Showing posts with label Tools/Utilities. Show all posts
Showing posts with label Tools/Utilities. Show all posts

Friday, July 15, 2011

Monitoring Your Internet Connection - Perhaps It's Easier Than You Think

We all live with those little "glitches" in our home networks.  Was one of the kids hitting Netflix, did my music downloads go into overdrive, or did my ISP decide to do a remote reboot of my DSL/cable modem?  It's certainly true that monitoring networking equipment can be a rather involved process, but every once in a while we stumble across something that makes it fairly easy for the typical home user.

Fluke Networks, a vendor of network analysis and troubleshooting equipment, offers quite a bit of educational material in exchange for the typical contact information.  As I was checking out their various goodies, I stumbled across their "Switch Port Monitor."  Now, it was designed for use in a LAN environment with enterprise-class switches, but it uses standard Simple Network Management Protocol (SNMP).  This means that SPM should also work fairly well with many typical pieces of ISP home equipment.  I pointed SPM at my DSL modem, let it gather a bit of data, and presto!  I was looking at a nice, clean, 10-second-update bandwidth report.

If your DSL/cable modem talks SNMP--and most of them do--this is worth the download.  You'll have to do a bit of research to understand (and differentiate among) the various interfaces on your device, but this one is well worth the effort.

Switch Port Monitor Download

 

Posted by at No comments:
Labels: , , ,

Wednesday, June 08, 2011

Celebrating World IPv6 Day at Home - Even If Your ISP Won't

OK, so I'm a networking geek - but many of you already knew that...

Today is World IPv6 Day, and many prominent websites are opening/premiering their websites to IPv6 traffic today.  I decided to play along, and to use my Ubuntu Linux system (a ThinkPad T41p) as the guinea pig.  Now, most folks working in the "home IPv6" world use a straightforward IPv6-in-IPv4 tunnel (as described, with a FREE tunneling service, in Dan York's excellent article), but--alas and alack!--my ISP (Windstream) does not yet support tunneling with their DSL modems.  Thanks to a reminder from my Twitter friend @sjsawatsky, I rediscovered Teredo, an IPv6/IPv4 technology created by Christian Huitema at Microsoft and codified in RFC 4380.  (You KNOW we can't talk about networking protocols without at least one RFC reference!)

In simple terms, a Teredo client uses IPv4 UDP to communicate with a Teredo server, which then pushes the traffic into the IPv6 Internet.  If one is lucky enough to have an IPv6-capable ISP, one might run their own Teredo server to handle IPv6 connectivity for an internal (e.g. home) network.  Since I'm NOT in that position, I had to rely on the stock Teredo client and a public Teredo server.  Thankfully, there's a Teredo port for Linux, and it's available for Ubuntu through the Ubuntu Software Center as "Miredo".  The only glitch in the installation was that the Teredo servers listed in default configuration file were either unavailable or swamped, so I switched over to miredo.remlab.net and connected easily to the IPv6 presences of Google, Facebook, and CNN.  Now, you may run into some DNS goofiness, since your no-IPv6-here ISP's DNS may not return IPv6 addresses to your queries, but I found that Firefox supports URLs with raw IPv6 addresses in square brackets, like http://[2001:200:dff:fff1:216:3eff:feb1:44d7]/ (If you've done your job right, that last link gives you The Dancing Turtle!)

So, it isn't too late for you to join in on the celebration of World IPv6 Day.  Those of you in the Windows world can get what you need from the Microsoft Technet link below, and non-Ubuntu Linux folks can get the Miredo source code from the second link.  One word of caution: Either of these techniques gives you a PUBLIC IPv6 address, so make sure that your security is up to snuff.  Other than that, enjoy!

Teredo Overview (from Microsoft)

Miredo : Teredo for Linux and BSD

 

Posted by at 1 comment:
Labels: , , ,

Friday, April 22, 2011

Today's Obscure Command You Should Know: netstat -s

There are any number of operating system (OS) commands that are VERY handy when performing initial troubleshooting or 'drilling down' on a suspected issue.  However, many of the most useful instances are either obscure commands or obscure options to well-known commands,  What?  You say that sounds like a good idea for a blog series?  Why, I think you're right!  Thus, it's time for today's obscure command!

Most of you have used the netstat command to check your current network connections from time to time, but the IP stack also keeps track of a (sometimes) dizzying variety of per-protocol statistics.  These are available to you via the -s option, and they can be an important indicator of "network problems."  The image to the right is a subsection of the Windows output for TCP/IPv4, but--depending upon your OS and the protocols installed--you can also gather the numbers for UDP, ICMP, and even protocols like GRE.  If IPv6 is installed, you'll see those statistics as well.

