Natty Narwhal Netbook: Ultimate Network Admin Toolkit

narwhal
You can be the coolest and best-equipped network administrator on the block with Ubuntu Natty Narwhal Linux on a netbook. Netbooks are lightweight and portable, have long battery life, and bright sharp screens -- and, thanks to Linux and open source, you can outfit your netbook with all the software network troubleshooting and fixit utilities you'll ever need.

[ Read ITworld's review of Ubuntu 11.04 and the accompanying image gallery | Sign up for ITworld newsletters ]

Hardware

Small laptops and netbooks make awesome network administrator's toolkits because they support wired and wireless network interfaces, deliver 6 to 8 hours battery life, and, like any PC have the flexibility to be configured however you like. Shop for your shiny new netbook carefully, because life is too short to fight with marginal hardware. You want rock-solid and dependable, not penny-pinching, minimally-speced, and flaky. I favor good reliable Linux vendors such as System76, ZaReason, and Emperor Linux. These shops are Linux experts that support Linux only. System76 offers a complete line of Ubuntu Linux netbooks, laptops, desktops, and servers. (I have a bad case of the wants for their Serval Professional laptop, billed as the world's most powerful Ubuntu laptop.) ZaReason sells netbooks, laptops, desktops, and servers, and offers a choice of Linux distributions. ZaReason builds their machines with open hardware, so they will run any Linux distro (or any other operating system, for that matter) without needing any special tweaks, and are upgradeable rather than disposable. Emperor Linux has a complete line of Linux netbooks, laptops, and tablets, including the rugged, military-speced Panasonic ToughBooks. All three offer customizations and first-rate service and support.

Dell and Hewlett-Packard also sell Linux netbooks, if you have the detective skills to find them and don't mind swatting hordes of "We Recommend Windows!" banners out of your way. Average Linux users can easily create and replicate customized Linux distributions for all kinds of workloads, such as servers, audio production workstations, locked-down laptops, special classroom spins, and so on. It puzzles me how the titans of industry make such heavy lifting out of Linux. But I digress. Let us now dig into tasty open source network administrator software for testing, troubleshooting, and fixing.

Ubuntu's Natty Narwhal

Now we get into the fun stuff. Linux and free/open source software have a long heritage of sophisticated networking capabilities and cross-platform interoperability. Dig under the fancy wrappings on most any commercial networking product and you'll find open source inside.

Linux supports pretty much all networking protocols, thought there may be the odd proprietary one that is not supported. Linux supports IPv4, IPv6, Ethernet, TCP/IP, Wi-Fi, HTTP/S, UDP, DNS, DHCP, SSL, SSH, UUCP, FTP, ARP, ICMP, EIGRP, OSPF, BGP, ATM, NFS, SMB/CIFS, and many more. A good many of these originated in the BSD Unix world, from FreeBSD, OpenBSD, and NetBSD. All networking operations should be standards-adherent and not some weird closed proprietary thingy whose only "benefit" is vendor lockin. If you are stuck with supporting some sort of odd proprietary protocol not supported in Linux, consider running it in a virtual machine, such as VirtualBox, QEMU, or VMWare, on your Natty netbook.

Linux also supports a large number of filesystems, including those found on Unix, Apple, and Microsoft systems.

Why use Ubuntu's Natty Narwhal? Sure, it's fun to say "Natty Netadmin Netbook," but won't any Linux work? Of course it will, and if you have a favorite, by all means use it. Natty sports the sleek new Unity interface, which is optimized for small screens. If Unity is not your cup of tea, then you can have classic GNOME, KDE 4, LXDE, XFCE -- just like any Linux, you can have whatever you want. You can have no graphical desktop at all and stick to the command line, or mix and match CLI and GUI any way you like.

Troubleshooting protocol

The key to figuring out networking problems without losing your sanity is to break them down into a basic troubleshooting protocol. Software problems are far more common than hardware problems, with misconfigurations and botched name services ruling the roost. As a general rule, and depending on the specific circumstances, first I test connectivity and then server availability. I usually start close and work outwards one step at a time, from PC to switch to router to server, or however the network is laid out. If those all check out, then I start looking at hardware. Working methodically and in a logical sequence saves much time and headaches.

Next Page: Included Software...


Natty Narwhal's baked-in software

There is a wide range of networking software included in the default Natty LiveCD image, so you don't have to install them. These break down into several useful categories.

Name services

* bind9-host helps with DNS lookups.

* dnsutils provides the dig DNS querying command, nslookup (deprecated DNS query), and nsupdate for dynamic DNS updates.

