Results 1 to 9 of 9

Thread: Network monitor/scanner

  1. #1
    Join Date
    Jun 2008
    Location
    The Netherlands
    Posts
    297

    Default Network monitor/scanner

    Hello all,

    I am looking for a network monitor/scanner. With Nagios, I need to add devices myself, but I want to track those unknown devices. So I am looking for a Nagios-like tool that 24/7 scans the ranges of our wan and then report the results to a nice web based output. It doesn't have to do more then give the host name per found alive IP. All other stuff I can find out with other tools. It would be cool if it can remember, when an IP is dead, if the IP was alive the previous scan. If it does more it's a bonus.

    Current I am using Angry IP Scanner. That's good but I want it to run continuously, range by range.

    Any suggestions?

  2. #2
    Join Date
    Jun 2008
    Location
    Israel - Karmiel
    Posts
    33

    Default Re: Network monitor/scanner

    Not Sure if applies here, but you already tried Cacti?

    Cacti: The Complete RRDTool-based Graphing Solution

    Or maybe put the one that you are using in loop?

    But I think that have some kind of software scanning you network full time will put a unnecessary load into it.


    Cheers
    - OpenSuse 11 with KDE4.1 - Amazing!

  3. #3
    Join Date
    Jun 2008
    Location
    The Netherlands
    Posts
    297

    Default Re: Network monitor/scanner

    Thanks, I'll check it.

    Well, in the past I installed ZENworks for Servers a lot. You could set the network load. Basically most networks with about 1000-2000 devices took a day to scan if you didn't change it. The result was a nice tabel, and network view, with all devices. It also gave some info, but for more details you could configure snmp or use different tools.

    I don't care if it takes 2 days, just want to see devices I know are there but aren't in our IP documentation.

  4. #4
    Join Date
    Jun 2008
    Location
    Israel - Karmiel
    Posts
    33

    Default Re: Network monitor/scanner

    If you want only to see the undocumented devices, you could do a ping in all the network range (using fping) and after document the founded ips (this presuming yours ICMPs requests are not blocked by the firewalls)

    Cheers
    - OpenSuse 11 with KDE4.1 - Amazing!

  5. #5
    Join Date
    Jun 2008
    Location
    The Netherlands
    Posts
    297

    Default Re: Network monitor/scanner

    Indeed, that is what I have been doing now. But that's a periodic manual scan. What I want is to let someone else check the results of an automated scan. Preferably nice looking and readable instead of a txt file somewhere.

    The problem is, somehow people keep connecting devices to the network without adding them to the documentation. This goes from new network devices that aren't administrated by the IT department to users actually connecting NAS devices that act as MP3 servers or what not. Last week the department that controls all buildings installed new alarm installations that connect to the network for management. They didn't 'realize, uch...uch...' they needed to inform IT. They guy that installed it just pinged an address, on no reply he took it.

    So i want to keep checking the network for rogue devices, because obviously this company fails to follow instructions on how to keep this documented. But that's a different problem

    Perhaps I can make something with Python.

    Trust is good, control is better

  6. #6
    Join Date
    Jun 2008
    Location
    Frisco, TX
    Posts
    1,235

    Default Re: Network monitor/scanner

    On Thu, 2008-07-03 at 13:56 +0000, Ricochet wrote:
    > Indeed, that is what I have been doing now. But that's a periodic manual
    > scan. What I want is to let someone else check the results of an
    > automated scan. Preferably nice looking and readable instead of a txt
    > file somewhere.
    >
    > The problem is, somehow people keep connecting devices to the network
    > without adding them to the documentation. This goes from new network
    > devices that aren't administrated by the IT department to users
    > actually connecting NAS devices that act as MP3 servers or what not.
    > Last week the department that controls all buildings installed new
    > alarm installations that connect to the network for management. They
    > didn't 'realize, uch...uch...' they needed to inform IT. They guy that
    > installed it just pinged an address, on no reply he took it.
    >
    > So i want to keep checking the network for rogue devices, because
    > obviously this company fails to follow instructions on how to keep this
    > documented. But that's a different problem :s
    >
    > Perhaps I can make something with Python.


    Good.. I like people with initiative! Some other things you might
    be able to consider. You can use arpwatch on many networks (it
    does depend) to see the various "who has", etc messages... vs.
    using a heavy polling application, this is much more passive. When
    you see the new arp machine, then you can target that host with
    your scan. Just something to consider that might be useful.

    On the scan side, you can do some pretty nice scans with nmap
    and I believe the xml you can get from that tool is nagios
    friendly (if I recall).



  7. #7
    Join Date
    Jun 2008
    Location
    Cleveland USA
    Posts
    138

    Default Re: Network monitor/scanner

    You might want to give wireshark a look see. I currently use it on my wireless network at home and couldn't be happier. For monitoring a large network though, I don't know if it'll suit your needs.
    Unintentionally left blank...

  8. #8
    Join Date
    Jun 2008
    Location
    Israel - Karmiel
    Posts
    33

    Default Re: Network monitor/scanner

    Wireshark is a good one.

    But if you want to enforce that every new device should be advised to the IT department... Firewall is your answer.

    In one of my projects, is every thing locked, only the authorized ips can comunicate in the network.


    cheers
    - OpenSuse 11 with KDE4.1 - Amazing!

  9. #9
    Join Date
    Jun 2008
    Location
    The Netherlands
    Posts
    297

    Default Re: Network monitor/scanner

    Well I love Wireshark. But thats a sniffer. I don't think it would do what I ask here?

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •