A Few Must-Have Tools for Windows Systems Administrators
This article presents some of the most desirable free and open source software programs that Windows systems administrators must have in their arsenal of tools.
Systems administrators play a crucial role in organisations as they are solely responsible for the configuration, security, support and maintenance of the company’s computer hardware. Nowadays, organisations are modifying and expanding their tech infrastructure regularly and moving from basic Windows and Linux servers to high performance computing and high speed networking. Various other technologies like cloud computing, grid computing and many open source technologies are also being integrated. Though the core responsibilities and day-to-day activities of sys admins have not changed, employers’ expectations from them have risen at a rapid pace. It is, therefore, important that sys admins understand how the tech market is changing and how new technologies are evolving rapidly. To do that, they have to continuously update their skillsets.
Many open source tools are available in the market, for various day to day system administration tasks, and it is very tough for any sys admin to be familiar with all of them. This article focuses on different open source tools that can be used by sys admins in various administrative, monitoring, security and maintenance tasks within the organisation. The most important factors that determine the use of such tools are costeffectiveness, stability and security.
So let’s take a look at some open source tools that every Windows sys admin should be aware of.
Wireshark
Wireshark, formerly known as Ethereal, is a free and open source packet analyser. It is primarily used for network troubleshooting, analysis, and software and communications protocol development-cum-research. It is a cross-platform tool that uses the Qt Widget Toolkit to implement the user interface and pcap to capture packets. Its non-GUI version is called TShark.
Wireshark is bundled with the libcap/Winpcap driver, which lets the user select the network interface controllers
that support the promiscuous mode to view all the traffic on that interface. This includes the interface configured address and broadcast/multicast traffic. When capturing with a packet analyser in promiscuous mode, on a port of a network switch, some of the traffic through the switch is sent to the port where the capture is done. If a remote machine captures packets and sends them to a machine running Wireshark using the TZSP protocol, Wireshark dissects those packets, so that it can analyse them on the remote machine.
Features:
Live packet capture from a network interface
Opens files containing packet data with tcpdump/ WinDump and a number of packet capture programs Imports packets from text files containing hex dumps of packet data
Displays packets with detailed protocol information and exports all packets in a number of capture file formats Has coloured packet displays based on filters and creates various statistics
Official website: www.wireshark.org
Latest version: 2.2.0
AMANDA Network Backup
AMANDA (Advanced Maryland Automatic Network Disk Archiver) is an open source computer archiving tool that backs up data residing on multiple computers onto one particular system. It makes use of a client-server model, where the server makes a direct link with every client on the network to perform data backups at a scheduled time. AMANDA Network Backup was developed at the University of Maryland, and is available as an open source-cum-free edition and also as an enterprise edition.
AMANDA runs on over a million servers and desktops running various versions of Linux, UNIX, BSD and Microsoft Windows.
Features:
AMANDA makes the backing up of networks simple, as a single server is set up to back up multiple clients on a tape or a disk based storage system.
It has the unique capability of writing backups to tape and disk simultaneously. The same data could be available online for quick restore from disk and even for disaster recovery.
It uses native dump and GNU tar utilities. Data can be recovered with native utilities, regardless of whether AMANDA is installed or not.
AMANDA provides proper security. Encryption on the client ensures the security of data in transmission and data is stored on the server in an encrypted form. It supports up to 4096-bit keys with public key cryptography as well as 256-bit AES encryption.
It has a unique scheduler to optimise backup levels for different clients in such a way that the total backup time is about the same for every backup run. It frees systems administrators of the task of guessing the rate of data change in their environments.
AMANDA is highly stable and robust, and has a very large and growing community.
Official website: www.amanda.org
Latest version: 3.3.9
Oracle VirtualBox
Oracle VirtualBox is a free, open source and powerful x86 and AMD64/Intel64 virtualisation software for enterprises as well as home use, developed by Oracle Corporation. It can be installed on a number of operating systems like Linux, OS X, Windows and Open Solaris.
