FRAMINGHAM (09/29/2003) - As with most companies, we have had our budget cut and have lost some personnel. I am concerned about knowing more about our network and what is going on than we do. On a limited budget what are some good tools that we can use to keep a finger on the pulse of the network?
-- Via the Internet
The first site I would recommend that you go to is www.insecure.org. There is a tools link on this site that lists the top 75 tools to use with watching and managing a network. A few of them are commercial and will cost some money but you will find that most of them are free. Most will run on Linux and a few on Windows.
Even if you aren't familiar with Linux, though, don't pass up these tools - Linux distributions such as Red Hat 9 are getting easier to install. Red Hat 9 can also be installed in text mode, which puts the minimum files on the drive, leaving more space for some of the tools you might want to try out. One thing that you will find with Linux is that some tools require you to compile them (the make command is used for this) before they will run. This is where Red Hat may be a easier starting point because it can use a "prepackaged" file called a .rpm. This is installed on the pc by using the rpm -I command line utility.
To keep these machines you are using for network monitoring or intrusion detecting from being attacked, I would recommend going through a hardening process to help prevent that from happening. Part of this process is turning off services that you don't need.
For Linux, one way of doing this is to go to www.bastille-linux.org, they have a tool that you can download to make this easier. For the tools running on Windows, you will want to make sure you are on the latest patches and have what services you can turned off. With either platform, I would suggest having some type of anti-virus software installed as an additional safety measure.
Ron Nutter, a Master Certified Novell Engineer and Microsoft Certified Systems Engineer in the Lexington, Ky., area, tracks down the answers to your questions. Send your questions to firstname.lastname@example.org.