____________________________
Reference Guide
Active Network Monitor
®
SmartLine Inc
Copyright ©2001-2004 SmartLine Inc. All rights reserved. Active Network Monitor is a registered trademark of SmartLine Inc.
1
____________________________
Contents
Using this guide........................................................................................ 3
1. Overview ............................................................................................. 4
1.1 General Information........................................................................... 4
1.2 Requirements .................................................................................... 5
1.2.1 Scanning Prerequisites................................................................... 5
1.3 Main Purpose .................................................................................... 6
2. Active Network Monitor ..................................................................... 7
2.1
2.2
2.3
2.4
2.5
2.6
Installation ......................................................................................... 7
Interface ............................................................................................ 8
Network Scan .................................................................................... 9
Open / Save / Export ....................................................................... 13
Compare Wizard ............................................................................. 15
Filtering Data ................................................................................... 20
3. Plug-ins ............................................................................................. 23
3.1
3.2
3.3
3.4
3.5
3.6
3.7
3.8
3.9
3.10
3.11
3.12
3.13
3.14
3.15
3.16
3.17
3.18
3.19
3.20
Overview ......................................................................................... 23
Computer Information...................................................................... 23
Devices (Windows NT/2000/XP/2003 only) ..................................... 23
Disks (Windows NT/2000/XP/2003 only) ......................................... 24
Display Information.......................................................................... 24
Global Groups (Domain controllers only) ......................................... 24
Hardware Resources....................................................................... 25
Hot Fixes and SP ............................................................................ 25
Installed Applications....................................................................... 26
Local Groups (Windows NT/2000/XP/2003 only).......................... 26
OS Information ............................................................................. 26
Performance Information (Windows NT/2000/XP/2003 only)........ 27
Ping.............................................................................................. 27
Printers (Windows NT/2000/XP/2003 only) .................................. 27
Processes (Windows NT/2000/XP/2003 only) .............................. 28
Security Patch Analyzer (Windows NT/2000/XP/2003 only) ......... 28
Services (Windows NT/2000/XP/2003 only) ................................. 29
Sharings ....................................................................................... 29
Trace Route ................................................................................. 30
Users (Windows NT/2000/XP/2003 only) ..................................... 30
Copyright ©2001-2004 SmartLine Inc. All rights reserved. Active Network Monitor is a registered trademark of SmartLine Inc.
2
____________________________
Using this guide
This guide assumes you're familiar with basic functions like click, right-click and doubleclick, and that you're familiar with the basics of the operating system you're using. Also,
we use the following conventions:
n
Italics for file names, paths, buttons, menus, and menu items.
n
Bold Italics for notes and comments.
n
Keyboard keys with a plus sign separating keys that you press simultaneously.
For example: press Ctrl+Alt+Del to restart your computer.
We strongly recommend to read this guide very carefully and thoroughly. It was
designed around the understanding that its users already have basic network
knowledge as well as the ability and know-how to install a Local Area Network (LAN).
Copyright ©2001-2004 SmartLine Inc. All rights reserved. Active Network Monitor is a registered trademark of SmartLine Inc.
3
____________________________
1. Overview
1.1 General Information
Systems Administrators are greatly assisted by powerful tools that remotely gather a
wide range of information from the client computers.
Active Network Monitor (ANM) from SmartLine, Inc runs under Windows NT/2000/XP
and allows Systems Administrators to gather information from all the computers (even
from the Windows 9x/Me computers) in the network without installing server-side
applications on these computers. It is the leading enterprise network monitoring solution
for corporate networks.
Active Network Monitor significantly reduces the total cost of network management in
enterprise environments by enabling IT personnel to monitor installed service packs and
hot fixes, services, devices, processes, installed applications, disks, shared resources,
hardware resources (IRQs, I/O, DMA and Memory), users, local groups, global groups,
and so on.
Active Network Monitor is a centralized network monitoring interface; so, to monitor the
entire network it can be run on only one computer.
Active Network Monitor provides the powerful technology of storing, comparing and
filtering received data. Administrators can make "snapshots" of the systems for future
comparison and notation of changes.
Active Network Monitor has a flexible plug-in based architecture that allows you to plug
in necessary modules on demand. Each module (plug-in) performs a task and displays
retrieved information in its own window. Active Network Monitor ships with a predefined,
constantly growing list of plug-ins.
Copyright ©2001-2004 SmartLine Inc. All rights reserved. Active Network Monitor is a registered trademark of SmartLine Inc.
4
1.2 Requirements
Active Network Monitor works on any computer using Windows NT/2000/XP and
Windows Server 2003. However, Systems Administrators are able to gather information
from the Windows 9x/Me computers too.
To use ANM, you must have a functioning local network.
1.2.1 Scanning Prerequisites
The following criteria must be met to ensure a successful scan:
When scanning your local machine:
§
You must be an administrator on your local machine.
§
The local machine’s Workstation service must be started.
When scanning a remote machine you must meet all the requirements for the
local scan above, plus:
§
You must have local administrative rights on the remote machine and be able to
logon to this machine from the workstation performing the scan.
