kismet

http://techtots.blogspot.com/2008/06/installingconfiguring-kismet-on-ubuntu.html 
Installation
Do a simple apt-get to install kismet:

sudo apt-get install kismet

That's all there to it. Please note that the version in Ubuntu's repo is 2007-10-R1-2build1. It's a lot older than the one currenly available for download i.e. Kismet-2008-05-R1.

Configuration
If you run kismet right after installation, you'll get the following error:

Launching kismet_server: //usr/bin/kismet_server
Suid priv-dropping disabled. This may not be secure.
No specific sources given to be enabled, all will be enabled.
Non-RFMon VAPs will be destroyed on multi-vap interfaces (ie, madwifi-ng)
Enabling channel hopping.
Enabling channel splitting.
NOTICE: Disabling channel hopping, no enabled sources are able to change channel.
Source 0 (changeme): Opening none source interface none...
FATAL: Please configure at least one packet source. Kismet will not function if no packet sources are defined in kismet.conf or on the command line. Please read the README for more information about configuring Kismet.
Kismet exiting.
Done.

You'll need to configure kismet and attach it to a wifi device. To do this, open up /etc/kismet/kismet.conf and look for the following line:

source=none,none,changeme

I'm using iwl3945 on eth1 on my machine. So here's my config:

source=iwl3945,eth1,eth1

You can look at the list of supported device in kismet's README file here:

/usr/share/doc/kismet/README

It's gzipped, by default (README.gz). So do a quick gunzip before reading. Look for the list under the section named "Capture Sources".

Running It
Now run kismet again and you'll get a nice screen like below:

Unfortunately, after exiting kismet, I was greeted with a segmentation fault error and my eth1 link unusable (note the UNSPEC word):

eth1 Link encap:UNSPEC HWaddr 00-1C-BF-A8-F9-C2-00-00-00-00-00-00-00-00-00-00
UP BROADCAST MULTICAST MTU:1500 Metric:1
RX packets:458437 errors:0 dropped:0 overruns:0 frame:0
TX packets:499893 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:215177287 (205.2 MB) TX bytes:95043280 (90.6 MB)

This is the main show stopper. Time to whip up Google search and the forums :D

Network monitors

Click to download WinMTR.
==========================================

¿Los debilitamientos de banda ancha le producen lentitud?

	Descargar NTA Ahora

Tener el control del tráfico de su red—y cerciorase de que los debilitamientos de la banda ancha no vuelvan todo más lento—es rápido y fácil con SolarWinds Netflow Traffic Analyzer (NTA). SolarWinds NTA le muestra quién, qué, dónde y cuándo en relación al tráfico de la red y le permite rastrear y monitorear rápidamente el uso de la banda ancha de determinada aplicación o tipo de tráfico.

• PRIMERO, DETECTE EL DESEMPEÑO DE LA RED CON SOLARWINDS NETWORK PERFORMANCE MONITOR (NPM)

  	Descargar NPM Ahora

• LUEGO, DESCUBRA QUIÉN Y QUÉ ESTÁ CONSUMIENDO BANDA ANCHA CON SOLARWINDS NETFLOW TRAFFIC ANALYZER (NTA)

  	Descargar NTA Ahora

DESCARGUE AMBOS Y DESCUBRA AHORA LO QUE DEBILITA LA BANDA ANCHA

http://downloads.solarwinds.com/solarwinds/Release/OrionNTA/NTA_ZP4/ZP-NTA.html
SolarWinds® NetFlow Traffic Analyzer (NTA) is a powerful software solution that monitors and analyzes network flow data alongside fault, availability, and performance monitoring to greatly improve the performance of your network.

SolarWinds Network Performance Monitor (NPM)

Network Performance Monitor makes it easy to quickly detect, diagnose, and resolve network performance issues before outages occur.

• Monitor network device and interface performance and availability
• Automatically discover new network devices and begin monitoring immediately
• Quickly configure intelligent alerts for correlated events, sustained conditions, and complex combinations of device states
• Monitor heterogeneous networks with out-of-the-box support for devices from leading hardware vendors

Fully Functional for 30 Days

 Getting Started with NetFlow Traffic Analyzer

• Log on to the Network Performance Monitor server that you are going to use for Flow analysis.
• Download NetFlow Traffic Analyzer, launch the executable, and step through the installation wizard.
• Step through the Configuration Wizard to configure NetFlow Traffic Analyzer with your Network Performance Monitor database, website and services.
• Set up your network devices to export Flow data (see this How to Configure NetFlow on Cisco Routers video for step-by-step instructions).
  
  
  
  
• Add your Flow-enabled network devices to NPM using either Network Sonar (if you are adding a large number of nodes) or Web Node Management (if you are adding a few nodes).

There you have it. Five simple steps and you can be monitoring network traffic using flow analysis in less than an hour.

Free Network Management Software

Source

Spiceworks provides 100% Free Network Management Software to IT Pros to monitor everything on their network including MS Exchange Server health, network bandwidth, and Windows performance.

There are no tricks or fine print with Spiceworks – their network management software is completely free including support and upgrades and features a wide range of useful IT management functionality.
Learn more »
Monitor Everything on Your Network

 

Keep track of everything that’s happening on your network – from when a user installs a piece of software they shouldn’t have, to when your printer’s toner level gets low! Spiceworks lets you monitor and receive alerts on all the network happenings you care about most!

