Tag Archive for network monitoring

What Application Is Accessing Internet? Free Port Scanning Technique

Sometime, it is essential to know who is accessing internet without your knowledge and if anyone is using silent data transfer from your computer. Most of the firewalls are able to detect these kind of unnoticed internet transactions but there are simple ways to get an overview of all applications that have internet access.


TCPEye (Freeware)

TCPEye is free to download and has a simple but effective GUI. It gives you complete details of programs, apps that are accessing internet, path details, current state of the connection etc. details. A lightweight app that is quite easy to install and run. TCPEye gives details of all currently opened TCP/IP and UDP ports on your local computer. TCPEye also automatically marks with pink color for suspicious TCP/UDP ports owned by unidentified applications.


NETSTAT command

Both Windows and Linux support NETSTAT command which gives detailed information about the TCP/UDP port utilization.

netstat –a

The above command displays all connections and listening ports

netstat –b

Displays the executable involved in creating each connection or listening port. In some cases well-known executables host multiple independent components, and in these cases the sequence of components involved in creating the connection or listening port is displayed. In this case the executable name is in [] at the bottom, on top is the component it called, and so forth until TCP/IP was reached. Note that this option can be time-consuming and will fail unless you have sufficient permissions.

many variations of the command netstat are possible and best learned with help options on Linux and Windows.

For more, please check this blog.

How To Block Access To Specific Program Accessing Internet Without Firewall?

Windows comes with default firewall, we could add rules to block access to particular program not to have outbound or inbound access. Free firewalls such as Comodo Firewall and Zonealarm are good at blocking access to applications from accessing internet. However, Firewalls are heavy weight and not suitable all the time. There is a small utility that does exactly you are looking for.

A tiny app called NoNet can block selected app accessing internet without a firewall. A very neat and handy. Check it out here.

Top Free15+ network monitor utilities – alternatives to Microsoft Operations Manager

In the network and server administration world, you need to know what your network and servers are doing at every second of the day or else Sooner or later, you’re going to meet with disaster. Fortunately, there are a lot of good tools, both commercial and open source that can monitor your network environment.

Here is a list of best Free (and Open Source) Network Monitoring software tools that are highly recommended. These are active projects with a lot of Plug-In options to customize. This list is based on the original post by Paul Venezia at InfoWorld but some more players have been added.



  • ZABBIX – ZABBIX is an enterprise-class open source distributed monitoring solution designed to monitor and track performance and availability of network servers, devices and other IT resources. It supports distributed and WEB monitoring, auto-discovery, and more. Developed by Alexei Vladishev, ZABBIX includes support for monitoring via SNMP, TCP and ICMP checks, IPMI and custom parameters. ZABBIX supports a variety of real-time notification mechanisms, including Jabber.

  • Cacti – Cacti is an open source, web-based graphing tool designed as a frontend to RRDtool‘s data storage and graphing functionality. Cacti allows a user to poll services at predetermined intervals and graph the resulting data. It is generally used to graph time-series data like CPU load and bandwidth use. A common usage is to query network switch or router interfaces via SNMP to monitor network traffic.

  • Nagios – Nagios is a popular open source computer system and network monitoring software application. It watches hosts and services, alerting users when things go wrong and again when they get better. Nagios, originally created under the name NetSaint, was written and is currently maintained by Ethan Galstad, along with a group of developers actively maintaining both official and unofficial plugins. Nagios was originally designed to run under Linux, but also runs well on other Unix variants. Nagios is free software licensed under the terms of the GNU General Public License version 2 as published by the Free Software Foundation.

  • Ntop – Ntop is a network monitor that shows network usage in a way similar to what top does for processes. In interactive mode, it displays the network status on the user’s terminal. In Web mode, it acts as a web server, creating a HTML dump of the network status. It sports a NetFlow/sFlow emitter/collector, a HTTP-based client interface for creating ntop-centric monitoring applications, and RRD for persistently storing traffic statistics. Ntop is a top-notch network traffic monitor married with simple Web GUI. It’s written in C and completely self-contained; you run a single process configured to watch a specific network interface, and that’s about all there is to it. One of the main uses of Ntop is on-the-spot traffic checkups. Other Network monitors like Cacti, shows a collection of network links running in the red, it tells you that those links exceed 85 percent utilization, but it doesn’t you why. By switching to an Ntop process watching that network segment, You can quickly pull a minute-by-minute report of the top talkers and immediately know which hosts are responsible and what traffic they’re pushing.