§
File and Print Sharing must be enabled.
§
The NetBIOS (tcp139) or Direct Host (tcp445) ports must be accessible on the
remote machine.
§
The remote machine must be running the Server service.
§
The remote machine must be running the Remote Registry service.
§
The administrative shares (e.g. C$) must be accessible on the remote machine.
Special note regarding Windows XP and Simple File Sharing
When Simple File Sharing is enabled, remote administration and remote registry editing
does not work as expected from a remote computer and connections to administrative
shares (such as C$) do not work because all remote users authenticate as Guest.
Guest accounts do not have administrative privileges.
If you are running Windows XP Professional, go to the following Microsoft Knowledge
Base article to learn more about this feature and how to disable Simple File Sharing:
http://support.microsoft.com/default.aspx?scid=kb;en-us;304040
If you are running Windows XP Home Edition, Simple File Sharing cannot be disabled
so remote scanning will not work on this operating system.
Copyright ©2001-2004 SmartLine Inc. All rights reserved. Active Network Monitor is a registered trademark of SmartLine Inc.
5
1.3 Main Purpose
With Active Network Monitor Network Administrators can:
§
Use the growing list of plug-ins for gathering important information from the
remote computers;
§
Scan network computers by types (Server, Workstation, SQL Server, etc.);
§
Scan network computers by names (you can select computers either from the
network tree or load a predefined list from the file);
§
Save retrieved information into the project in the special folder or into the external
file;
§
Load previously saved information from the project or from the external file;
§
Export retrieved information into the MS Excel, CSV or TXT file;
§
Compare two previously saved projects or external files using special
simple-to-use Compare Wizard;
§
Save compare results to the external file;
§
Load compare results from the external file;
§
Export compare results into the MS Excel, CSV or TXT file;
§
Easily navigate through the compare results using special buttons;
§
And much more.
Copyright ©2001-2004 SmartLine Inc. All rights reserved. Active Network Monitor is a registered trademark of SmartLine Inc.
6
____________________________
2. Active Network Monitor
2.1 Installation
Active Network Monitor can be installed onto any computer running Windows
NT/2000/XP.
To install ANM just run Setup (setup.exe).
ANM installs to the directory of your choice. Setup tries to find an ANM installation and,
if one exists, Setup suggests you install ANM to the same directory. If a previous
installation does not exist, Setup suggests you install ANM to the Program Files
directory on the system drive (e.g. C:\Program Files\ Active Network Monitor). You can
either choose that or select another directory for installation.
After a successful install, you can run Active Network Monitor by selecting the Active
Network Monitor item from the Programs menu.
Copyright ©2001-2004 SmartLine Inc. All rights reserved. Active Network Monitor is a registered trademark of SmartLine Inc.
7
2.2 Interface
Active Network Monitor has a user-friendly, easy-to-use interface. All functions can be
accessed with either a mouse or keyboard.
In any window you can press the F1 button to get specific help.
The main window of ANM can be resized. ANM saves its size and position, and restores
these at its next startup.
ANM has a menu at the top of its main window. Many
functions are accessible through this menu.
To change the columns displayed in the plug-in’s
windows, click Select Columns in the View menu or
press the appropriate button on the Main toolbar.
To sort a data in any plug-in’s window, click the column
heading you want to sort by. To reverse the sort order,
click the column heading a second time.
The status bar displays the total number of scanned computers.
Copyright ©2001-2004 SmartLine Inc. All rights reserved. Active Network Monitor is a registered trademark of SmartLine Inc.
8
2.3 Network Scan
To open the Scan Network dialog, select Scan Network… from the File menu or press
the appropriate button on the Main toolbar. If the “Show this dialog at next startup”
checkbox is checked, the Scan Network dialog will open automatically each time Active
Network Monitor is started.
Please read the Scanning Prerequisites section of this manual to ensure a successful
scan.
There are three simple steps, which enable you to scan entire networks and gather
important information from the remote computers:
1. The first step is to select the computers to be scanned. Active Network Monitor
provides several flexible ways to scan network computers.
§
Network computers can be scanned by their types.
Each type represents all of the computers, which belong to this type:
·
·
·
·
·
·
·
·
·
Primary Domain Controller – a primary domain controller.
Backup Domain Controller – a backup domain controller.
Microsoft SQL Servers – any server running with Microsoft SQL Server.
Terminal Servers – any server where Terminal Services are running.
Stand Alone Servers – any server that is not a domain controller.
Cluster Servers – server clusters available in the domain.
Print Servers – any computer that is sharing print queue.
NT Workstations – any Windows NT/2000/XP workstation.
Windows 9x/Me – any Windows 95/98/Me computer.
Copyright ©2001-2004 SmartLine Inc. All rights reserved. Active Network Monitor is a registered trademark of SmartLine Inc.
9
There are two ways to choose the type of computers you want scanned:
§
·
Types - you select the network domain and then select types of
computers which must be scanned in this domain, or
·
Domains - you select the type of computer and then select network
domains where computers of the selected type must be scanned.
