Information & Downloads:
Lansweeper
Download

Edited by TheSentinel, 04 June 2011 - 06:57 PM.
Broken links corrected


#8 Chachazz

Chachazz

    Is GSF inventory

  • General Admin
  • 33,682 posts

Posted 05 June 2011 - 06:48 AM

Winfingerprint is a Win32 MFC VC++ .NET based security tool that is able to Determine OS, enumerate users, groups, shares, SIDs, transports, sessions, services, service pack and hotfix level, date and time, disks, and open tcp and udp ports @ Sourceforge

Kismet is an 802.11 layer2 wireless network detector, sniffer, and intrusion detection system. Kismet will work with any wireless card which supports raw monitoring (rfmon) mode, and (with appropriate hardware) can sniff 802.11b, 802.11a, 802.11g, and 802.11n traffic. Kismet also supports plugins which allow sniffing other media such as DECT. Kismet identifies networks by passively collecting packets and detecting standard named networks, detecting (and given time, decloaking) hidden networks, and infering the presence of nonbeaconing networks via data traffic. Website: http://www.kismetwireless.net/

Vistumbler is a wireless network scanner for Vista. ------> WiFiDB is a database written in php to store Vistumbler VS1 files. Keeps track of total access points w/gps, maps to kml, signal graphs, statistics, and more. Supports Windows Vista and Windows 7. Website: http://www.vistumbler.net/index.html



#9 Chachazz

Chachazz

    Is GSF inventory

  • General Admin
  • 33,682 posts

Posted 05 June 2011 - 06:51 AM

Net Tools is a comprehensive set of (70 tools) host monitoring, network scanning, security, administration tools and much more, all with a highly intuitive user interface. It's an ideal tool for those who work in the network security, administration, training, internet forensics or law enforcement internet crimes fields. Net Tools is mainly written in Microsoft Visual Basic 6, Visual C++, Visual C# and Visual Studio .NET. Website: http://mabsoft.com/nettools.htm






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users