  • Snort – Snort is a free, complete intrusion detection system that watches and catalogs network traffic, matching that traffic against predefined rules to monitor network segments for nefarious activity. In fact, it can do much more, since rules can be written to flag traffic that matches any criteria. If you want to check all IM traffic exiting the network that matches a specific internal product code name, that’s certainly possible, right along with standard rules that watch for port scans, virus activity, and so forth. Snort is mostly used for intrusion prevention purposes, by dropping attacks as they are taking place. Snort can be combined with other software such as SnortSnarf, Sguil, OSSIM, and the Basic Analysis and Security Engine (BASE) to provide a visual representation of intrusion data. In most networks, Snort can easily be built on a low-end desktop- or server-class system, depending on traffic levels. The basic rule sets are available for free from Sourcefire with registration, and rules updates are easily managed. And if you want to go with a supported solution, you can buy the official commercial counterpart from Sourcefire. In either case, Snort can quickly become an invaluable addition to any network.

  • Nedi – Nedi (Network Discovery) is powerful network management tool. NeDi can also help you in finding your device location in your network. This really helps and saves time otherwise telnetting and MAC lookup may take few hours you to figure out where the devise is actually located when you have a DHCP which is stray broadcasting! NeDi is a LAMP application that regularly walks the MAC address and ARP tables on your network switches, cataloging every device it discovers in a local database.

  • Ganglia – Ganglia is a scalable distributed monitoring system for high-performance computing systems such as clusters and Grids. It is based on a hierarchical design targeted at federations of clusters. It leverages widely used technologies such as XML for data representation, XDR for compact, portable data transport, and RRDtool for data storage and visualization. It uses carefully engineered data structures and algorithms to achieve very low per-node overheads and high concurrency. The implementation is robust, has been ported to an extensive set of operating systems and processor architectures, and is currently in use on thousands of clusters around the world. It has been used to link clusters across university campuses and around the world and can scale to handle clusters with 2000 nodes.

  • Munin – Munin is a network/system monitoring application that presents output in graphs through a web interface. Its emphasis is on simple plug and play capabilities. A large number of monitoring plug-ins are available. Using Munin you can easily monitor the performance of your computers, networks, SANs, and quite possibly applications as well. It makes it easy to determine "what’s different today" when a performance problem crops up. It makes it easy to see how you’re doing capacity wise on all limited resources. It uses the RRDtool (written by Tobi Oetiker) and is written in Perl. Munin has a master/node architecture in which the master connects to all the nodes at regular intervals and asks them for data. It then stores the data in RRD files, and (if needed) updates the graphs. One of the main goals has been ease of creating new plug-ins (graphs).

  • PandoraFMS – Pandora Flexible Monitoring System, is software solution for network monitoring. Pandora FMS allows monitoring in a visual way the status and performance of several parameters from different operating systems, servers, applications and hardware systems such as firewalls, proxies, databases, web servers or routers. PandoraFMS has remote monitoring (WMI, SNMP, TCP. UDP, ICMP, HTTP, etc) and using agents. An agent is available for each platform. It can also monitor hardware systems with a TCP/IP stack, as load balancers, routers, network switches, printers or firewalls. Pandora FMS has several servers that process and get information from different sources, using WMI for gathering remote Windows information, a predictive server, a plug-in server who makes complex user-defined network tests, an advanced export server to replicate data between different sites of Pandora FMS, a network discovery server and a SNMP Trap console.

  • OpenNMS – OpenNMS is a Java based enterprise-grade network monitoring platform developed under the open source software model. It consists of a community-supported, open-source project as well as an organization offering commercial services, training and support. The goal is for OpenNMS to be a truly distributed, scalable platform for all aspects of the FCAPS network management model, and to make this platform available to both open source and commercial applications.

  • Pancho (Abandoned) – Pancho is a Perl based project which allows network administrators to archive device configurations as well as make changes to these remote nodes through the use of SNMP and TFTP. Pancho is module based in the sense that support for new vendors may be written by users based on a template provided with the distribution and shared with the community via the Pancho Project website.

  • StorageIM – This is slightly off-topic as it mainly monitors your storage network like SAN. StorageIM is an open source monitoring and testing tool for storage systems and storage networks built around standards communities such as SNIA’s SMI-S and is designed for the IT vendor and end user communities. StorageIM is the first storage configuration and resource monitoring tool in the industry to be built with these rapidly emerging standards as its core. As a result StorageIM supports HBAs, Arrays, Switches, and tape libraries across vendor’s products with a high degree of interoperability and reliability.

  • SpiceWorks – Free network management software & IT community. Downloaded more than 1.4 million times.

  • OpenAudit – Open-AudIT now does software license tracking. Open-AudIT is an application to tell you exactly what is on your network, how it is configured and when it changes.

  • Munin – Munin is a networked resource monitoring tool that can help analyze resource trends and network issues.

Fololowing are some of the commercial Open Source Network Monitoring tools that can also be considered.

  • Zenoss – Zenoss delivers a single integrated solution that monitors everything from network devices to applications to virtual machines and their hosts. Supports a lot of OS, resources to monitor. Here is a list of what Zenoss can monitor.
  • Centreon – Network, Systems and Application monitoring. More information is here.
Related Posts with Thumbnails