Love it or hate it, nobody runs networks without TCP/IP somewhere in that picture nowadays. Here, we take a guided tour of some great toolbox elements—most of them free, but all of them fabulous—that IT admins and even power users will like and use regularly.
Anybody who works in IT these days can’t help but work on a network that’s running the Transmission Control Protocol/Internet Protocol suite, better known as TCP/IP. Though the protocol wars of the late 80’s and early 90’s attempted to combat this venerable suite with other alternatives, that war is over and TCP/IP (or IP for short) is and remains the only game on the Internet and on corporate and organizational networks. That means IT pros need internet protocol tools, and is why I collected a series of nonpareils that you are bound to find interesting and attractive (if not outright must-haves) for your own IP toolbox.
Because there are so many great tools out there, I simply introduce them with a brief description and links. All of these networking tools are worth getting to know, and I use most of them myself on a reasonably regular basis.
Some of the commercial offerings in this arena are pretty pricey—with price tags ranging from $250 and up—but all of them have deadly serious street credibility. Even in a period of tight budgets, and with not-inconsiderable costs involved, if you’re willing to sell those items to management, you can still probably get funding to buy them anyway. All of them include free trials, to help you make that case—when it comes to good tools, “seeing is believing” applies even to managers.
Meet the IP Toolbox All-Stars
To make it easier for you to steer around inside this story, here’s an alphabetized table of tools by name. You can follow links from these names to their blurbs, or you read this story from stem to stern.
|DNS Tools||NetScanTools||NetScanTools Pro||NetScanTools($)|
|LANSurveyor||SolarWinds($)||Whois||SystInternals/Microsoft and NetScanTools|
|Ping Sweep||NetScanTools||Win IP Config||PKostkov.com|
Note: ($) after the Provider name indicates this a commercial software package, whose license must be purchased for continued use.
NetScanTools: Free and Pro
I was first introduced to the NetScanTools in 2000 by the “queen of protocol analysis” herself, Laura Chappell, as we produced the first edition of our college textbook Guide to TCP/IP (now in a third edition dated 2006). Northwest Performance Software, Inc. is the company behind a set of freeware tools called NetScanTools Basic Edition that I’ll profile next, but those who want a more complete and capable IP toolbox should consider the $249 NetScanTools Pro offering a worthwhile way to stock up their holdings. There are lots of gems in the professional version, and even the basic edition is not without its stars. All of the following tools appear within a single framed interface in both versions, but the number and capability of the elements in the Pro set far outstrips that in the Basic set that follow next.
A nice way of grouping various basic DNS lookup functions together, these DNS tools include a simple DNS lookup (from host or domain name to IP address, and vice-versa), local DNS server lookup (WhoAmI?), and various local DNS checks.
Ping and Traceroute Tools
All of these tools make use of the Internet Control Message Protocol (ICMP) to perform various connectivity and intervening hop checks between a sender and a receiver. The Graphical Ping and (equally graphical) Traceroute tools are well worth getting to know. Here, the Graphical Ping is depicted.
A tool beloved of scanners and hackers alike, Ping Sweep systematically works its way through a range of IP addresses and reports only those it finds present on a specific subnet or network segment. Here, you can see I use a Private Class C address as defined in RFC 1908 on my home network. The two “empty addresses” are my D-Link edge router (…0.1) and WAP device (…0.150).
The Whois command returns information from DNS and domain registry database records for a supplied domain name, including the registrar and the related Whois server that provides the information. It also lists the authoritative name servers for a domain, as well as various status values and access date info. This tool is pretty helpful, as Whois implementations go, for those who’d rather not do it at the command line.
SysInternals TCPView and Whois Utilities
SysInternals is now part of Microsoft, but it’s still the brainchild of master Windows gurus Mark Russinovich and Bryan Cogswell, and home to some of the best free Windows utilities around. Though you can also find Windows internals, security, and lots of other tools via the SysInternals pages on the Microsoft Web site, these two IP focused offerings are good ones indeed (look in the Networking Utilities section).
TCPView shows all the TCP and UDP endpoints (socket connections that belong to some program or process on a Windows PC) including local and remote address data, the state of TCP connections, and the name of the owning process. It’s a kind of “Netstat on steroids” and presents more (and more readable) information than that venerable command-line utility. I use TCPView whenever I’m trying to understand what a PC is doing with, on, or to the network.
The SysInternals Whois implementation is a straightforward command line implementation that dumps the entire whois database record from the registrar’s Whois database record. For those who want fast, accurate access to this data it may be preferable to the more user-friendly NetScanTools version depicted in the preceding section of this story.
Win IP Config
Peter Kostov is a Berlin-based network system engineer who created a modern equivalent of the old graphical IP configuration tool known as winipcfg.exe (Windows 98/Windows 2000 vintage). His implementation goes beyond the original, and makes available through a single simple graphical interface what Windows Vista and Windows 7 deliver only through the ipconfig.exe command-line utility, or a dizzying array of Control Panel items.
Even if just for its interface-based IP information (shown in the next screenshot), this tool is more than worth the price of admission; it’s free, but still quite useful. It also shows IP host information, all open IP-based programming interfaces, the PC’s routing table, and complete Netstat information. Use the Report tab to grab all of this information in text form in a single cut’n’paste for later analysis or incorporation into a database.
Solarwinds IT Pro Pack: Engineer’s Toolset and LANSurveyor
With combined list prices of $3,385 ($1,390 for the Engineer’s Toolset, and $1,995 for the LANSurveyor package) available for under $2,030 through a special promotional bundle (coupon code PITPRO41), the Solarwinds best-selling tools have a formidable price but also a substantial discount. These two toolkits, bundled as the IT Pro Pack, together offer an astounding range of functionality. Thirty-day free trials are available for both items, so that members of the “try it before you buy it” and/or the “show it to management to get funding” clubs can knock themselves out with fully-functional versions for an all-too-short time.
The Engineer’s Toolset includes a comprehensive network performance monitor and a set of bandwidth gauges that you can set to report on utilization and availability for your WAN links. It also gathers SNMP data from members of your SNMP community and can gather and report on what it finds in a variety of interesting and useful ways. There’s also a real-time interface monitor to report on activity at key network connections, and a resource availability monitor to tell you what’s up and how it’s working at any given point in time. A syslog message tool can decode, send, or receive syslog entries and move them into or out of various storage repositories. There’s even a DHCP scope monitor that can report on the status and settings of all the DHCP servers on your network.
The LANSurveyor package also offers some interesting functionality. It can auto-discover and create maps of your networks, including devices, links, and topology, and create graphical representations in Visio formats (with or without that package’s SmartShapes support). LANSurveyor can also auto-detect and report on network topology changes, check for various kinds of regulatory compliance (SoX, HIPAA, PCI, and so forth) on your networks, and even act as or interact with a configuration management database (CMDB) for the hardware and software on your network. If you choose to purchase responder clients for other network nodes, LANSurveyor can even handle software distribution and deployment, remote access and management, and synchronize clocks across the whole network.
It’s really hard to do justice to these expensive-but-worth-it packages in a few short paragraphs of text. Entire books could be devoted to them (and have been, in the form of their user manuals and help files) without too much strain. Check out the free trials, and you’ll soon be scheming for ways to fund their purchase yourself.
Want more like this? Sign up for the weekly IT Expert Voice newsletter so you don’t miss a thing!