Create Custom Monitors in Seconds

Easily set monitors for anything you like – from how much disc space a device has left to whether or not a server is online. If Spiceworks collects info on it, you can monitor it!

The Alerts You Want When & Where You Want Them

Whether you need to see a chart or graph of your overall network state; a detailed alert specific to a single device; or would like to receive an email the next time a user downloads a specific application – it’s easy to get the alerts you want when you need them!

Monitor & Manage Email

From the message load on your Exchange server to the size of your users’ inboxes – Spiceworks provides a thorough overview that’ll keep you in step with your email health and usage. You can even monitor, add and edit Rackspace hosted email accounts right from Spiceworks!

Access Bandwidth Monitoring Utilization Tools

There seems to be a constant battle between network admins trying to keep the network moving quickly, and users trying to create bottlenecks with excessive bandwidth usage. With our bandwidth monitoring utilization tools, you can locate bottlenecks, see the top users, and find problem areas on a wide range of network devices. You can also set up alerts to notify you when Windows & Mac devices that have been scanned properly are exceeding a set limit of bandwidth usage.

See Windows Alerts Across Your Network

Set up and view alerts for Windows events that occur across your environment - so you can easily use Spiceworks to detect, diagnose and troubleshoot any issues that might disrupt your network performance.

Real-Time Windows Performance Monitoring

Get real-time performance monitoring of all of your Windows devices - from overall health to performance counters like disk and processor queue lengths.

Monitor S.M.A.R.T. Status of Windows Hard Drives

Spiceworks will monitor the S.M.A.R.T. (Self-Monitoring, Analysis & Reporting Technology) status of your Windows hard drives so you can get alerts when issues emerge. A drive that unexpectedly fails can be disastrous, so you want to get a heads up for any potential problems as soon as possible. When S.M.A.R.T. anticipates a failure, you’ll receive an alert in your email and on your Spiceworks Timeline. That way, you can replace the drive, and possibly return it to the manufacturer.

Easily extend Nagios’ functionality

Source

My last article described how to “Quickly install Nagios on Ubuntu“. That article had you up and running with the powerful open source network monitoring tool, but not much more. If you really want to make Nagios useful you have to do a bit of work. Some might see this work as too time consuming and or challenging. I can understand that on a large network. Because Nagios can not do auto-discovery, it is up to the admin to configure any device to be monitored. Naturally no admin is going to want to monitor every single device on their network. That works out okay with Nagios. Now, if you are interested in monitoring every single device, on a larger network, you will either need to get clever with some scripting to search out your devices (and track down their associated addresses) or you will need to move on to a different solution.

But for those who only need to monitor a few devices, configuring Nagios to do so is actually quite simple. In this article I am going to show you a few configurations to handle and then how to add devices and checks for your installation.

Post-install configurations and plugins

Before you get busy setting up devices for Nagios to monitor, you should first install some extra plugins for the system. Open up Synaptic, search for “nagios” (no quotes), mark nagios-plugins-extra for installation, and click Apply to install. Once that is done you will already have more functionality with Nagios.

Now let’s take care of a couple of configurations. The first is in the /etc/nagios3/conf.d directory. The file is called contacts_nagios2.cfg. In this file you will configure who is to receive the email alerts. The line to set this configuration is:

email    root@localhost

You will want to change that email address. That is it for this configuration file. Now in order for Nagios to be able to send out alerts via email, the machine housing Nagios has to be able to send those alerts out. You can check that by using the mail command like so:

mail email@address -s TEST

Where email@address is an actual address you can use for testing.

Once you enter that line, hit Enter and then type some random text. When you’re done typing hit d and then Enter. The mail should send away. If not you will have to troubleshoot your mail server (beyond the scope of this tutorial).

Add a device

Figure 1

Now for the good stuff. We are going to add a device to Nagios. 

The device we will add is a Windows XP desktop to monitor. 

Within the /etc/nagios3/conf.d directory you will see a number of .cfg files. These are the files Nagios uses to dictate what is see and how it acts upon what it see. For every device you want to use, I find it best to add a .cfg file. So let’s create the file /etc/nagios3/conf.d/windows_xp.cfg. The contents of this fill will look like what you see in Figure 1.

As you can see there are a few directives here. The directives are as follows:

• check_command – The command used to check the status of the device.
• max_check_attempts – How many times will Nagios retry the status check.
• check_period – How often are the checks made.
• process_perf_data – Enable the processing of performance data.
• retain_nonstatus_information – Enable the retention of non-status information across reboots.
• notification_interval – How often are notifications sent to inform the administrator this host is not okay.
• notification_period – How often are notifications sent out.
• notification_options – The options shown are w – send notifications on “warning” state, u – send notifications on “unknown” state, and “r” – send notifications when a service stops flapping (when a service changes frequently).

NOTE: Depending upon the version of Nagios you have installed the notification_options will be different. Some instances will not accept the “w” option. If you get an error, exchange “w” with “d” (for down).

As you can see there are configuration options that will be specific to your devices and networking topology (host_name and address are examples). Once you have created this file save it and restart Nagios with the command sudo /etc/init.d/nagios3 restart command. Now take a look at your Nagios page and you will see the new device you just added.

Final thoughts

Someday someone will come up with an automated way to detect devices in Nagios. Until then we are relegated to adding them using this means. Does that mean you should shy away from Nagios? Not at all. Nagios is a powerful tool ready to help network administrators keep tabs on their network devices.