Network computers can also be scanned by their names.
There are two ways to scan computers by names:
·
Computers - you browse the network tree and select computers, which
must be scanned.
·
From File - you load a predefined list of computers from the external text
file and then select the computers, which must be scanned. A text file
must contain each computer’s name on separate lines and can be either
Unicode or non-Unicode. To open an external file, press the … button.
You can use the context menu, available by the right mouse click, to select/deselect
necessary items (computers types, domains, or computers).
2. The second step is to select the plug-ins, which will process the network computers
selected on the first step.
ANM loads the plug-ins on startup from the Plugins subdirectory, which is located in
the main Active Network Monitor directory.
Copyright ©2001-2004 SmartLine Inc. All rights reserved. Active Network Monitor is a registered trademark of SmartLine Inc.
10
A task for the computer is passed to each plug-in by ANM. The plug-ins perform the
tasks and return the retrieved information to ANM. Upon receipt of plug-in’s
information, ANM displays it in a separate window in the form of a tree.
To select/deselect plug-ins, you can use the context menu available by the right
mouse click.
3. The third and final step is starting the scan process. Press the Scan button to initiate
the network scan.
Right after the scan process is initiated, you can start to explore the information that
is already received from plug-ins. Because the scan process runs in a separate
thread, you do not need to wait until all computers are finished being scanned. You
can also perform other tasks in the Active Network Monitor interface. There are only
a few things which you cannot do while the scan is running – you cannot close
Active Network Monitor and you cannot run another scan process.
Copyright ©2001-2004 SmartLine Inc. All rights reserved. Active Network Monitor is a registered trademark of SmartLine Inc.
11
If, for some reason, you wish to abort the active scan
process, you can select Stop Scan from the File
menu or press the appropriate button on the Main
toolbar. The scan process will be aborted as soon as
a plug-in returns control to ANM.
If you need to supply alternative credentials for the target computer(s), highlight the
computer or network domain from the tree and use the Credentials sub-menu from
the context menu.
Credentials consist of a user name and password pair used to authenticate to
computers scanned. By default, ANM uses your currently logged on credentials to
automatically log in and scan the target computer(s). If the current logged in user
credentials do not have administrative rights on all of the target computers, you need
to enter alternate credentials. ANM will use these alternate credentials to
automatically login to the target computers. In all cases, credentials are stored with
encryption techniques and are not available by anyone except the user with
administrative privileges.
You may assign credentials to individual computers and/or to network domains. To
add credentials, use the Set item. To delete alternative credentials, use the Clear
item.
Credentials can also be supplied via the Credentials dialog. To open the Credentials
dialog, you can select Credentials. from the File menu.
Copyright ©2001-2004 SmartLine Inc. All rights reserved. Active Network Monitor is a registered trademark of SmartLine Inc.
12
2.4 Open / Save / Export
Active Network Monitor provides the powerful technology of storing received data. All
information that you receive from the plug-ins can be saved to the external files and
loaded into Active Network Monitor when you need it.
There are three ways to save and load data:
1. The handiest method to store received information is to save it as a project. When
you are saving data as a project, ANM saves each active plug-in’s window to a
separate file of its own format and places this file to the Project subdirectory. The
names of the project’s files are auto-generated and depend on the plug-in’s names
and the date and the time when the scan was started.
To save the data as a project, you can select Save
Project from the File menu or press the appropriate
button on the Main toolbar.
To load previously saved projects, you can select Open Project… from the File
menu.
The Open Project window has its own toolbar and context menu.
You can group saved projects by the date when they
were scanned and by the type of information they
contain. Select Group by Plug-ins or Group by Date
from the context menu or press appropriate buttons on
the Project toolbar.
To open a saved project, select it from the list and
press the Open Project button on the Project toolbar.
Using Ctrl and/or Shift you can select and open
several projects simultaneously.
Copyright ©2001-2004 SmartLine Inc. All rights reserved. Active Network Monitor is a registered trademark of SmartLine Inc.
13
2. Another way to save scanned information in the format of Active Network Monitor is
select Save As from the File menu. This enables you to save a file of ANM type to
any place on your hard disk or any other media with any name you choose.
To load previously saved files, you can select
Open… from the File menu or press the appropriate
button on the Main toolbar. You will need to specify a
file you wish to open. You can load files of ANM’s
type only.
3. If you need to pass scanned information to an external application, you can export it
into the text file and then import it to this application. To export data into the text file,
select Save As from the File menu and then select the file’s type from the Save as
type combo box. Active Network Monitor supports the export into MS Excel and two
formats of text files – Tab Delimited (TXT) and Comma Delimited (CSV).
If you export scanned information into the text file, you will not be able to load it to
Active Network Monitor because Active Network Monitor can open and load only
files of its own format (ANM). However, the export into the text file is useful when
you wish to exchange the data between Active Network Monitor and other
applications.
