Uploaded by jasim2k

12 killer (and free) tools for network engineers

advertisement
12 killer (and free) tools for network engineers
1. Wireshark: Packet analyzer
The Wireshark analysis tool is a free and open-source program primarily used to capture and analyze
packets of data moving through a network. Wireshark was created back in 1998 by Gerald Combs, but don’t
let the age of Wireshark fool you, because it’s just as useful today as when it was created. Wireshark enables
network engineers to put network interface controllers (NICs) into promiscuous mode to observe most
traffic, even Unicast traffic which is not sent to a controller’s MAC address. All versions of Wireshark and the
source code are fully open source and can be downloaded for free.
2. Nmap: Network mapping
Nmap, short for Network Mapping, is a free and open source tool used for vulnerability checking, port
scanning and network mapping. It’s a powerful tool that is often able to discover hidden vulnerabilities in
networks that are missed by other programs. There is a large community that supports Nmap today,
including the original developer, Gordon Lyon. The tool, which anyone can get for free, is downloaded
several thousand times every week according to the community that maintains it. It’s available for
Windows, Mac and Linux.
3. Infection Monkey: Penetration testing
Infection Monkey is a continuous penetration testing tool designed for any size network. It comes loaded
with many advanced exploits and the ability to check for common security mistakes, such as weak
passwords. It can be deployed to hunt for general cybersecurity issues, and recently gained the ability to
examine whether zero-trust networking is configured correctly in enterprises that have implemented it. The
Infection Monkey program is available as a free download and the source code can be found on GitHub.
Anyone is free to modify the code for their own purposes.
4. iperf: Tests network connections
The iperf tool is designed to measure and test network connections across an entire enterprise. It can act as
both a client or a server, creating streams of data to test the throughput between two points. The data
streams generated can either be Transmission Control Protocol (TCP) or User Datagram Protocol (UDP).
It’s free to download and the source code is also available. It works with Linux, Unix and Windows networks.
[ Attend Virtual Summit on November 8 - CIO's Future of Cloud Summit: Mastering Complexity & Digital
Innovation – Register Today! ]
5. fprobe: Performance testing
The fprobe tool is generally used to sit at a specific point on a network and record data about traffic moving
through that point. It can be used to help locate functions that are eating up too much bandwidth or even
shadow IT that is generating traffic or performing functions that are not supposed to be allowed on the
network.
6. Cacti: Visualization tool
The Cacti tool was created as part of The Cacti Project by Ian Berry in 2001. It has two main functions. First,
Cacti provides a fully distributed and fault tolerant data collection framework. But it’s claim to fame is its
highly useful graphing component that can help users visualize complex data sets so that they can easily
see everything from traffic spikes to the times of day when cooling fans are running the hardest. Cacti can
be used both as a network monitoring tool or as a companion to other tools by providing a graphical
interface for their data.
7. Snort: Intrusion prevention
Snort is one of the best-known free networking tools available. Created in 1998 by Martin Roesch,
development has since been taken over by Cisco. Snort is a complete Intrusion Prevention System (IPS) that
uses rules to helps users define malicious network activity. Snort then uses those rules to find packets that
match those definitions and generates alerts when it does. Snort, which is currently up to version three, can
even be used to stop malicious packets, adding an automation component which is extremely advanced for
a free tool.
8. Aircrack-ng: For wireless networks
In addition to wired networks, technicians these days also need to make sure that wireless networks are
properly functioning, and Aircrack-ng is a tool to help with that. It’s actually a suite of tools including a
wireless detector, packet sniffer, WEP and WPA/WPA2-PSK cracker and an analysis tool for 802.11 wireless
LANs. It can be used to detect what wireless networks are operating in the vicinity, who is using them, and
how well they are protected. It can be downloaded for free.
9. OpenNMS: Network monitoring
OpenNMS is an open-source network monitoring platform that helps network engineers visualize and
monitor an enterprise of both local and distributed networks. OpenNMS offers comprehensive fault,
performance, traffic monitoring and alarm generation. And it is highly customizable and scalable. There are
two versions of the platform. Meridian is a paid product that comes with a subscription service to help
configure and run the tool, while Horizon is the free, community-based platform that anyone can download
and use. Horizon has all the features of the paid platform, but users will need to configure and use it to work
within their network.
10. SmokePing: Measures latency
SmokePing is an interesting tool that is designed to measure network latency and packet loss over time. It
does this by sending out pings at intervals and recording response times. It then places that data into an
interactive graph that shows latency patterns. Users can click anywhere on the graph to get information
about what was happening at that point in time, which can be helpful if users know their network is having
intermittent trouble, but not exactly when it is happening or why. It can be downloaded for free.
11. DBOT: Monitors the Slack app
Many network engineers use Slack to communicate with one another, or to get requests and orders from
users and administrators. It’s one of the most popular instant communication platforms being used today,
especially by technical people. But it’s important that Slack not become a vulnerability itself. To watch over
it, the DBOT tool, which is technically a bot, scans all URLs, files and IP addresses within a Slack installation
looking for malicious content. DBOT then directly warns users when it finds something like a file being
served from an IP with known malware. It is a free and open source tool that can be quickly added to any
Slack installation to provide an extra layer of protection.
12. Senzing: Data matching
The Senzing tool is somewhat peripheral to networking and security, but is useful enough in certain
situations. Senzing is able to find similarities and relationships within disparate databases. When used for
cybersecurity, it can find exposed personal information sitting on a network where it’s not supposed to be,
or it may be able to uncover multiple accounts owned by the same user by linking otherwise disparate
pieces of information contained in multiple places. Senzing is deployed as an API for most major platforms,
and is free to download and use to analyze up to 100,000 records. Users can then pay to analyze more
records if needed.
Download