3. Top free open source tools for network admins: KeePass
Oh the passwords! How many passwords do we have for all the various servers, switches, routers, and other network gear we have to manage? And when we have to change a password, we must be sure to notify all of the other people who have access to that equipment. A good password management system can save valuable time and spare you a lot of hassle.
Enter KeePass, an encrypted database program to store all of your usernames, passwords, access URLs, and more. You can restrict access to the KeePass database with a password, a key file, or both. The password database is encrypted with either AES or the Twofish encryption algorithm, and not as one contiguous file but in 256-bit chunks -- decrypting a single piece of data nets a cracker little or no useful data. Plus KeePass encrypts all the data in its database, not just the passwords, so your usernames, URLs, and other notes are safe as well.
You can create groups for password records to help organize the info if you have a lot of passwords to track. Groups can have subgroups, subgroups can have subgroups, and so on. A search function helps you quickly find the password record you need.
How do you share the KeePass database with coworkers who are running Mac OS X or some other version of Unix? No problem. KeePass is ported to Windows, Mac OS X, various Linuxes, and popular mobile phone platforms, including iPhone, Android, and BlackBerry. Because the KeePass database is stored in a single file, it's easy to distribute among your NOC team. Did I mention that KeePass is portable, needing no installation on Windows or Mac OS X? You can carry it with you on a USB stick or download it to a computer without leaving any unwanted registry entries or library files.
Already using another password manager? KeePass can import your existing password database in formats from a variety of programs such as Password Keeper, CodeWalletPro, and Password Agent. Other file formats are supported through KeePass plug-ins.
4. Top free open source tools for network admins: IPplan
We network admins must keep track of which IP addresses we have, which are in use, and which are available to be allocated to the systems administrators who always want yet another IP address for their servers. Are you tracking your IP addresses in an Excel spreadsheet? Well, stop! Get the benefits of using a real database with IPplan.
IPplan is not a generic spreadsheet or database application. It is tailored to tracking IP addresses, so it understands and enforces CIDR blocks. Each address record has support for contact info, hardware, DNS name, location, description, MAC address, NAT address tracking, and a generic "additional information" field. You can also upload a file to attach to the IP address record.
IP address records are organized into subnets (CIDR blocks), which are assigned to customers or autonomous systems. Subnets are further organized into network areas or ranges (supernets) within the customer hierarchy. Because IPplan is designed for use by ISPs, it works well for organizing enterprise addresses for companies with multiple locations and complex networks that use multiple AS (Autonomous System) numbers. If you decide to rework the subnets on your network, no problem. IPplan handles changes easily via its split and merge subnet functions, allowing you to split and merge subnets without losing any data.
You can import your existing IP allocation data via a CSV file upload. Alternatively, you can use an XML file created by Nmap to import addresses, or you can define the subnets yourself and have IPplan automatically fill in the DNS names for you. IPplan can import the DNS info via a zone transfer from your DNS servers.
You can set up multiple logins, so the entire network admin team has access to the IPplan database. You could even give the system administrators access to IPplan and require them to request IP addresses from you via the Web GUI.
IPplan is more than just an IP address tracking database. As you can see, you can also use IPplan to manage your DNS records, and IPplan implements "triggers" that allow you to run custom scripts based on actions taken in the Web interface.
Next page: Where to turn when things go haywire