Copyright ©2001-2004 SmartLine Inc. All rights reserved. Active Network Monitor is a registered trademark of SmartLine Inc.
14
2.5 Compare Wizard
Active Network Monitor allows you to track changes on
the network computers by comparing two previously
saved projects. Tracking changes is important when you
administrate a wide range of computers in one network.
ANM provides a very useful and intuitive Wizard to
compare two ANM files. To open this Wizard, select
Compare… from the File menu.
There are three simple steps, which enable you to compare two files using Compare
Wizard:
1. The first step is to select the files you wish to compare.
Select the first file and then select the second file by pressing … buttons.
Please note that you can compare files of the same type only. For example, you
cannot compare information received from the Processes plug-in with information
from the Services plug-in.
When you have selected two files, press the Next button to go to the next Wizard’s
page.
Copyright ©2001-2004 SmartLine Inc. All rights reserved. Active Network Monitor is a registered trademark of SmartLine Inc.
15
2. The second step is to select the columns you wish to include in the compare
process.
Active Network Monitor compares only those columns, which you have selected. If
you need to exclude one column from the compare process, you have to move it
from the Included columns list to the Excluded columns list. Excluded columns will
be visible in the compare result but the values they contain are ignored and don’t
affect the compare result.
By default, the compare result contains only records, which are different in the two
files being compared. If you would like to see all of the records (even unchanged
records), you can clear the Show changes only checkbox.
To include names of the network domains in the compare process, you can clear the
Ignore domains checkbox. When the Ignore domains checkbox is checked, ANM
ignores domains and only compares computers and the information those
computers contain.
3. The third and final step is to start the compare process. Press the Finish button to
compare two selected files with each other.
Active Network Monitor displays the compare result in a separate window in the form
of a tree exactly as it displays information received from a plug-in during network
scan.
Copyright ©2001-2004 SmartLine Inc. All rights reserved. Active Network Monitor is a registered trademark of SmartLine Inc.
16
The algorithm of comparing is very simple and effective:
§
If the Ignore domains checkbox is cleared, the program enumerates network
domains in the two selected files and tries to find each domain in both the older
file and the recent file.
If the domain exists in the older file but does not exist in the recent file, ANM
inserts the missing domain (along with all the computers contained in that domain
as well as the information in those computers) into the comparison result and
then writes all those records in red.
If the domain does not exist in the older file but exists in the recent file, ANM
inserts the missing domain (along with all the computers contained in that domain
as well as the information in those computers) into the comparison result and
then writes all those records in green.
If the domain exists in both files, ANM enumerates all the computers the domain
contains (see below).
§
If the Ignore domains checkbox is checked, ANM ignores domains and
enumerates all the computers in the two selected files and tries to find each
computer in both older and recent files.
If the computer exists in the older file but does not exist in the recent file, ANM
inserts the missing computer with all information it contains into the compare
result and writes all these records in red.
If the computer does not exist in the older file but exists in the recent file, ANM
inserts the missing computer with all information it contains into the compare
result and is writes all these records in green.
If the computer exists in both files, ANM enumerates all the information it
contains (see below).
Copyright ©2001-2004 SmartLine Inc. All rights reserved. Active Network Monitor is a registered trademark of SmartLine Inc.
17
§
Active Network Monitor enumerates all information for a computer and tries to
find each record in both older and the recent file.
If the record exists in the older file but does not exist in the recent file, ANM
inserts the missing record into the compare result and is written in red.
If the record does not exist in the older file but exists in the recent file, ANM
inserts the missing record into the compare result and is written in green.
If the record exists in both files, ANM starts comparing each included column for
this record:
·
If the column’s values for the older and the recent files are different, ANM
inserts both records in the compare result. The record from the recent file
comes right after the record from the older one.
The column that belongs to an older record is highlighted red. The column
that belongs to a recent record is highlighted green.
All excluded columns and columns with equal values are not highlighted
and written in the default color.
·
If all record’s columns for the both files contain equal values, Active
Network Monitor either skips this record (the Show changes only
checkbox is checked) or inserts this record into the compare result and
writes it in the default color (the Show changes only checkbox is cleared).
If you wish to compare two files, which were saved as
projects, it is a good idea to use the special feature of the
Open Project window.
Select Open Project… from the File menu, highlight two
projects you would like to compare (use Ctrl or/and Shift to
highlight two projects simultaneously) and then select
Compare… from the context menu or press the
appropriate button on the Project toolbar. Please note that
you may select only two projects and both projects must
be of the same type.
Active Network Monitor provides two buttons on the Compare toolbar, which
help you to easily navigate through the compare result. Press the < button to
highlight the previous record in the compare result that contains changes.
Press the > button to highlight the next record in the compare result that contains
changes.
You can also save the compare result to an external
ANM file or export it into MS Excel or the text file (TXT
and CSV). Select Save As from the File menu or press
the appropriate button on the Main toolbar to save or export the compare result.
Copyright ©2001-2004 SmartLine Inc. All rights reserved. Active Network Monitor is a registered trademark of SmartLine Inc.
