Network Tool Notes

Here is a brief collection of network-related tools and utilities that have been gathered in this past week.
Nmap Security Scanner for Linux/MAC/UNIX or Windows – latest stable version now at 5.51 and development version at 5.61. Changelog
PuTTY: a free telnet/ssh client – version 0.61 released a few months ago and 0.62 “pre-release” build also now available with some bug fixes. Spotted via ISC Diary post. 4 years is a long wait for a bump…
How to connect to a Wireless WIFI Network from the Command line in Windows 7 – Scott Hanselman – just because mixing WiFi and CLI is cool.  See also Scott’s Updated for 2011 – McDonald’s WiFi Guide with updates for Mac OS X Lion and Windows 7
Wireless Profile Samples – MSDN WiFi XML profile samples and info on the Netsh Commands for Wireless Local Area Network (wlan).
Wireless Network Profile – Backup and Restore – Windows 7 Forums – Tips on backing up restoring your WiFi profiles on Win7.
Wifi Network Backup Manager Utility – Shai Raiten – Small and easy tool to assist with the above processes if helps you a bit.
Network Stuff – A ton on specialized network tools bundled up in a single free utility.  Spotted in this BetaNetws post: Network Stuff: More Internet tools than you’ll likely ever use.  The developer offers a number of other interesting tools as well worth looking into – Dev Stuff
NorthWest Performance Software, Inc. – Network Freeware Tools – This company provides quite a collection of free network tools such as the following:

  • NetScanTools® Basic Edition – DNS Tools, Ping, Graphical Ping, Traceroute, Ping Scanner, Whois
  • IPv6ScopeFinder – Displays ScopeID, status, Interface Type, IPv6 & IPv4 addresses, Interface Name.
  • IPtoMAC – can find the MAC Address of any IPv4 device on the local network.
  • ENUMresolver – “A freeware program designed to query your default DNS for the ENUM NAPTR mapping between a telephone number and a SIP, H323, IAX2 or other URI. Use with VOIP systems to check your e.164 or freenum or other mappings. This program queries each default DNS assigned to your system using the e164.arpa or other root tree for the corresponding NAPTR records and displays them.” That’s pretty cool.

Peter Kostov’s software for networkers – amazing freeware collection.

  • IP Workshop Rel. 2 – Super Beefy IP calculation tool that should probably be in every network jockey’s saddle-bag. Bundles tools that include Subnet Mask viewer, nework calculator, Subnet Mask charting, and more.  Similar vendor freeware tools can be found from IP Subnet Calculator – WildPackets and the Advanced IP Address Calculator 1.1 – Radmin.  See also IP Workshop Release 1
  • Easy IP – Lets you save as many IP configs as you want for your system then recall/apply them as needed based on your network location. See also these related freeware tools from other vendors: NetSetMan – Network Settings Manager (more info here) and the TCP/IP Manager
  • CC PortReport  neat little tool that interacts with Cisco CatOS running Catalyst switches and provided information/documentation gathering on slots, ports, Vlans, opStatus, adSpeed, ifSpeed, Duplex, STFast, and Port Naming.
  • WinIPConfig – GUI tool for “ipconfig” type activities.

ostinato – Packet/Traffic Generator and Analyzer – Google Project Hosting – from the cross-platform project page “Ostinato is an open-source, cross-platform network packet crafter/traffic generator and analyzer with a friendly GUI. Craft and send packets of several streams with different protocols at different rates. … Ostinato aims to be “Wireshark in Reverse” and become complementary to Wireshark.“
Fluke Networks Freeware
Fluke Networks has a couple of freeware tools worth looking into. You need to register to download, however for two of the three of them I was able to find a direct download link with a little bit of extra Google searching. I think you can find them on some download hosting sites as well.
Fluke Networks – IP Inspector – free – Run a scan to find IPv4 and IPv6 devices and open TCP app ports on your network. Also reports hostnames and MACS for discovered devices. Exportable results and IP state changes can be monitored over time.  Found via this LoveMyTool blog post Free New IP Tool – The IP Inspector by Dan Klimke.
Fluke Networks – Switch Port Monitor – free – This tool lets you connect to and monitor network switches to pull and display switch statistics and performance. Aids in switch documentation and troubleshooting efforts.
Fluke Networks – Service Availability Tool – free – Verify service port status for servers, measure response times, run TCP trace routes, save for documentation.
Web-based Network Performance Testing Tools
Could have sworn I had recently made a post of a number of websites that can test network speed and quality. Guess I didn’t.

  • Pingdom Full Page Test – Test how fast a web-page loads. (via CyberNetNews)
  • WebPageTest.org – Website benchmark and optimazation tool
  • Stella – Website performance testing site.
  • WatchMouse – Test webpage loading perfomrance from 10 global locations (full tests limited to 5-per-day).
  •  M-Lab – Collection of specialized research tools for testing network performance issues.
  • Speedtest.net – The Global Broadband Speed Test – an oldie-but-a-goodie!
  • Pingtest.net – The Global Broadband Quality Test – great supplemental tool for Speedtest.net
  • Speakeasy – Speed Test – great alternative site to Speedtest.
  • Network Diagnostic Tool  – Test your connection speed and receive sophisticated diagnosis of problems limiting speed.
  • Glasnost – Test whether BitTorrent is being blocked or throttled.
  • Network Path and Application Diagnosis  – Diagnose common problems that impact last-mile broadband networks.
  • DiffProbe (coming soon)  – Determine whether an ISP is giving some traffic a lower priority than other traffic.
  • NANO (coming soon)  – Determine whether an ISP is degrading the performance of a certain subset of users, applications, or destinations.

From the Mandiant Labs
Mandiant Research Tool Release: ApateDNS – Just recently learned about this new Mandiant tool to help with malware analysis from a network angle. From the description:

It is a simple tool that acts as a phony DNS server that can log or manipulate DNS requests being made to it. Malware analysts typically use this to redirect beacon traffic from a guest virtual machine to the host system (or another virtual machine) to monitor beacon and/or communication channels using Netcat or a custom written C2 script. Forensic analysts typically use this tool to quickly extract DNS names from malware samples.
ApateDNS automatically sets up your Windows network configurations by attempting to determine the default route or current DNS settings. This is most useful when in a guest virtual machine since the default route is typically the host machine. As shown in the figure below, ApateDNS has found the default route in my virtual machine (192.168.239.1) and uses this IP address for any DNS request on my virtual host. The user may override this by specifying an IP address for DNS Reply IP.

MANDIANT ApateDNS Download Link

Now go get connected!