Keeping Network Tabs For Less

Many systems builders find themselves doing double-duty as network administrators for their customers. So it's only natural for the customer to rely on them when there are network problems.

But troubleshooting a network when you're not on-site can be tricky, especially when problems are intermittent. One option is to temporarily connect a machine to the customer's network and gather data for a day or two. This often helps pinpoint the root cause of the issue, and can also help you audit a network for performance and security.

In this recipe, I'll show you how to build such a network-monitoring system without busting your budget. All you'll need is an old laptop, the FreeBSD operating system and some open-source software included with the FreeBSD package.

Installing the OS And Associated Tools

id
unit-1659132512259
type
Sponsored post

When choosing software distributions, select a custom install and include base, kernels, man, ports and X.org. When configuring network settings, you can set up the machine as a DHCP client or with a static IP. Also, you don't need to run "inetd"; nor should you activate anonymous FTP, or NFS servers or clients.

Be sure to enable SSH log-ons from the network. Then you can remotely access the box when it's deployed on a client's LAN. Also, install X.org and a window manager, so that you have a GUI.

Add a regular user to the wheel group.

After the system installer is finished and the PC reboots, log in as the regular user, type "su" and enter the root password. This will give you the administrative rights to install some additional software.

Post-Installation Tasks

You'll need to install several more tools before you're done. The good news: FreeBSD makes it easy to install from precompiled binary packages or from source code. The command to install a package is "pkg_add." To install from source, use the ports tree.

A portable network-monitoring and troubleshooting station will also require a port scanner to examine hosts for network-accessible vulnerabilities. The premier port scanner is Nmap.

Packet sniffers let you decode packets and visualize network flows--helpful for seeing how different hosts communicate and for spotting hosts that are monopolizing network resources. Ethereal and Ntop are two sniffers that can be very useful.

Packages install faster than ports because they're already compiled for you. But programs installed from ports tend to run faster, because they're optimized for your system. Now you have all the required tools. Next, you'll configure the system so that when you start the GUI, you're in FVWM.

Exit from the root by pressing Ctrl-D. If you're not in your regular user's home directory, type in "cd" to return there. Create and open a file named ".xinitrc" in your editor. The initial period in the file name is required.

Then add, in all lower case, "exec fvwm" to the file. Save the file and exit the editor. To start the GUI, enter "startx" at the command prompt. FVWM should open with an xterm console window and a bare desktop. Left-clicking on the desktop will make a window pop up with several options, including the ability to open more xterms, from which you can run the various utilities discussed in this recipe. To find the path to a program, use the appropriate command.