18
As with any other ANM file, the saved compare result can be opened and loaded to
Active Network Monitor. To load the previously saved compare result, you can select
Open… from the File menu or press the appropriate button on the Main toolbar. You will
need to specify a file you wish to open. You can load files of ANM type only.
Copyright ©2001-2004 SmartLine Inc. All rights reserved. Active Network Monitor is a registered trademark of SmartLine Inc.
19
2.6 Filtering Data
Active Network Monitor provides very sophisticated data
filtering enabling you to narrow a scan or comparison result to
only those data complying to your specific conditions.
To open the Filter Data dialog, you can select Filter… from the
View menu or press the appropriate button on the Main toolbar.
Please note that the window with a scan or comparison result
must be active to use data filtering.
§
§
The Field column contains all the fields available in the scan or comparison result
that you want to filter. You can define the AND-OR logic for each field separately:
·
AND - includes only those records that comply with all defined conditions. For
example, Image Name = “explorer.exe” AND PID = 340 retrieves all data
where both the Image Name is “explorer.exe” and PID is 340. It does not
include data where the Image Name is “explorer.exe” and PID is not 340 or
where PID is 340 but Image Name is not “explorer.exe”.
·
OR - includes all records that comply with at least one condition. For
example, Image Name = “explorer.exe” OR PID = 340 retrieves all data
having one or both conditions, where Image Name = “explorer.exe” (no
matter what PID is) or where PID is 340 (no matter what Image Name is).
The Condition column contains a list of logical operations that can be performed on
a selected field. You can select only one logical operation for each field. Active
Copyright ©2001-2004 SmartLine Inc. All rights reserved. Active Network Monitor is a registered trademark of SmartLine Inc.
20
Network Monitor supports two groups of logical operations, those for string data and
non-string data.
Logical operations that can be performed on string data (target string being the
string you specify, e.g. “explorer.exe”):
·
·
·
·
·
·
·
Is (exactly) - selects only data having fields with strings that are identical to
the target string.
Includes - selects only data having fields with strings that include a defined
target string.
Is not - selects only data having fields with strings that are different from the
target string.
Not includes - selects only data having fields with strings that do not include
the target string.
Empty - selects only data having fields with empty strings.
Not Empty - selects only data having fields with strings that are not empty.
Regular expression - selects only data having fields with strings matching an
expression. The expression may contain wildcards.
If you want to narrow the search to the string's exact case (e.g. "Explorer.exe" is
different from "explorer.exe"), check the Match case checkbox. Otherwise, case is
ignored (e.g. "Explorer.exe" and "explorer.exe" are identical).
Logical operations that can be performed on non-string data:
·
·
·
·
·
·
·
Equal to (=) - selects data having field values that are identical to the defined
value (e.g. Memory = 3000).
Greater than (>) - selects data having field values that are greater than the
defined value (e.g. Memory > 3000).
Less than (<) - selects data having field values that are less than the defined
value (e.g. Memory < 3000).
Not Equal to (!=) - selects data having field values that are different from the
defined value (e.g. Memory != 3000).
Between (in) - selects data having field values that are between the two
defined values (e.g. Memory in 2000-4000).
Not Between (out) - selects data having field values that are outside of the
two defined values (e.g. Memory out 2000-4000).
Regular expression - selects only data having field values matching an
expression. The expression may contain wildcards.
If you don't want to perform a logical operation for a field, select Not defined from the
list of logical operations.
§
Value columns contain user-defined arguments. The second Value column is used
only when the Between (in) or Not Between (out) logical operation is selected. For all
other logical operations only the first Value column is needed.
After you define a filtering expression, press the Apply button to start the filtering
process.
Copyright ©2001-2004 SmartLine Inc. All rights reserved. Active Network Monitor is a registered trademark of SmartLine Inc.
21
You can save a filtered result in an external ANM file or
export it to a text file (TXT and CSV) or MS Excel. Select
Save As in the File menu or press the appropriate button
on the Main toolbar to save or export the filtered result.
As with any other ANM file, the saved data can be opened and loaded into Active
Network Monitor. To load a saved file, select Open… in the File menu or press the
appropriate button on the Main toolbar. Then specify the file you wish to open. You can
only load files that were previously saved by ANM.
Copyright ©2001-2004 SmartLine Inc. All rights reserved. Active Network Monitor is a registered trademark of SmartLine Inc.
22
____________________________
3. Plug-ins
3.1 Overview
Active Network Monitor has a flexible plug-in based architecture that allows you to plug
in necessary plug-ins on demand.
Active Network Monitor loads plug-ins on startup from the Plugins subdirectory located
in the main Active Network Monitor directory.
A task for the computer is passed to each plug-in by ANM. The plug-ins perform the
tasks and return the retrieved information to ANM.
Active Network Monitor ships with standard plug-ins, and are described below.
3.2 Computer Information
The Computer Information plug-in retrieves main information about the computer:
§
§
§
§
§
System - indicates the computer's type.
