Natty Narwhal netbook: The ultimate network administrator toolkit

With a tiny laptop and the latest version of Ubuntu, you can be a netadmin ninja

By , ITworld |  Data Center, Linux, Natty Narwhal


Software to download

That's a mighty nice collection of networking utilities, but there are more that belong in your network admin toolkit. The following packages are all in the Ubuntu software repositories, so you can use your usual favorite installation method: Synaptic, apt-get, the Ubuntu Software Center, etc. This list is a comprehensive sampling, and there are dozens more. You'll find the complete list at packages.ubuntu.com. Load these up on your Natty Netbook and you'll be ready for just about anything.


Network discovery, monitoring, and exploration

Use these to test connectivity, discover who is on your network, find unauthorized servers, find redundant servers, and read what is going over your wires. Nothing needs to be a mystery, and you can see exactly what is happening on your network.

  • 2ping is a bidirectional ping utility for determining the direction of packet loss.
  • chaosreader is a multi-protocol network session tracer.
  • conntrackd replicates the status of the connections that are currently being processed by a stateful firewall.
  • cryptcat is a featureful netcat-like utility that encrypts its transmissions. It's excellent for debugging and network exploration<./li>
  • daemonlogger is a great packet logger and tap daemon for network security analysis.
  • darkstat is a packet sniffer that outputs statistics to a Web browser.
  • dhcp-probe discovers unauthorized DHCP and BootP servers.
  • dmitry is a network probe finds subdomains, uptime info, email addresses, port scans, and lots more.
  • ettercap is a powerhouse protocol sniffer and analyzer.
  • fping can ping multiple targets.
  • iptraf is a colorful LAN traffic monitor.
  • ifstat is a network interface monitor.
  • iftop monitors bandwidth usage.
  • kismet is an 802.11b wireless network sniffer. It's a must-have for wireless networks.

Kismet discovers local wireless networks.

  • kism3d is a 3D network display server which can be used as a 3D desktop environment.
  • knocker is a TCP port scanner.
  • wireshark is a sophisticated packet sniffer and analyzer.
  • cdpr is a Cisco discovery protocol reporter.
  • imsniff is an instant messaging sniffer and logger.
  • ike-scan discovers IKE (IPsec VPN Servers) hosts.
  • farpd is a fake ARP daemon that can claim unassigned LAN addresses.
  • ipwatchd can find IP address conflicts.
  • icmpinfo is a nice tool for decoding ICMP messages.
  • nmap will act as a network mapper, security auditor, perform host fingerprinting, and do lots more.
  • iw configures and displays wireless interface information.


Performance testing and monitoring

Your users probably pester you frequently with complaints that "the network is slow!" With these tools, you can see for yourself how well the packets are flowing, test server responses, find the bottlenecks, and verify that your SSL-encrypted Web traffic really is encrypted.

  • bandwidthd, bandwidthd-pgsql for graphing subnet traffic.
  • bing provides bandwidth measurement based on pings.
  • bmon is a bandwidth monitor that outputs results in HTML and ASCII.
  • echoping tests remote server performance.
  • ethstats measures network interface throughput.
  • flowscan provides network traffic analysis and visualization.
  • httping measures HTTP/S server performance.


Name services

DNS is still half-voodoo, and one typo in a zone file makes a disproportionately big mess. Use these tools to see abnormal traffic (which could indicate a misconfiguration or even an attack), test performance, and test server configuration.

  • bind9utils contains tools for checking a BIND server.
  • dlint is a DNS zone analyzer.
  • dns-flood-detector detects abnormally high nameserver traffic.
  • dnstop captures and analyzes DNS traffic.
  • dnstracer traces DNS queries to their source.
  • fpdns can tell you the versions of remote DNS servers.


Cisco, Juniper, Intel, ATM, and Infiniband tools

Linux and FOSS even offer nice tools for managing and monitoring spendy high-end snooty vendor gear.

  • atm-tools helps you set up, monitor, and tune ATM networks.
  • br2684ctl bridges ATM over Ethernet
  • c3270 provides a telnet connection to IBM mainframe.
  • dynagen is a Cisco 7200 router emulator.
  • dynamips is a Cisco 7200/3600/3725/3745/2600/1700 router emulator.
  • gamt is a serial-over-LAN client for Intel AMT.
  • ibsim-utils simulates InfiniBand fabric.
  • ibutils diagnoses and test InfiniBand networks.
  • gns3 is a graphical network simulator that configures Cisco and Junos devices.
  • vpnc is a Cisco-compatible VPN client.


Remote desktops and file sharing

These are mostly cross-platform so you can share files and printers on mixed networks, set up remote help desks, accommodate roaming users, and run secure remote graphical desktops -- all without getting dinged for silly terminal server and other gratuitous licenses.

  • krdc, vino, rdesktop, and vnc are all remote desktop connection clients.
  • samba-common, samba-common-bin, smbclient, and winbind are server and client files for Samba file shares, including diagnostic commands.
  • nfs-common and nfs-kernel-server provide network file shares server and client tools.
  • openssh-server is a secure shell server. Install this on all hosts that required secure remote connectivity


Miscellaneous tools

Again, there are some useful programs for odd jobs that don't fit into the other categories.

  • etherpuppet creates a virtual mirrored TCP interface (TUN/TAP).
  • 6tunnelis an IPv6 proxy for IPv4 applications.
  • aircrack-ng helps with 802.11a/b/g WEP/WPA cracking.
  • bridge-utils helps set up Ethernet bridges.
  • cutter closes TCP connections.
  • ebtables sets up, maintains, and inspects tables of Ethernet frames.
  • geoip-bin and geoip-database find the country of origin of any IP address or hostname.
  • grepcidr filters IPv4 CIDR addresses.
  • hping3 is a network smashing tool.
  • icmpush is an ICMP packet builder for controlled testing.
  • ipcalc and ipv6calc calculate and convert network addresses and subnets.
  • wakeonlan sends magic packets to wake up WOL-enabled hosts.


Go forth and administer your network!

Be sure to read the fine man pages! You'll also find boatloads of practical guidance in my own Linux Networking Cookbook. Editors willing and the creek don't rise, we'll follow up with some juicy howtos on using your nifty Natty Netadmin Netbook for specific network diagnostic and fixit tasks.

Carla Schroder is a regular ITworld contributor. Follow Carla on ITworld.

This article, "Natty Narwhal netbook: The ultimate network administrator toolkit," was originally published at ITworld. For the latest IT news, analysis and how-tos, follow ITworld on Twitter and Facebook.

Join us:
Facebook

Twitter

Pinterest

Tumblr

LinkedIn

Google+

Answers - Powered by ITworld

Join us:
Facebook

Twitter

Pinterest

Tumblr

LinkedIn

Google+

Ask a Question
randomness