Reader favorites: 10 great free network tools
And a couple of the author's favorites
Our readers had several good suggestions for tools, but to round out your tool kit, here are a few more utilities I have found to be indispensable over the years.
Active Ports
Active Ports is a small utility designed to show -- in real time -- what processes have what ports open on a machine. The processes are linked by program, making this a very handy tool for discovering programs using network resources that might not be obvious.
There isn't much to Active Ports. Running it produces a window showing the active (open) TCP and UDP ports on the user's system. True, you can get most of this information via the netstat command, but the difference here is easily finding the program that opened the connection.
Active Ports does what many of these tools do: take information available elsewhere and present it in a format that is easily accessible and understandable -- two important considerations for a network administrator tracking problems.
Suppose you performed an analysis on your network with Wireshark because your Internet connection usage had suddenly spiked, and Wireshark showed that 95 per cent of your bandwidth was used by one machine on your network listening on a specific TCP port. Or perhaps you performed a proactive Nmap scan and found that several machines on your network were listening on a specific TCP port. You would need to know what process has opened that port to be able to solve the root cause of the problems. Running Active Ports on a machine provides that valuable information instantly.
Multi Router Traffic Grapher
I have written about Multi Router Traffic Grapher (MRTG) before, but it deserves mention here because it's such a useful program and is very popular among network administrators. There are other graphic monitor programs out there, but nothing beats this old standard.
MRTG, like most of these tools, is a program that provides a useful representation of data gleaned from standard sources. The most common MIB variable that is polled is interface traffic statistics, but any MIB variable can be graphed. MRTG requires a Web server, and default displays give one day, one week and one year statistics.
The methodology is simple: poll network devices every five minutes via SNMP for the desired variable(s) and then present data via a graph in a Web page covering three basic periods of time.
Using this data for traffic usage, for example, it's trivial to establish a baseline for "normal" traffic on your network and determine when perhaps you need to throw more money at bandwidth.
MRTG takes SNMP data and displays it graphically so baselines can be recorded, trends analyzed and anomalies detected not just in traffic flow but any aspect of a network device that has an SNMP MIB attribute.
Because MRTG presents SNMP data, any such data can be graphed. It's not uncommon to graph ambient temperature, CPU utilization or number of connected clients. The bottom line, if SNMP can report it, MRTG can graph it. Of course, because the data is displayed as an HTML page, it can be accessed from anywhere on the Internet, or standard controls such as .htaccess passwords can limit access to the data to authorized personnel.
Borderless corporate networks to shift focus to secure content management in Australia in 2009 2008-12-04 16:06:00+11
IDC Says Asia/Pacific Excluding Japan IT Market Will Remain The Bright Spot... 2008-12-04 15:04:00+11
AOC Launches 18.5” Widescreen Green 16:9 LCD Monitor in Australia and New Zealand 2008-12-03 15:30:00+11
Progress Software's Cure for Managing Services-based Applications 2008-12-03 14:42:00+11
EXCOM scores back-to-back award trifecta 2008-12-01 10:46:00+11
