|
Advance Network Tool & Network Security Uitlities
Link |
by
on 2010-07-27 04:52:41 (edited 2010-07-27 05:02:49)
|
|
I've been fun doing network stuffs. Sometimes I fool my friends using RAdmin and monitoring them stealthy if they doing some useless activities while on work or in an important task using other network monitoring tool. I'm also aware to monitor if someone was connected to my PC remotely but I can't even know what other PC's are doing in a network even a simple a file transfer sharing activities, print sharing, sending net message, or other malicious network activities. But, after some sort of funny stuffs I've done in my network topology, one came out of my mine, if the circumstances switches and twisted for some sort. For example, an "Evil Me" will go beyond what I'm doing, how can the "Good Me" will see what the "Evil Me" is doing in my network. I've just think this while transferring some files from my Brothers PC to my PC Anonymously, but with the consent of my brother. " So this is the question that I'll ask, can you suggest if there are any good and advance network monitoring tool that can view to you networked PCs and also view what is doing in the network (ex: copying files form one PC to another, printing from remote printer, downloading from internet, and others). " I know NETSTAT on DOS and TOP on Linux to monitor the IP that they're visiting, but it is lacking something also in terms on what they're doing in the network. RAdmin is good but it's only for computer remote control/monitoring. Some network monitoring I have was good to detect pings and signal transmission, but I need the information on what they're doing in a PC or in a network. I need suggestions or even command/codes that I can work on. You can also give discussions and ask questions about this matter. Thanks. |
|
Re: Advance Network Tool & Network Security Uitlities
Link |
by
on 2010-07-27 06:22:25 (edited 2010-07-27 06:23:42)
|
|
I can assume your computers are all connected to a domain? I'm a site admin for a certain school. While I maintain certain parts of the server, my main HQ is the one handling the rest Anyways, the domain uses a certain framework software, which was termed EASE agent and EMS Agent or so called the 'Green box'(due to the green box icon) from colleagues from other schools. From what my Sysadmin said, it monitors activities of all computers in the domain, including file transfers, what websites you're visiting and downloading from, which PC is hogging bandwidth, softwares you're using, disallow certain softwares, etc etc but the computers needs to have the agent installed. I'm thinking you're speaking of the same software no? |
|
Re: Advance Network Tool & Network Security Uitlities
Link |
by
on 2010-07-30 18:52:56 (edited 2010-07-30 18:59:19)
|
|
I'm always on a mobile status. Sometimes I use my laptop and try to connect to a wireless network in a Workgroup status and sometimes I use an available PC on a Workgroup/Domain. Our computers are connected though a domain and though a workgroup. Sometimes I use a PC inside a Workgroup to monitor everyone who are accessing in our domain (FTP Server or Internet Server). I usually use Linux in order to monitor some activities because it's much flexible and gives some good details than using a Windows OS. But if I monitor remotely each PC, I'm using Windows with the help of Network LOOKup with an Lookup Agent installed in each PC unnoticeable (especially if they doing some games or useless works in their computer during work hours). I rather want to don't use some kind of System Agent to monitor a Network activity or Monitor a single PC because this might give notice the users that they are being traced. Example in your example in EMS Agent, when the agent is active, the green box icon will appear giving a hint that they are being trace. Sometimes, they can use NETSTAT and they can see my IP in there while using the remote computer with an agent. I like Network LOOKup because even it has an agent, the computer who's monitoring the remote PC will not mark on the NETSTAT and doesn't give a icon mark in the taskbar. But the problem is I will install an agent in each PC. We're using DeepFreeze with a password and sometimes I even forgot the password of deepfreeze in each group and sometimes the other group of system admins knows only the password without consulting us. So It is disadvantage to install an agent while on Deepfreeze's Guard. That's why I like more a network monitoring tool that uses no agent system. My friend said to me yesterday that we want some more graph-like monitoring system with tags in each PCs regarding on what they're doing and