5 Tools That Every Network Administrator Should Have

Every network administrator has their own set of tools that they like to use

on a daily basis to help them do their job. Here I list 5 tools I like most.

Network Analyzer - There

are actually to sniffer applications that I keep in my toolbox, WireShark and Capsa Network Analyzer. Each program can

satisfy my different needs,the difference is that Wireshark has more functionality when it comes

to filters. But Capsa Network Analyzer, from my point of view, is the user interface. It presents

the data in an extremely easy-to-read way, such that you don’t need to be a hard-core network

engineer to see what’s happening. and the pretty graphs will make me happy.

PuTTY - PuTTY is a very versatile telnet application for use when you spend a

lot of your day working on Cisco equipment. PuTTY allows a number of different ways to connect to

a piece of equipment including Raw, Telnet, Rlogin, SSH, and with the newest version of PuTTY

Serial connection. The newest Serial option becomes very handy for network administrators since

HyperTerm is no longer available with Windows Vista and you still need a serial connection for

new routers and switches. PuTTY is also very customizable and can be run from a USB drive without

installing anything onto the computer.

PumpKIN - PumpKIN is a free FTP server program that you can download and use

to host your computer as an FTP server. I use this program main for transferring Cisco images

back and forth from the switch or router to my computer. This program become very valuable when

you have a switch or router down that you need to get back up quick.

MAC Scanner Pro - Colasoft MAC Scanner Pro has some advanced features,apart from scanning MAC

addresses and IP addresses, the most pratical feature is that it allows users to export or print

the scanning results.

NetStumbler - NetStumbler was one of the first "Wardriving"

programs you could get to pick up other people's wireless networks. I use this tool on a regular

basis for the opposite reason, I want to be able to check for rouge access points on my network.

I simply use this little tool and walk around all of my offices and see what wireless devices pop

up. I have found a couple of employees who wanted to work out side or away from their office and

added a wireless AP so they could.

So those are 5 tools I believe every network administrator should have in their toolkit. For

their ease of use, small size, and versatility they made my top 5 tools.

How to Protect Your Network from Spam?

According to the July 2009 edition of the MessageLabs Intelligence Report,Spam remains a major

problem, In fact, it has reached up to 90%, some European countries are higher, up to 95%

Three main problems caused the bad situation.

• The use of automated tools: Spammers are used to use automated tools to
  
  generate email addresses based on domain name.


• URL-shortening spam: Currently, many social networking offers URL-shortening services to
  
  users, 6.2% spamming emails contains shortened URLs to mask unsafe destinations.


• International problem: Unlike we thought the souces of spam emails are outside United
  
  States, According to the static of July, at least, 86% of all e-mails sent in the US are
  
  spam.

Be a network administrator,what can we do to mitigate the effect of spam?

Well, there are two specific network methods you may take.

Traffic management

You'd better to install a network analyzer like Colasoft Capsa network analyzer in your network, that will

help you monitor network traffic especially SMTP traffic we more care

about in this article in real time,Traffic management entails reducing overall message volume by

relying on techniques that are implemented at the protocol level. Essentially,

unwanted senders are identified and their connections dramatically throttled using features that

are inherent to the TCP protocol. This allows incoming volumes of spam to be

slowed, allowing legitimate mail an opportunity to be processed and expedited by the mail

server.

This technique is obviously effective, but it is nevertheless useful to reduce the effect of

a DOS-style of e-mail flooding.

Connection management

Another method would be the use of connection management techniques. An example would be for

incoming SMTP connections from sources known for sending spam and malware to be immediately

rejected. The use of such blacklists can be done at the firewall level and could also include

open proxies or known botnets.

The obvious benefit of connection management is that mail servers do not even have to waste

processor cycles to deal with the incoming spam.

Do you have else methords? let's share our knowledge here!

Basic Network Troubleshooting Tips

Here you will learn network troubleshooting tips, fix tcp/ip errors, tcp/ip settings, internet connectivity errors, how to fix pc errors, lan connectivity issues, traceroute and ping commands. Whether your operating system is Windows or Linux network problems are likely to arise. Many times the network problems arisee due to improperly configured TCP/IP settings. Following is the basic checklist to identify and troubleshoot the basic networking errors.
1. First of all you should learn what stopped working server or client computer also see if the outage affecting the other computers or only one.


2. If you server stopped working you should inform the users of the server and you should start working on fixing the error.

3. If a single client computer stopped working or disconnected from the network, ask the user of that computer that what recent changes cause the server to stop working such as newly installed software or games, service pakcs, internet software, new hardware or any other thing.