Now, keep in mind that these statistics are "since last boot," so you'll want to consider them something of a baseline for your investigations.  When I'm looking for intermittent network problems, I use a batch file (or shell script, or even a cronjob) to gather these on a regular basis, which may range from "every 5 minutes" to "once per hour," depending upon the nature of the problem under investigation.  You can then look for 'spikes' in a particular sample and correlate them to the timestamped log/debug entries made by applications or the OS itself (such as the Windows event log or /var/log/messages).  The tie-in to network packet analysis (e.g. Wireshark, Microsoft Network Monitor, et al.) is obvious...

Take a look at netstat -s - it may just bail you out of a jam one day...

Posted by at 1 comment:
Labels: , ,

Saturday, November 27, 2010

Gurubox: MRTG for Traffic Graphing

You never know when you might have to monitor a router or switch (or even your home network, right?).  MRTG has been around for quite some time, and has matured into a VERY good traffic monitoring and graphics package.  I've used it as a long-term (daily/weekly/monthly/yearly) tool for a NOC full of Cisco routers, and a dextrous hand with configuration can produce quality tracking for just about any SNMP-enabled network device.  In fact, my test for the Gurubox build is my home DSL connection, which is controlled by a SpeedStream 4200 DSL modem.  The build from source was absolutely painless. If you're looking for a quick-and-easy "network status" webpage, MRTG is the perfect tool with which to build it.

MRTG - Tobi Oetiker's MRTG - The Multi Router Traffic Grapher

 

Posted by at No comments:
Labels: ,

Monday, November 22, 2010

Gurubox: netactview - A Graphical Network Activity Viewer

During troubleshooting/debugging, it's always useful to know what network connections your system is making (or failing to make, as the case may be).  In the Windows world, I've long used Mark Russinovich's TCPView for this purpose, but I knew of no such tool for Linux.  Well, now there's netactview; it shows all UDP/TCP/UDP6/TCP6 activity and autorefreshes the list.  In a very nice addition for troubleshooters, it displays connections for 3 seconds after they are closed, giving you time to catch those "no answer" SYN_SENT or "I wasn't listening" SYN_RCVD TCP states.  This nice little package should be on every troubleshooter's system.

Net Activity Viewer

 

Posted by at 4 comments:
Labels: ,

Thursday, November 18, 2010

Gurubox: An Open-Source Java LDAP Browser

I've used Softerra's LDAP Browser for years; it's an excellent (free) tool, but it's only available for Windows.  For the Gurubox project, I needed a similar package for a Linux platform.  A little digging, and I found JXplorer; this LDAP-browsing tool originated with Computer Associates' eTrust Directory development team, but they've thrown it into the open-source world.  A quick install--plus a few pokes at a public LDAP server (I used directory.colostate.edu)--showed me that JXplorer is a great tool for the LDAP detective.  (Did I mention the 100-page user guide?  Or that it "just worked" on both Ubuntu and WindowsXP?)

If you work (or play) with LDAP, this one's worth a look.

JXplorer

 

Posted by at 2 comments:
Labels: ,

Monday, November 15, 2010

Gurubox: A "Sandbox" Laptop/Toolbox



I am often called upon to visit customer premises for purposes of debugging and/or troubleshooting.  Needless to say, my employer doesn't necessarily like the idea of plugging a "company laptop" into whatever network I may be visiting, and our customers' security folks don't necessarily like the idea of plugging anything "uncontrolled" into their network.  Thus, I'm working on something I'm calling "Gurubox"...something of a traveling toolbox for the network geek.
The basic idea is that I'm running as much open-source and/or freely-available stuff as possible, so that customers' security folks can audit this stuff to their heart's content without being exposed to any of my employer's private/proprietary stuff.  The platform (so far) is Ubuntu Desktop 10.10, and I've already installed:
  • Apache httpd 2.2.17 (HTTP server/proxy server)
  • dante 1.2.2 (SOCKS proxy)
  • squid 3.1.9 (caching proxy server)
  • Wireshark 1.4.1 (network capture/analysis)
  • kismet 2010-07-R1 (802.11 wireless network detector)
  • Zenmap 5.21 (GUI frontend to nmap - network auditing tool/port scanner)
  • Firefox 3.6.12
  • Chrome 7.0.517.44
  • Pidgin 2.7.3 (multi-service IM client)
The question is this - what would YOU add to Gurubox?
Posted by at No comments:
Labels: ,
Subscribe to: Posts (Atom)