It supports the installation of multiple guest OSs under a single host operating system. Every virtual machine (VM) can be started, paused and even stopped independently within its own VM. The end users can configure each VM with either software-based virtualisation or hardware assisted virtualisation.
Software based virtualisation: This mode supports 32bit guest OSs, which run in Rings 0 and 3 of the Intel Ring Architecture. A guest OS is configured in Ring 0, executes in Ring 1, while guest mode code runs in Ring 3.
Hardware assisted virtualisation: This supports both Intel’s VT-x and AMD’s AMD-V hardware virtualisation.
The system emulates the hard disk in three formats:
(a) VDI or VirtualBox Disk Image, (b) VMDK — format used by VMware Workstation, and (c) VHD — Windows Virtual PC format.
Features:
Para virtual is at ion and improved host support: It has support for the guest OS (Hyper-V on Windows and KVM on Linux). It also includes support for the NDIS6 driver API.
Additional instruction set support: It includes SSE 4.1, 4.2 and AES-NI as well as POPCNT, RDRAND and RDSEED.
Disk image encryption: It encrypts the virtual disk image using AES 256-bit on the physical drive.
It has USB 3.0 device support and bi-directional dragand-drop.
It also has HiDPI support.
Official website: www.virtualbox.org
Latest version: 5.1.6
ClamWin free antivirus software
ClamWin is free, open source antivirus software for Microsoft Windows, which provides a GUI interface to the Clam antivirus engine. It is mainly written in C++ and Python. It features a high detection rate for viruses and spyware, a scanning scheduler and automatic updates for the virus
database. It also provides the user with comprehensive support for virus scanning via Internet Explorer and even Outlook. It doesn’t include any real-time scanner and uses manual systems to scan files.
Features:
Scanning scheduler with user logged in only Automatic updation for virus definitions Standalone virus scanner
Outlook attachments scanner
Portable version can be used via USB pen drive Official website: www.clamwin.com
Latest version: 0.99
Angry IP Scanner
Systems administrators always need to quickly scan the network to find a particular workstation or device. In such situations, Angry IP Scanner comes to the rescue.
This is a widely used open source and multi-platform network scanner for fast IP address and port scanning. It can scan IP addresses in any range as well as their ports. It requires no installation and can be just copied and used. Angry IP Scanner simply pings each IP address to check if it’s alive; then, optionally, it resolves its hostname, determines the MAC address, scans ports, etc. The amount of data gathered about each host can be extended with plugins.
It also has additional features like NetBIOS information (computer names, workgroup names and currently logged in Windows users), favourite IP address ranges, Web server detection, customisable openers, etc.
Scanning results can be saved to CSV, TXT, XML or IPPort list files.
Features:
Small, efficient and fast port scanner
Reverse IP lookup and MAC address lookup
Complete IP range support from 1.0.0.1 to 255.255.255.255
Automatic OS detection and contains additional network configuration tools
Official website: www.angryip.org
Latest version: 2.21
UltraDefrag
UltraDefrag is an open source disk defragmentation tool for Windows operating systems, available under the GNU General Public License. It enables sys admins to eliminate the problem of file fragmentation and, in turn, speeds up machines as these need to do less mechanical work to read continuous data from disks. UltraDefrag fixes almost everything, including files that are locked; it is launched inside the Windows boot process, when most of the files are not in use.
UltraDefrag analyses all the information with respect to the files and free space on the disk; then, depending on what the user selects, the program defrags the disk and performs optimisation, which eliminates fragments of wasted space, packing the files closer together.
Features:
Simple and efficient defragmentation algorithms
Smart defragmentation of locked paging, hibernation files, and NFTS metafiles and streams
One-click defragmentation via Windows Explorer Multi-lingual GUI, powerful CUI, and automatic hibernation or shutdown after job completion
Fully supports 64-bit edition Windows OS, and is free to be distributed and used
Official website: www.ultradefrag.sourceforge.net
Latest version: 7.0.1