DNS – Domain Name System
There comes a point where some of us create intricate networks for our Small Businesses or Homes and run into issues that in some cases can be stressful without the correct networking tools. In this article I will be showing you some great networking tools and some tricks here and there on how to properly fix your network issues.
I will turn you to the first tool called “DIG”. This is a tool that is made by the Internet System Consortium which is the same group that produces BIND DNS Server software which runs on almost all DNS Servers world-wide. So why not use the same tool? When it comes to DIG, it’s intended to perform DNS queries using the Command-Line. This alone is helpful but it’s not just that. In some occasions you want to know why you are getting strange replies from a specific DNS server. With this tool you will get that extra Input that you need to make the changes and fix the error. I have used it to diagnose why some apps are running slow. It will also allow you to do a reverse lookup by using the -X switch and the IP Dig will give you the Domain Name for that IP address.
If you have been getting incorrect replies, it is possible that your DNS recorders are set incorrectly. Use DIG to match your DNS records and see if everything matches by using
<code> dig @184.108.40.206 www.mydomain.com </Code>
If you need to troubleshoot DNS problems with servers that use TSIG, DIG will let you specify a TSIG key to use with your queries.
Security Scanner NMAP
This is my baby 😉 this tool is known by many in the industry. It is a tool that will allow you to scan your network. It is very lightweight but do not get me wrong when I say lightweight as it is very useful. NMAP will allow you to perform tasks as simple as a ping sweeping to see which IP addresses are active and responding. It will also allow you to perform complex scripts to scan networks for vulnerabilities. One other great feature is the ability to analyze packets and determine what OS that box is running. I normally use it to check what ports are open or available. It supports UDP and TCP scanning. You can give it a single host to scan or a CIDR “Classless Inter-Domain Routing” block or an entire list of hosts and networks from a specific file or folder. NMAP comes with NSE “NMAP Scripting Engine” which combines custom script and existing NMAP Functions to perform a more specific discovery. It is also widely used by Hackers (B,G,W).
There are many scripts that will allow you to learn how this great tool functions at NMAP.ORG. I believe there are about 170 + scripts.
Since we are talking about UDP and TCP with NMAP, lets dive in more into this since it has to do with SecurityCameraKing.com’s Security Cameras and Recorders. When port forwarding please do not open the UDP ports, only open the TCP.
UDP (User Datagram Protocol) works similar to TCP but it ignores all Error Checking. When sending UDP packets, the packets are sent but it will not wait to ensure that the recipient receives it properly creating errors. This is one of the reasons why I do not port forward the UDP ports of any of my Surveillance Equipment as I require it to ensure all packets are sent and received properly, which is one thing that TCP will do for you. To make take it more into perspective, have you ever played an online video game and your opponent in occasions skips from one location to another? This is what it would look like if Gamers would use UDP. This happens when you lose packets and then start to receive the new packets. The player will seem to have teleported to a new location. Many Gamers would see this as Cheating, as they would believe that the other person is using a LAG Switch when they are not. Games today will boot you from the session if they see these packets being lost to ensure no one uses these switches.
Keepass is a utility that has an encrypted Database to store all of your Passwords. It is very useful for Net Admins that have to save all the usernames and passwords for all of the Equipment that they manage. We all know that we should not use the Default settings or even use Usernames such as Admin, User etc… as well as short passwords or even use the same password for all the Devices on your network. Since an attacker has the ability to gain access to one of your Devices, you do not want them to access another using the same creds as the one they penetrated. With Keepass you can use a single password to access your Database, a key, or both using what is called a two factor authentication.
This can also be used for Computer UserNames and Passwords since it will allow you to create Groups and sub groups of sub groups. A must for anyone that manages any kind of Network where you need all the information in one location and encrypted. It is cross platform Windows and Mac OS as well as my favorite, Linux. It has been ported to all of these Operating Systems so there is no excuse not to use it.
And… our last tool is NTOP fron NTOP.org
This tool is a must for anyone that needs to monitor their Network traffic. It is built in on many routers and firewalls. I have a PFSense Firewall on a WatchDog Appliance. The PFsense allows me to run NTOP since it runs on FreeBSD.
NTOP will allow you to click on the WEB GUI and show you details about that particular host, protocols, or even conversations and flows. I found something interesting about Ntop’s output, such as identifying workstation users by their email addresses and “passively” detecting the OS of network hosts through packet analysis.
NTOP will even allow you to do Traffic Recording and probe your network. There are many things you can do with this tool. While writing this article I came across a site that has a lot of information when it comes to Security and anonymity. Go ahead and check it out at https://www.privacytools.io/
If you have any ideas or questions about this or any of my articles feel free to give me a call at 866 573-8878 ext 116 or send me a quick email at email@example.com