4. Check the physical network connectivity. The most network problems arise due to the physical layers failure.

5. Check all the network cable connections. You can start at the NIC and check if the green light is blinking then check the hub and see if the computer is getting the link across the cable.

6. Get a cable tester to check the connectivity of the cables.

7. Finally start pinging the network both Windows and Linux have the PING command. You can use ping command in this way start > Run > cmd > type "ping" then IP address of the other computer.

How to Troubleshoot Connectivity problems

1. Use the ping command to test the basic connectivity. By using the ping command you can isolate network hardware problems and incompatible configurations. By using the path ping you can detect packet loss.

2. If you want to see the Ping's statistics then you ping -t command and press enter to continue and if you want to stop then press CTRL+BREAKTo watch Ping statistics, use the ping -t command. To see statistics and continue, press CTRL+BREAK. To stop, press CTRL+C.

3. If you remote system is across the delay link, such as satellite link responses may take longer.

4. Check the event logs for network card and other hardware and software configurations and connectivity related entries.

5. Check whether the NIC card is on the Microsoft Hardware Compatibility List (HCL).

6. Check other computers that use the same gateway and are plugged into the same hub or switch and if these computers do not show any network connectivity problem then the problem is on the only one computer.

7. Contact the vendor of each NIC and motherboard and update the BIOS.

8. Replace the network adapter of the system with the good configured system and see if the same error arise again.

Conclusion

As a network administrator, we need to learn about the Basic Network Troubleshooting solutions. Of course, there are many network analyzers in the market,such as Colasoft Capsa Network Analyzer, which can provide us with more advanced & easier network problems troubleshooting solutions. learn more about Colasoft Capsa Network Analyzer, please visit http://www.colasoft.com/capsa/.

This article is rewriten by Tammy Zhou from Colasoft.com, please read the original copy of this article here: Basic Network Troubleshooting.

Admin resource: Use the right tools to manage your network

To be an effective network administrator, you don't have to be a scientific genius. And you don't have to memorize a bunch of obscure facts about hardware and software. Instead, you need to know two things:

• Where to find the appropriate solutions to technology problems when they arise


• How to use the right tools for monitoring, troubleshooting, and managing the activities of the various systems on your network

We know TechRepublic is the biggest IT community, which provides kinds of sources you turn to for solutions when problems hit your network. To demonstrate that TechRepublic is worthy of being a solutions finder, here I've compiled a list of articles that discuss tools you can use to improve the management of your network.

• Test-drive: Colasoft Capsa network analyzer
  
  Having good insight to your network is critical. There are so many potential issues that can be going on that any additional tool can be welcome. This can include attacks, transmissions and applications without encryption, or incorrect configurations bogging down the network.
  
  Recently, I had a chance to evaluate the Colasoft network analyzer or Capsa.
  
  
  
  


• Servers Alive is a valuable and inexpensive uptime monitoring tool"
  
  To handle a problem, you have to know that it exists. That's where a program such as Servers Alive comes in. It can e-mail, page, or call an administrator with an automated alert when a system goes down, a router fails, or a service goes offline.


• "Let Big Brother keep tabs on the health of your servers"
  
  Big Brother is another monitoring tool, but this one runs on Linux/UNIX (although it can monitor systems from other platforms). It's available free under an open source license.


• "PRTG makes it easy to monitor bandwidth"
  
  Bandwidth is an expensive and critical commodity for most organizations. PRTG (and its Linux/UNIX cousin, MRTG) allow you to keep a close eye on bandwidth utilization and quickly spot any potential problems.


• "Get two must-have network tools--for free"
  
  Here's a peek at two handy troubleshooting tools—HyperTrace and NetStatLive. Since these are small, easy-to-use, and free, there's no excuse not to try them.


• "Quickly manage systems over KVM with BgInfo"
  
  Most administrators who manage more than five or 10 servers usually have them loaded into a rack and access them with a KVM switch or remote access software. However, the more servers you have, the harder it can be to tell them apart—and making a configuration change to the wrong server can have disastrous consequences. BgInfo is a little tool that can help you set up desktop screens that allow you to quickly identify your servers.

Final word

Of course, this is not a comprehensive list of every tool you need to manage a network. It's just a sampling of the kinds of great tools that can make you more effective at spotting problems and getting them fixed in a timely fashion.

For more information, please visit:http://articles.techrepublic.com.com/5100-10878_11-5074896.html.