* isc-dhcp-client is a client for DHCP networks.

File transfer

* cifs-utils provides the SMB/CIFS protocol for cross-platform file-sharing with Unix, Mac OS X, and Windows.

* ftp is command-line file transfer protocol client.

* lftp is an advanced CLI FTP client that supports FTP, HTTP, FISH, SFTP, HTTPS, FTPS, IPv4, and IPv6, works in the background, and resumes interrupted transfers.

* mount displays and manages local and remote filesystems.

* rsync provides fast, efficient remote file copying.

* wget is a reliable HTTP and FTP file retriever.

Network and host discovery and connectivity

traceroute
* tcpdump is a powerful workhorse packet sniffer for most packet types and protocols.

* mtr-tiny is an ncurses traceroute tool that combines the functionality of the traceroute and ping programs.

* iputils-arping sends ICMP echo requests to an ARP address.

* iputils-ping is the good ol' ping command that tests to see if a network host is reachable.

* iputils-tracepath traces network paths to remote hosts.

* net-tools is a suite of networking commands, including arp, ifconfig, netstat, rarp, nameif, route, plipconfig, slattach, mii-tool, iptunnel, and ipmaddr.

* netcat-openbsd is a versatile tool that reads and writes data across TCP and UDP connections.

* iproute includes commands for networking and traffic control.

* telnet -- wait, really? Yes! It's insecure as it sends traffic in cleartext, but it's still a useful server diagnostic tool.

Hardware tools: Discover, configure, and manage hardware devices

* bluez, bluez-alsa, bluez-cups, and bluex-gstreamer are all Bluetooth utilities.

* hplip includes tools for Hewlett-Packard printers and multifunction printer/scanner/fax devices.

* cups, cups-bsd, cups-client all constitute a printing subsystem with query and test commands.

* ifupdown configures and control network interfaces.

* pciutils detects and identifies PCI bus devices.

* pcmciautils controls PCMCIA devices on laptops.

* parted takes care of disk partitioning and resizing.

* wireless-tools provides essential utilities for managing wireless interfaces.

* rfkill enables and disables wireless devices.

Security: Basic tools for secure network connections

* wpasupplicant is a client for WPA and WPA2 wireless networks.

* iptables provides packet filtering and network address translation.

* openssh-client is a client for connecting to SSH servers.

* openssl provides essential network cryptography and useful commands; one of the most important is s_server, which tests TLS/SSL on mail and other servers, and verifies encryption certificates.

A few miscellaneous (but important!) programs

* coreutils provides essential file, shell, and text commands.

* lsof shows what files have been opened by running processes.

* mobile-broadband-provider-info provides database of mobile broadband service providers in multiple countries.

* ppp and pppconfig supply dial-up networking capabilities.

* pptp-linux is a point-to-point tunnel protocol client.

* rdesktop is an RDP client for Windows NT/2000 Terminal Server.

* rsyslog provides an enhanced, reliable syslog over TCP and SSL/TLS.

Next Page: Sotware to add...


Software to download

That's a mighty nice collection of networking utilities, but there are more that belong in your network admin toolkit. The following packages are all in the Ubuntu software repositories, so you can use your usual favorite installation method: Synaptic, apt-get, the Ubuntu Software Center, etc. This list is a comprehensive sampling, and there are dozens more. You'll find the complete list at packages.ubuntu.com. Load these up on your Natty Netbook and you'll be ready for just about anything.

Network discovery, monitoring, and exploration

ubuntu
Use these to test connectivity, discover who is on your network, find unauthorized servers, find redundant servers, and read what is going over your wires. Nothing needs to be a mystery, and you can see exactly what is happening on your network.

* 2ping is a bidirectional ping utility for determining the direction of packet loss.

* chaosreader is a multi-protocol network session tracer.

* conntrackd replicates the status of the connections that are currently being processed by a stateful firewall.

* cryptcat is a featureful netcat-like utility that encrypts its transmissions. It's excellent for debugging and network exploration

* daemonlogger is a great packet logger and tap daemon for network security analysis.

* darkstat is a packet sniffer that outputs statistics to a Web browser.

* dhcp-probe discovers unauthorized DHCP and BootP servers.

* dmitry is a network probe finds subdomains, uptime info, email addresses, port scans, and lots more.

* ettercap is a powerhouse protocol sniffer and analyzer.

* fping can ping multiple targets.

* iptraf is a colorful LAN traffic monitor.

* ifstat is a network interface monitor.