Processors - number of processors installed in the computer.
Speed (MHz) - processor's approximate frequency.
Processor Type - type of the processor (family, model and stepping).
Physical Memory (MB) - total amount of physical memory.
To use this plug-in for Windows 9x/Me computers, the Remote Registry service must be
installed.
3.3 Devices (Windows NT/2000/XP/2003 only)
The Devices plug-in retrieves information about the devices that are installed on the
computer:
§
§
§
§
§
§
§
§
§
Name - name of the device.
Internal Name - internal name of the device, used in the Windows NT/2000/XP
database of devices.
State - current state of the device, which may be: Started, Stopped, Paused,
Starting, Stopping, Continuing and Pausing.
Startup - type of the device's startup (Automatic, Manual, Boot, System or
Disabled).
Stop - if the device accepts the Stop control code (Yes/No).
Pause & Continue - if the device accepts the Pause and Continue control codes
(Yes/No).
Shutdown - if the device processes the Shutdown system event (Yes/No).
Type - the type of device (either Kernel Driver or File System Driver).
Path - fully qualified path to the device binary file.
Copyright ©2001-2004 SmartLine Inc. All rights reserved. Active Network Monitor is a registered trademark of SmartLine Inc.
23
§
Dependencies - list of services or service groups that must start before this
device can start.
3.4 Disks (Windows NT/2000/XP/2003 only)
The Disks plug-in retrieves information about the drives that exist on the computer:
§
§
§
§
§
§
§
§
§
Drive - letter that represents the disk.
File System - file system available on the disk (can be obtained for fixed disks
only).
Volume Label - disk’s label (can be obtained for fixed disks only).
Serial Number - unique disk’s number (can be obtained for fixed disks only).
Total (MB) - total disk’s size (can be obtained for fixed disks only).
Used (MB) - used disk’s size (can be obtained for fixed disks only).
Free (MB) - available disk’s size (can be obtained for fixed disks only).
% Used - used disk’s size in percentage (can be obtained for fixed disks only).
% Free - available disk’s size in percentage (can be obtained for fixed disks
only).
3.5 Display Information
The Display Information plug-in retrieves information about the display settings and
video card:
§
§
§
§
§
§
§
§
Adapter String - data the Video Adapter (video card) reports to the Operating
System (data such as the Video Adapter name).
Width (Pixels) - current display’s horizontal resolution.
Height (Pixels) - current display’s vertical resolution.
Color (BPP) - number of bits used to represent the color of each pixel (bits per
pixel).
Refresh (Hz) - current vertical refresh rate for the display (Hz). The refresh rate
for a monitor is the number of times the screen is redrawn per second
(frequency).
Memory (MB) - total amount of physical memory installed on the video card.
Chip - type of chipset the video card uses.
DAC - type of DAC (Digital-to-Analog Converter) the video card uses.
To use this plug-in for Windows 9x/Me computers, the Remote Registry service must be
installed.
3.6 Global Groups (Domain controllers only)
The Global Groups plug-in enumerates all global groups and their members for the
domain controller:
§
§
Name - name of the group or the user that belongs to this group.
Comment – any text comment for the group.
Copyright ©2001-2004 SmartLine Inc. All rights reserved. Active Network Monitor is a registered trademark of SmartLine Inc.
24
3.7 Hardware Resources
The Hardware Resources plug-in retrieves information about resource assignments and
possible sharing conflicts among DMA, I/O, IRQs, and Memory resources on the
computer:
§
§
§
§
§
§
§
§
DMA - information about the system's direct memory access. DMA transfers
data between system memory and hardware devices without passing it through
the CPU. The Resource column displays the DMA channel that is being used by
the device, which is listed in the Device column.
I/O - information about the communication channel among hardware devices.
The Resource column displays the resource that is used by an I/O device, which
appears in the Device column.
IRQs - information about interrupt request channels on the system, and indicates
which devices are assigned to each channel. The Resource column displays the
IRQ channel that is being used by the device, which is listed in the Device
column.
Memory - information about memory address ranges, which are being used for
communication between devices and the operating system. The Resource
column displays the memory address of the device that is listed in the Device
column.
Device - name of the device.
Resource - resource that is being used by the device.
Interface Type - type of the interface (Isa, PCI, Internal, Plug and Play, etc.) that
is being used by the device.
Internal Name - internal name of the device, used in the Windows NT/2000/XP
database of devices.
To use this plug-in for Windows 9x/Me computers, the Remote Registry service must be
installed.
3.8 Hot Fixes and SP
The Hot Fixes and SP plug-in retrieves Service Pack information and enumerates all hot
fixes that are installed on the computer:
§
§
§
Name - the Service Pack number or name of the Hot Fix.
Description - description (if any) of the hot fix.
Installed - the date and the time when the hot fix was installed (valid only for
Windows NT/2000/XP).
To use this plug-in for Windows 9x/Me computers, the Remote Registry service must be
installed.
If you would like to get more detailed information about the missed hot fixes and service
packs, use the Security Patch Analyzer plug-in.
