Top Internet / Networking Tools - NETSEC

Latest

Learning, Sharing, Creating

Cybersecurity Memo

Wednesday, September 20, 2017

Top Internet / Networking Tools

There are lots of useful sites which helps the troubleshooting procedures. I listed some common tools or websites used by myself. Please let me know what you are using and I would like to try them and add them into this list.


There are some other related posts in this blog:

Internet/Network Tools Portal


Ping – Shows how long it takes for packets to reach host
Traceroute – Traces the route of packets to destination host from our server
DNS lookup – Look up DNS record
WHOIS – Lists contact info for an IP or domain
Port check – Tests if port is opened on specified IP
Reverse lookup – Gets hostname by IP address
Proxy checker – Detects a proxy server
Bandwidth meter – Detects your download speed from our server
Network calculator – Calculates subnet range by network mask
Network mask calculator – Calculates network mask by subnet range
Country by IP – Detects country by IP or hostname
Unit converter – Converts values from one unit to another

Internet/Network Speed Test

Online Tools

Offline Tools:

IP Subnet Calculator



Network Monitoring Related


  • UptimeRobot
  • https://hetrixtools.com/ - blacklist check and monitor your IPs or Domains 
  • http://www.monitor.us - Free all-in-one IT systems monitoring from the cloud
  • Uptime Robot - It monitors your websites every 5 minutes and alerts you if your sites are down
  • Solarwinds Network Performance Monitor (Free Trial)
  • WhatsUp Gold (Free Trial)
  • Paessler PRTG (Free Trial)
  • OpManager from ManageEngine
  • Nagios Core and Nagios XI
  • Pandora NMS
  • Zenoss
  • Dynatrace
  • ConnectWise Automate
  • Zabbix
  • 听云 - 专业的应用性能监控平台 Alexa排名前100家企业有82家正在使用听云
  • simpleops.io - One site only for free account.


DNS and Domain Name Related



BGP Toolkit


Choose any one of servers by clicking the spot and it will bring you to this kind of link: telnet://route-views.on.bb.telus.com 

route-views.ab>show bgp paths 47102
Address    Hash Refcount Metric Path
0x666C2980 2421        0      0 852 3257 4436 23498 47102 47102 i

route-views.ab>sh ip bgp 199.xxx.xxx.0
BGP routing table entry for 199.xxx.xxx.0/24, version 82108513
Bestpath Modifiers: deterministic-med
Paths: (1 available, best #1)
  Not advertised to any peer
  852 3257 4436 23498 47102 47102
    154.11.98.17 from 154.11.98.17 (154.11.0.71)
      Origin IGP, localpref 100, valid, external, best
      Dampinfo: penalty 1304, flapped 4 times in 00:14:31


Public IP Address



Online Diagram Drawing Sites


  • https://www.draw.io/ : it supports to save diagram to all kinds of Internet online drivers. So far, I found it is best to make network diagram. It is completely free to use for any purpose, there is no premium pay-for functionality, watermarking, or other limitations. You own the content you produce with draw.io and may use it for any purpose, including commercially.
  • Gliffy :After trial, it is still free to use, but not able to create a new diagram. Existing diagrams will still be kept for editing. Gliffy marks all diagrams as public when a trial expires. Any diagrams created would remain in the account. Diagrams always remain in the account regardless of the status. Gliffy never moves or deletes diagrams. Free account have a limit of 2MB or 5 diagrams, but usually it is enough since you export to gliffy format to import it later. 
  • Lucid Chart. It can import /export visio format file. Free account will limit complexity to only 60 objects, three active documents, 25mb of Storage, not able to edit imported visio files, etc. 
  • http://asciiflow.com/
  • SmartDraw :  provides desktop version, not free. For Cloud , trial for only 7 days, no free usage. 
  • https://cloudcraft.co/ : Best for AWS diagrams. It also gives you a budget number for your AWS infrastructure. Please check this post.


Snmp tools



HTTP and HTTPS Check Tools




Email Diagnostic Tools


  • http://mxtoolbox.com/
  • hmailserver - is a free, open source, e-mail server for Microsoft Windows. It's used by Internet service providers, companies, governments, schools and enthusiasts in all parts of the world.


Proxy Sites


Remote Support / Online Meeting



Remote (SSH / Telnet) Access Tools



NTP Server




TCP/UDP Tools

  • TCPView is a Windows program that will show you detailed listings of all TCP and UDP endpoints on your system, including the local and remote addresses and state of TCP connections. 
  • The Process Explorer display details your computer's running processes in a more visual representation than the standard Windows Task Manager. 
  • RINETD - Redirects TCP connections from one IP address and port to another. 


Network Management



Log Management (Security Information and Event Management - SIEM)
  • IBM QRada SIEM, Juniper STRM (Rebanded from QRadar) - IBM QRadar Security Intelligence Smarter threat detection for smarter threats. IBM® QRadar® Security Information and Event Management (SIEM) empowers your security analyst to detect anomalies, uncover advanced threats and remove false positives in real-time. By consolidating log events and network flow data from thousands of devices, endpoints and applications distributed throughout your network, QRadar accelerates incident analysis and remediation. QRadar SIEM is available on premises and in a cloud environment.
  • Micro Focus (Former HP) ArcSight  ESM Solution - ArcSight ESM (Enterprise Security Management) collects security log data from an enterprise's security technologies, operating systems, applications and other log sources, and analyzes that data for signs of compromise, attacks or other malicious activity. If something malicious is detected, the product acts accordingly by generating alerts to security administrators or initiating an automated response to stop the malicious activity.
  • Syslog Collector - Solarwinds Kiwi Syslog , Juniper STRM  (Rebanded from Qradar), IBM QRada SIEM
  • TFTPD32 and 3cDaemon - Both has a internal Syslog Server feature.
  • LOGalyze
  • LOGStorm -My post: Installation Steps of LOG Storm Free Virtual SIEM Appliance
  • Loggly & Papertrail from Solarwinds Cloud Solution

Configuration Management - 


System Image Management - File Transferring 

Network Documentation

Network Access Control
  • Radius - TekRADIUS
  • Tacacs+ - Cisco ACS, Tacacs+

Network Performance Monitoring

  • Bandwidth Monitoring: PRTG, Inforblox NetMRI, Solarwinds NPM
  • Device Health Monitoring from Internal: PRTG, Solarwinds NPM
  • Flow Collector: PRTG, Solarwinds NPM
  • a netflow collector with a web frontend (nfsen, or the flowview cacti plugin)
  • a cacti or equivalent service to track/graph bandwidth usage on every trunk, WAN and Internet Access circuits, IP SLAs, Smokepings, ...



Lab Environment

Wireless

    • Fluke Networks - AirCheck Wi-Fi Tester
    • Cisco WLC
    • HP Aruba
    • Ubiquiti Unifi




    Before you click away to do some heavy network security reading, please leave a comment and share your favorite network and security tools so that I can add them to my list!

    2 comments:

    1. Hi,

      good tools mentioned here. Could you please fix the link to Meinberg NTP, there is some gibberish at the end of the linktext: ntp.html_RA&sig2=ovxYla8mzzDEHx7UN_HOlw
      thx

      ReplyDelete
    2. This comment has been removed by a blog administrator.

      ReplyDelete