IT Networking Tools

by ThomasMcKinlay

Network tools can be divided into three categories. Tools that capture network traffic, SNMP tools that monitor network performance and security testing tools. The security testing tools allow network managers to simulate attacks on their network devices to find potential vulnerabilities.

Packet Capture Network Analyzer

Wireshark captures and inspects packets.

Wireshark is a protocol analyzer that displays the detailed contents of packets. Use it to record an exact exchange of packets between hosts. Wireshark is available as a free download. See the Resources section.

Command Line Capture Tools

Command line tools can be cryptic.

The program tcpdump on Linux operating systems captures packets and optionally saves them in a file. The file can later be read by Wireshark to decode and help interpret the packets. This package comes with Linux distributions and is documented, as usual, by the Linux man system. Windump is a Windows compatible version of this program.

Other Packet Capture Tools

Many shades of management tools are available.

Other tools that perform packet capture include Kismet, which captures wireless packets. Ettercap captures LAN traffic. Dsniff focuses on capturing passwords from the network. Netstumbler captures wireless packets and runs on Windows and KisMac is a wireless capture tool for Macintosh. Another capture and monitor tool is Ntop, which focuses on monitoring network traffic volumes.

SNMP Network Management System

SNMP lets you keep an eye on your network.

Network management software ranges from free packages to professional high priced options. MRTG--Multi Router Traffic Grapher--is a free download for basic SNMP management. Commercial SNMP Managers are available starting at about $1,000. PRTG is a network monitoring tool available from Paessler that has both a free version and commercial version: SNMPc is availble from Castle Rock Computing and Orion Network Performance Monitor is available from SolarWinds.

Port Scanning Tools

Port scanning lets you know what doors are open.

Nmap is the most common port scanning tool. Good security requires knowing what the hackers know. In order to protect a network you must know what a hacker will see if he scans your firewall or hosts on your network. Nmap is included in many Linux systems although Windows versions are available. It is available as a free download from Insecure. See Resources for the link.

Penetration Testing Tools

Penetration testers will see if there is any way in.

Metasploit provides a framework for testing vulnerabilities at many security levels. This is a much more comprehensive penetration test tool. Through an Internet connection, it can automatically update the list of known vulnerabilities. It is available as a free download. See References.

Command Line Tools

Command line tools are tried and tested.

Many command-like network tools are critical for debugging and monitoring networks. To trace the path to a node on the network on Linux use "traceroute" or on Windows use "tracert." Add the -d option to the above command to avoid name lookups and speed up the command. To show open connections from a Linux Host use "netstat -t" or on Windows use just "netstat." To show the local host routing table use "netstat -r" or if you do not want to resolve numbers back into names use "netstat -rn."

Photo Credits

  • photo_camera bookbinding tools image by Steve Lovegrove from