Freeware has long reigned as a go-to tool for network managers. Applications such as Ethereal, Multi Router Traffic Grapher (MRTG) and Snort provide an inexpensive means to monitor devices, traffic and security in even the largest networks.
More recently, freeware’s community-supported cousins -- open source applications -- have emerged to tackle many network-monitoring tasks at no cost to their owners. Such projects as Nagios and open source products from commercial vendors GroundWork Open Source, Hyperic and Splunk have been gaining ground in enterprise IT shops.
Here, a few network managers in the know share their latest free finds:
Network managers tracking down unauthorized IP addresses on their networks should check out this application developed by a member of Princeton University’s IT team.
DHCP_probe “attempts to discover DHCP and BootP servers on a directly attached Ethernet network,” according to its creator, Irwin Tillman of the Network Systems Group at Princeton University’s Office of Information Technology. The application sends out requests to DHCP servers on a network, and if a nonauthorized server answers the requests, the software will alert IT staff to the server’s existence.
Rick Beebe, manager of system and network engineering for ITS-Med, says the application addresses “a regular problem” at the Yale University School of Medicine in New Haven, Conn.
“Someone will bring a Linksys or Netgear wireless access point or an Apple AirPort in and put it on the network, so they can have wireless in the office. Only they plug it in backward and start sending IP addresses to a large part of the network,” Beebe says. “Usually [devices that] get those IP addresses appear broken, because the IPs aren't actually usable, or someone attempting to share files on their machine checks the box that says ‘share my Internet’ connection, [which produces] the same result.”
Last updated in 2004, DHCP probe was first developed to run on Sun Solaris and was ported to also run on Linux. Beebe finds its function useful, but says he is surprised it hasn’t been updated to be less version-dependent and easier to deploy -- considering the problem it solves.
“I find it hard to believe that we’re the only ones with this problem so I’m surprised there hasn’t been more development of it,” he says.
Bush, network administrator at Exactech in Gainesville, Fla., says he regularly browses SourceForge.net for applications that might address a nagging problem on his network. The fact that Password Safe has evolved to an open source project especially appeals to Bush. “I use the one-off [freeware] apps when I need them, but I’d much rather use an application that has a good support community behind it,” he says.
For its part, Password Safe was last updated in mid-February, currently in Version 3.0.6, and it allows users to keep their passwords securely encrypted on their computers. The passwords can be unlocked with a single combination. The free Windows utility uses the Twofish encryption algorithm, a free alternative to Data Encryption Standard (DES) and features an intuitive interface that lets users set up their password databases.
This free tool makes collecting Syslog entries from multiple devices easier for James Kritcher, vice president of IT at White Electronic Designs in Phoenix.
The freeware (a licensed version with more features is also available) “receives, filters, logs, displays and forwards Syslog messages and SNMP traps from such hosts as routers, switches, Unix systems and other Syslog-enabled devices,” according to its keeper, Kiwi Enterprises.
Kritcher says the software features a “nice GUI for managing entries” and provides trending information. The software can also perform SNMP trap and MIB parsing, and DNS caching of as many as 100 entries to enable fast lookups, the company says.
The software application monitors systems, servers and routers to keep IT managers up-to-date on potential performance and availability problems. Longtime Argus user Kerry Miller, network engineer at First Victoria National Bank in Victoria, Texas, says now he is updating his deployment to also monitor the gear supporting advanced IP applications, such as VoIP.
“We are still using Argus to monitor our systems, and we’ve been expanding it to routers and VoIP equipment at several new locations,” he says. “We also use MRTG to monitor traffic on some of our more critical routers.”
5. Zenoss Core
Bruce Meyer is taking advantage of the latest wave of open source software available from vendors for free. Customers can choose to pay for support packages from GroundWork, Hyperic, Splunk or Zenoss, but it costs nothing to use their freeware applications.
Meyer, director of network services at ProMedica Healthcare in Toledo, Ohio, says he has installed Zenoss Core 1.0 to update his network and systems monitoring and collect data to create historical and utilization graphs.
“We’ve been using an older version of Ipswitch’s WhatsUp Gold and Statseeker, but I’m exploring other options in my spare time,” he reports.
Zenoss Core 1.0 is software available under the Mozilla public license that can be used to monitor network devices, operating systems, applications, servers, environment and power supplies for health and availability. The agent-less system is available as a single download and uses industry standard protocols, such as SNMP and Syslog, to collect management data from devices. It also uses Windows Management Instrumentation (WMI) to gather data from Windows systems.
6. Tera Term
ProMedica Healthcare’s Meyer also recently tapped the Tera Term freeware application to aid in deployment of access points.
The free software for Windows enables its users to perform such actions as emulation, telnet connection and serial port connection. It hasn’t been updated in quite some time (the Web site lists 1999), but that didn’t stop Meyer from making the most of it in his IT shop.
“Just recently I’ve used its macro language to upgrade and configure about 100 Cisco 1200 access points,” he says. “It’s a well-known serial/telnet/SSH client, and it’s pretty advanced.”
Splunk last year made available a freeware version of its enterprise-data indexing and troubleshooting software. The product runs on Linux, Unix (including Solaris) and Mac OS X, and the freeware version offers users up to 500MB of data indexing per day.
Splunk Server searches for management data across logs, message queues, configuration files, SNMP traps and database transactions to more quickly correlate events that could be related to a failure -- and that network managers would typically have to search manually. For Yale’s Beebe, it saves time parsing through logs.
“It takes all of our various logs and stuffs them into a MySQL database. Then it provides a searchable/sortable Web interface to the data,” he says. “It is a lot easier than grepping through the log files by hand. And more importantly, it’ll give access to our non-Unix-savvy operators.”
Learn more about this topicManaging your net for next to nothing
07/25/06Open source automates college net security
05/22/06Network management goes open source
05/16/05Freeware and shareware help monitor nets