Copyright ©2001-2004 SmartLine Inc. All rights reserved. Active Network Monitor is a registered trademark of SmartLine Inc.
25
3.9 Installed Applications
The Installed Applications plug-in enumerates all programs that are installed on the
computer:
§
§
§
§
§
Application Name - name of the installed program.
Application Location - full path to the program’s location (can be an empty string).
Publisher - program’s publisher/vendor (can be an empty string).
Uninstall - program’s uninstall command.
Installed - the date and the time when the program was installed (valid only for
Windows NT/2000/XP).
To use this plug-in for Windows 9x/Me computers, the Remote Registry service must be
installed.
3.10 Local Groups (Windows NT/2000/XP/2003 only)
The Local Groups plug-in enumerates all local groups and their members for the
computer:
§
§
Name - name of the group or the user that belongs to this group.
Comment – any text comment for the group.
3.11 OS Information
The OS Information plug-in retrieves main information about the operating system that
is installed on the computer:
§
§
§
§
§
§
§
§
§
§
§
Kernel Version - type of the OS's kernel (uniprocessor or multiprocessor, free or
debug/checked).
Product Version - the OS version (including major version, minor version, build
number and Service Pack number).
Installed - the date and the time when OS was installed.
Started - the date and the time when OS was started (valid only for Windows
NT/2000/XP).
Last Shutdown - the date and the time when OS was shut down last time (valid
only for Windows NT/2000/XP).
Registered Organization - registration information (if any) that was entered during
Windows Setup.
Registered Owner - registration information (if any) that was entered during
Windows Setup.
Product Id - serial number that was entered during Windows Setup.
System Root - the path to the directory where OS is installed.
System Partition - name of the active (boot) partition in the native format.
IE Version - version of Internet Explorer (including major version, minor version
and build number).
To use this plug-in for Windows 9x/Me computers, the Remote Registry service must be
installed.
Copyright ©2001-2004 SmartLine Inc. All rights reserved. Active Network Monitor is a registered trademark of SmartLine Inc.
26
3.12 Performance Information (Windows NT/2000/XP/2003 only)
The Performance Information plug-in retrieves main information about the operating
system resources:
§
§
§
§
§
§
§
§
§
§
Available Physical Memory - total amount of free memory that is available for use
(KBytes).
Commit Charge Total - how much memory allocated to programs and the system
is currently used (KBytes).
Commit Charge Limit - the maximal number of memory available for programs
and the system (KBytes).
Kernel Memory Total - total amount of memory used by the operating system
kernel and device drivers (KBytes).
Kernel Memory Paged - total amount of memory that can be copied to the paging
file, thereby freeing the physical memory (KBytes).
Kernel Memory Nonpaged - total amount of memory that remains resident in
physical memory and will not be copied out to the paging file (KBytes).
Processor Time - how much time the processor is working (H:mm:ss.ms).
Total Handles - total number of opened handles in the system.
Total Threads - total number of running threads in the system.
Total Processes - total number of running processes in the system.
3.13 Ping
The Ping plug-in sends the ICMP’s “ping”-command to the computer:
§
§
§
IP Address - IP address of the computer.
Time (ms) - computer’s respond time in milliseconds.
TTL - packet’s TTL (“Time To Live”).
3.14 Printers (Windows NT/2000/XP/2003 only)
The Printers plug-in enumerates printers (and their jobs) that are installed on the
computer:
§
§
§
§
§
§
§
§
Name - name of the printer.
Status - current printer’s or job’s state, which may be: Paper Out, Paper Jam,
Printing, No Toner, Paused, and so on.
Share Name/Owner - network printer’s name or name of the user that owns the
print job.
Comment - brief description of the printer.
Port - port used to transmit data to the printer.
Driver Name - name of the printer’s driver.
Print Processor - name of the print processor used by the printer.
Data Type - data type used to record the print job.
Copyright ©2001-2004 SmartLine Inc. All rights reserved. Active Network Monitor is a registered trademark of SmartLine Inc.
27
3.15 Processes (Windows NT/2000/XP/2003 only)
The Processes plug-in enumerates all processes that are running on the computer:
§
§
§
§
§
§
§
§
§
§
§
§
§
§
§
§
§
Image Name - name of the process's executable file.
PID - the process identifier.
Up Time - how long the process is running (H:mm:ss).
Processor Time - how much CPU time a process is using (H:mm:ss.ms).
Privileged - how much system resource is free for a process (%).
User - how much system resource is used by a process (%).
Memory - how much memory is used by a process (KBytes).
Memory Peak - peak amount of memory used by a process from the time the
computer was last started (KBytes).
VM Size - how much virtual memory is committed to a process (KBytes).
VM Peak - peak amount of virtual memory committed to a process, from the time
the computer was last started (KBytes).
Page File - the amount of virtual memory, or address space, committed to a
process (KBytes).
Page File Peak – peak amount of page file usage (KBytes).