* iftop monitors bandwidth usage.

* kismet is an 802.11b wireless network sniffer. It's a must-have for wireless networks.

* kism3d is a 3D network display server which can be used as a 3D desktop environment.

* knocker is a TCP port scanner.

* wireshark is a sophisticated packet sniffer and analyzer.

* cdpr is a Cisco discovery protocol reporter.

* imsniff is an instant messaging sniffer and logger.

* ike-scan discovers IKE (IPsec VPN Servers) hosts.

* farpd is a fake ARP daemon that can claim unassigned LAN addresses.

* ipwatchd can find IP address conflicts.

* icmpinfo is a nice tool for decoding ICMP messages.

* nmap will act as a network mapper, security auditor, perform host fingerprinting, and do lots more.

* iw configures and displays wireless interface information.

Performance testing and monitoring

Your users probably pester you frequently with complaints that "the network is slow!" With these tools, you can see for yourself how well the packets are flowing, test server responses, find the bottlenecks, and verify that your SSL-encrypted Web traffic really is encrypted.

* bandwidthd, bandwidthd-pgsql for graphing subnet traffic.

* bing provides bandwidth measurement based on pings.

* bmon is a bandwidth monitor that outputs results in HTML and ASCII.

* echoping tests remote server performance.

* ethstats measures network interface throughput.

* flowscan provides network traffic analysis and visualization.

* httping measures HTTP/S server performance.

Name services

DNS is still half-voodoo, and one typo in a zone file makes a disproportionately big mess. Use these tools to see abnormal traffic (which could indicate a misconfiguration or even an attack), test performance, and test server configuration.

* bind9utils contains tools for checking a BIND server.

* dlint is a DNS zone analyzer.

* dns-flood-detector detects abnormally high nameserver traffic.

* dnstop captures and analyzes DNS traffic.

* dnstracer traces DNS queries to their source.

* fpdns can tell you the versions of remote DNS servers.

Cisco, Juniper, Intel, ATM, and Infiniband tools

Linux and FOSS even offer nice tools for managing and monitoring spendy high-end snooty vendor gear.

* atm-tools helps you set up, monitor, and tune ATM networks.

* br2684ctl bridges ATM over Ethernet

* c3270 provides a telnet connection to IBM mainframe.

* dynagen is a Cisco 7200 router emulator.

* dynamips is a Cisco 7200/3600/3725/3745/2600/1700 router emulator.

* gamt is a serial-over-LAN client for Intel AMT.

* ibsim-utils simulates InfiniBand fabric.

* ibutils diagnoses and test InfiniBand networks.

* gns3 is a graphical network simulator that configures Cisco and Junos devices.

* vpnc is a Cisco-compatible VPN client.

Remote desktops and file sharing

These are mostly cross-platform so you can share files and printers on mixed networks, set up remote help desks, accommodate roaming users, and run secure remote graphical desktops -- all without getting dinged for silly terminal server and other gratuitous licenses.

* krdc, vino, rdesktop, and vnc are all remote desktop connection clients.

* samba-common, samba-common-bin, smbclient, and winbind are server and client files for Samba file shares, including diagnostic commands.

* nfs-common and nfs-kernel-server provide network file shares server and client tools.

* openssh-server is a secure shell server. Install this on all hosts that required secure remote connectivity

Miscellaneous tools

Again, there are some useful programs for odd jobs that don't fit into the other categories.

* etherpuppet creates a virtual mirrored TCP interface (TUN/TAP).

* 6tunnelis an IPv6 proxy for IPv4 applications.

* aircrack-ng helps with 802.11a/b/g WEP/WPA cracking.

* bridge-utils helps set up Ethernet bridges.

* cutter closes TCP connections.

* ebtables sets up, maintains, and inspects tables of Ethernet frames.

* geoip-bin and geoip-database find the country of origin of any IP address or hostname.

* grepcidr filters IPv4 CIDR addresses.

* hping3 is a network smashing tool.

* icmpush is an ICMP packet builder for controlled testing.

* ipcalc and ipv6calc calculate and convert network addresses and subnets.

* wakeonlan sends magic packets to wake up WOL-enabled hosts.

network
Go forth and administer your network!

Be sure to read the fine man pages! You'll also find boatloads of practical guidance in my own Linux Networking Cookbook. Editors willing and the creek don't rise, we'll follow up with some juicy howtos on using your nifty Natty Netadmin Netbook for specific network diagnostic and fixit tasks.

Subscribe to the Power Tips Newsletter

Comments