How to Troubleshoot ARP Attacks with Colasoft Capsa

For Colasoft Capsa you can get an easy use but advanced network traffic monitoring, protocol analysis and diagnosis view software. It is a specialist to help you solve LAN troubles.

ARP, because of its simpleness, fastness, and effectiveness, is becoming increasingly popular among internet raggers, thus causing severe influence to the internet environment.With Colasoft Capsa, we can quickly and accurately locate ARP source when ARP attack happens to the network, so as to ensure normal and reliable network operation.

We have four basic solutions to locate ARP attack with Colasoft Capsa:

View ARP diagnosis events in the Diagnosis View;

View ARP request and response packets in the Protocol View;

View original information of ARP packets in the Packets View;

View node information in the Endpoints View;

Solution one:

Diagnosis View is the most direct and effective place to locate ARP attack and should be our first choice. Its interface is displayed as picture1.

Picture 1 definitely points out that there are two kinds of ARP attack event, ARP Too Many Unrequested Response and ARP Request Storm, in the network, and the attack source is clearly given at the bottom. Meanwhile, Capsa will provide reasons of such ARP attacks and corresponding solutions.

Solution two:

The status of ARP packets are displayed in the Protocol View, like in picture 2. Here we must pay special attention to the value of ARP Request and ARP Response. The ratio of ARP Request and ARP Request should be approximately 1:1 under general condition. If there is a great difference between these two values, there may be ARP attacks in the network.

In picture 2 there are 3484 ARP Request packets but only 507 ARP Response packets, by comparing these two values, we can presume there are ARP attacks in the network.

Solution three:

Packet decoding information in the Packets View can tell us the original information of ARP packets, please look at picture 3.

(Picture 3)

By decoding ARP packets, we can find out the source and destination of the ARP packets, the function and the reality of these ARP packets.

Solution four:

Identify ARP attack in the Endpoints View. (See picture 4)

(Picture 4)

In the Endpoints View we can view the correlation of MAC address and IP address. Generally speaking, one MAC address shall have only one IP address corresponding to it. If one MAC address has multiple IP addresses to it, the condition may be:

1. the host with the MAC address is the gateway;


2. these IP addresses are bound to the MAC address manually;


3. ARP attack

So, the Endpoints View can also give us a hint to locate ARP attack.

In addition, the Matrix View allows us to see communication information between those hosts in the network, which helps us to fast identify abnormal conditions and locate the attack source.

(Matrix View)

Conclusion

ARP, as one of the most popular attacks in recent days, may cause severe problems to our network. How to fast troubleshoot ARP attacks is what every network administer concerns. Colasoft Capsa will greatly enhance network administrators’ capability to identify ARP attacks and protect the network from ARP attacks, so as to ensure normal network operation. Besides fast locating ARP attacks, Colasoft Capsa can also analyze network abnormities, locate failure nodes, enhance network security, evaluate and improve network performance.

Ten Reasons Make Network Sniffers an Essential Network Tools

No matter whether you are network administrators or IT managers, you should not be unfamiliar to the network analysis tool - network Sniffer, also known as a network analyzer, protocol analyzer or sniffer) which has been widely used by kinds of organizations, schools, enterprises, government institutions etc.

Maybe you are yet supirsed at why more and more enterprises, like IBM, Intel, Epson, Airbus, Ericsson etc, love to deploy network sniffer to their company’s network? OK, take a fresh coffee now, then look at the following problems, and ask yourself, as a network administrator or IT manager, if these issues are just what you have met?

Rushing from one network problem to another every day?

Have no way to judge if your network has been intruded?

Helpless collecting convincing information to submit your boss even if you have realized that your network system has been intruded.

No idea if current network usage is equal to actual need?

Know nothing of how many staffs are not killing their time by chatting with friends, browsing irrelevant webpage etc, but focusing on their job?

Yes, every question listed above has puzzled many network administrators, but no worry, network sniffer can easily help you out with its strong functions, here are network sniffer’s ten main uses.

* Analyze network problems

* Detect network intrusion attempts

* Gain information for effecting a network intrusion

* Monitor network usage

* Gather and report network statistics

* Filter suspect content from network traffic

* Spy on other network users and collect sensitive information such as passwords (depending on any content encryption methods which may be in use)

* Reverse engineer proprietary protocols used over the network

* Debug client/server communications

* Debug network protocol implementations

Currently, there are dozens of network sniffers in the market, some are very complex to use like wireshark, you must be versed in networking,; some are designed for common network administrators, such as Colasoft Network Analyzer, all- in-one & easy –to use, which are more and more accepted and welcome.