Page Faults - the number of times data has to be retrieved from disk for a
process because it was not found in memory. The page fault value accumulates
from the time the process started.
Priority - priority of a process.
Handles - number of handles opened by a process.
Threads - number of threads created and used by a process.
Parent PID - the parent's process identifier.
3.16 Security Patch Analyzer (Windows NT/2000/XP/2003 only)
The Security Patch Analyzer plug-in performs security patch assessment for the
following operating systems and applications: Windows NT 4.0/2000/XP/Server 2003,
IIS 4.0/5.0, SQL Server 7.0/2000, MSDE 2000, MDAC 2.5-2.8, MSXML 2.6/3.0/4.0/5.0,
IE 5.01 and later, Exchange 5.5/2000/2003, Windows Media Player 6.4 and later,
Microsoft Virtual Machine and so on.
§
§
§
§
§
§
§
§
§
Product - the product affected by the patch.
Status - identifies the type of notice.
Bulletin - refers to the Microsoft Security Bulletin article that explains the patch.
Patch Name - the name of the patch’s executable file.
QNumbers - refers to the Microsoft Knowledge Base article that contains
information about the patch.
Title - the brief description of the flaw.
Reason - the reason why the patch was considered not found.
Included In - the name of the service pack (Cumulative Rollup package) the
patch has been included in.
Location - the link that can be used to download the patch.
To view extended information about a selected patch, use either the Properties item
from the context menu or double-click on patch's record in the list.
Copyright ©2001-2004 SmartLine Inc. All rights reserved. Active Network Monitor is a registered trademark of SmartLine Inc.
28
Security Patch Analyzer can determine which critical security updates are applied to a
system by referring to an Extensible Markup Language (XML) file (mssecure.xml) that is
continuously updated and released by Microsoft. The XML file contains information
about which security updates are available for particular Microsoft products.
When you run Security Patch Analyzer, the plug-in should download a copy of the
compressed XML file (mssecure.cab) and then decompresses the CAB file to the
ANM’s directory on your local computer. The machine must be capable of obtaining the
patch database XML file from a location on the Internet (via http).
To use this plug-in, the Microsoft XML Parser (MSXML) version 4.0 or later must be
installed on the local computer.
3.17 Services (Windows NT/2000/XP/2003 only)
The Services plug-in retrieves information about the services that are installed on the
computer:
§
§
§
§
§
§
§
§
§
§
Name - name of the service.
Internal Name - internal name of the service as used in the Windows
NT/2000/XP database of services.
State - current state of the service, which may be: Started, Stopped, Paused,
Starting, Stopping, Continuing and Pausing.
Startup - type of the service's startup (Automatic, Manual or Disabled).
Stop - if the service accepts the Stop control code (Yes/No).
Pause & Continue - if the service accepts the Pause and Continue control codes
(Yes/No).
Shutdown - if the service processes the Shutdown system event (Yes/No).
Type - the type of service (either Win32 Own Process or Win32 Share Process).
Path - fully qualified path to the service binary file.
Dependencies - list of services or service groups that must start before the
highlighted service.
3.18 Sharings
The Sharings plug-in retrieves information about the shared resources that are available
on the computer:
§
§
§
§
§
§
Share Name - the shared name of a resource.
Comment - a comment about the shared resource.
Share Type - the type of shared resource (Disk Tree, Print Queue,
Communication Device, Interprocess Communication and Special).
Path - the local path for the shared resource (valid only for Windows
NT/2000/XP).
User Limit - the maximum number of concurrent connections that the shared
resource can accommodate (valid only for Windows NT/2000/XP).
Connected Users - the number of current connections to the resource (valid only
for Windows NT/2000/XP).
Copyright ©2001-2004 SmartLine Inc. All rights reserved. Active Network Monitor is a registered trademark of SmartLine Inc.
29
3.19 Trace Route
The Trace Route plug-in sends the ICMP’s “ping”-command to the each node
(router) on the way to the computer and traces the packet’s path to this computer:
§
§
§
§
§
Hop - number of transitions.
IP Address - IP address of the node (router).
Time (ms) – node’s respond time in milliseconds.
TTL - packet’s TTL (“Time To Live”).
Host Name - node’s name taken from DNS.
3.20 Users (Windows NT/2000/XP/2003 only)
The Users plug-in enumerates all local users for the computer:
§
§
§
§
§
§
§
§
§
Name - name of the user’s account.
Full Name - full name (if any) of the user.
Description - any text comment for the user.
Disabled - if the user’s account is disabled (Yes/No).
Last Logon - the date and the time when this user’s account was used to login to
the computer last time.
Last Logoff - the date and the time when this user’s account was used to
successfully logoff from the computer last time.
Password Changed - the date and the time when the password for this user’s
account was changed last time.
Logons - number of successful logins to the computer for this user’s account.
Bad Passwords - how many times an incorrect password was specified during
login attempts for this user’s account.
Copyright ©2001-2004 SmartLine Inc. All rights reserved. Active Network Monitor is a registered trademark of SmartLine Inc.
30
