Kerry's Network & Cisco Links

Here are a few Links to stuff I have found useful in my works a a Systems Engineer:

MRTG (Multi Router Traffic Grapher) & RRDtool (Round Robin Database)

MRTG and the RRDtool make a powerful combination for tracking network bandwidth usage and just about anything else that you can think of.

I run a MRTG installation monitoring Network gear and servers on 3 continents, it is invaluble for tracking useage and finding bottlenecks. I also monitor key Server information and use MRTG to send alerts. Her are a few links to get you started.....

MRTG
RRDTool
Routers.cgi a great RRDTool front end by Steve Shipway
How to use PerfMon and MRTG to monitor Windows Servers (NO SNMP Required on servers)
I"ve edited Paul Simmonson's getlog.pl script included above to allow for printing 2 values on one graph, useful if you have in and out values for a example mail server inbound and outbound mail. You can get the file HERE.

Monitoring free hard drive space on Windows servers using MRTG

I have written a PERL script for use in conjuction with the command line DIR command. Basically run the DIR command from a batch file and redirect the output to a text file then use the PERL script getdisk2.pl. I have tested it with NT4 and Win2k Servers.

Remember if you want to use threshold to send alerts they work sort of backwards, since you will want to send alerts on LOW traffic not HIGH (or in this case LOW disk space).

Also make sure the batch file has finished running before MRTG runs otherwise if it is writing the text file when MRTG queries it you might get disk space = 0 as an output.. Here are the other files I use in this process:
diskthresholdok.bat
diskthresholdlow.bat
diskthreshdata.pl
Free-Disk-Space.cfg

Packet capture and decoding:

Show Traffic - monitors network traffic on the chosen network interface and displays it continuously. It could be used for locating suspicious network traffic or to evaluate current utilization of the network interface.

Packetyzer™ is a Windows user interface for the Ethereal packet capture and dissection library.

Ethereal is a free network protocol analyzer for Unix and Windows. It allows you to examine data from a live network or from a capture file on disk. You can interactively browse the capture data, viewing summary and detail information for each packet. Ethereal has several powerful features, including a rich display filter language and the ability to view the reconstructed stream of a TCP session.

Port Scanning

Active Ports - easy to use tool for Windows NT/2000/XP that enables you to monitor all open TCP and UDP ports on the local computer. Active Ports maps ports to the owning application so you can watch which process has opened which port. It also displays a local and remote IP address for each connection and allows you to terminate the owning process. Active Ports can help you to detect trojans and other malicious programs.

Created on ... February 13, 2003