where did they connected (ex. File Sharing, Remote Printing, Monitoring, and Pinging). We are sometimes don't use the primary or secondary domain servers to monitor. We simply use one PC in a workgroup or inside a domain that is available in order to monitor what someone are doing. Any System Monitoring that can you suggest even it is a Trial-Version that can we use? Modified: I also notice some of users who plays Cabal, Rohan, or any Massive Multiplayer Role-Playing Online Games that has an anti-hack system. This will disable the Agent of RAdmin, VNC, EMS, and other remote monitoring system that we have. It also disable the agent of Network LOOKup that we have but it gives message that there is an anti-hack system, that's why it only send us screenshots of the Remote PC every 15 Seconds. I just tested at home using my Workgroup setup PC's. Any System Monitoring that can you suggest even it is a Trial-Version that can we use? |
|
Re: Advance Network Tool & Network Security Uitlities
Link |
by
on 2010-07-31 01:16:12 |
|
Agent wise, the green icon will be displayed at the taskbar once you log in but it won't mention anything even if there's activity. But for a graphical one and no agent you mentioned...that's a toughie. I'm not sure if it would work for you, and I haven't tried it myself, but you can try wireshark. My one of my Sysadmins introduced this tool during a course a couple of months back. |
|
Re: Advance Network Tool & Network Security Uitlities
Link |
by
on 2010-08-06 17:53:54 |
|
I tested wireshark, it is better than NETSEND that I'm using. But the problem is, there is such a problem on workstation side. It can't detect outcomming and outgoing sites in Linux Workstation. But when I use the Domain Server as a monitoring unit, I just detect it with an Unknown OS mark. I think it might need an update or a sort of error in terms of OS detection. But it might good for Windows. My friend given me some sort of network monitoring also. It is called Ming Network Monitor. It some sort of the same as winshark, but less functionality. I also downloaded Solar Winds and OmniPeek Network Monitoring. What can you say about this monitoring tool anyway? Do you know any recomendation if any? |
|
Re: Advance Network Tool & Network Security Uitlities
Link |
by
on 2010-08-13 22:10:48 |
|
Okay, so I've tried Ming Network Monitor and like you said, it has less function but the interface was much more simpler. Solar Winds was okay, but a little too complicated for me, I'm still reading the manuals for now but it looks like a good tool. I haven't tried OmniPeel though. As for now, I don't really have any other recommendations other than Wireshark and the rest that you mentioned. Oh yea, currently I have a certain problem. Do you know if there's a way I could actually log in to a whole lab of PCs (40 to 120 of them) remotely? I don't want to use Remote Desktop or VNC. What I need is a script to run on one PC to command other PCs to log in using a certain account. Like the way you would boot up all PCs using wake on LAN or make copies of a certain file to computers using robocopy. I've been googling this for a week but all I get on Technet or google is VNC or Remote Desktop... |
|
Re: Advance Network Tool & Network Security Uitlities
Link |
by
on 2010-08-20 20:20:40 (edited 2010-08-20 20:26:01)
|
|
It is depends on the controller's PC. I think it is possible to remotely control 20 computers simultaneously using Radmin. If you try remote desktop, then you know it is hard to remotely controlled a PC from Internet or through WAN. But if you like a programs for that, I think it is impossible, except for Linux Systems. I've one script to do it to remotely login to my computer via internet. But I did it 2 years ago, so I forgot the synaptic program to be patch for that ^_^. Try to search on the KVM OpenSorce for Linux about that. If you're using a program to remote a certain PC, you need an server agent that is on standby in a particular computer. You can wake it so it can remotely function. All Remote Programs have those things. But if you like to remote PC by using a hardware, you can try a iKVM Switch that is capable of transmitting control and output signals through LAN/WAN. I use KVM Switch before, but it is hard to manage the Analog signals, sometimes have ground. But when iKVM arrived (I just try it in a Computer Out-Show Caravan in our country), it is the best than using a remote desktop program. It is connected like a KVM but it was connected through LAN, controlling a computer from it's mere IP. I just want to have one of those things, but it is not sold yet in our country. I hope also it comes up with a WIFI ^_^.. |