Monday, July 29, 2013

NetScanTools Pro v11.51 Released on July 18, 2013

This is the latest release and although it does not include any new tools, it does include new and improve charting (graphics) giving quick access to information about the results of many tools at a glance. For instance, this is the new summary chart for Port Scanner. It summarizes the responding TCP ports into Active Ports, Active Ports returning data, Ports Rejecting a TCP connection and No Response Timeout all in an easy to understand pie chart:


Another new feature is the addition of Trend Line Analysis to the Timing Charts. This shows either a linear trend line or an advance polynomial fitting to the data. You can see the formula too. And print and save to a bitmap. Here is a linear fit to the traceroute hop vs. response time chart:


And now a polynomial fit. You can chose from several trend line polynomial degree fittings.



New Features:

-ARP Scan, Ping Scanner and Port Scanner: New summary pie charts show an overview of the results. This is especially important in large data results (port scanner) situations where you may or may not quickly locate an open port in a long list of port results.

-ARP Ping, Ping - Enhanced, Ping Scanner, Traceroute: The 2 dimensional Timing Charts now have trend line analysis. There are linear line fitting plus a number of polynomial curve fitting options available. The line formula can be optionally shown. Each tool has a button to display the Timing Chart after you have used the tool.

 Changes:

-Packet Flooder: added total data bytes sent to status.

-Manual Tools Left Panel: Duplicate IP Scanner is now in the right alphabetic order.

-SNMP - Core and Advanced: SNMPv3 Context field is now correctly passed in the outgoing SNMPv3 packet. Bulk Repetitions now defaults to 32.

-ARP Cache: renamed Index column to I/F Index (interface index).

-Port Scanner: many internal changes to improve operation when scanning large port ranges. Changes to show rejected TCP connections and more clearly define Closed and Filtered UDP ports.

-Whois: added 16 new Top Level Domains (TLDs) to database.

-Updated SQLite to 3.7.17

-Updated database files.

Posted by at No comments:
Labels: , , ,

Managed Switch Port Mapping Tool v2.11 and v2.10 Released in June

This post should have been made in June. The Managed Switch Port Mapper had back-to-back releases in June to add new capabilities. Together they addressed issues with obtaining MAC addresses from the local area network and a significant problem mapping Cisco switches using SNMPv3. You can download a 30 day trial at http://www.SwitchPortMapper.com/

Changes in the two releases:

2.11 June 13, 2013

-SNMPv3 changes affecting Cisco® switches: corrected problem with context field that was not being added to the SNMPv3 queries.

-Documented changes to Cisco switch running-config that are required to use SNMPv3 and get meaningful results.

2.10 June 12, 2013

-Ping Sweep: significant internal changes to address ARP table issue reported in v2.09. These changes vastly improve collection of ARP information for all supported operating systems.

-Minor wording changes to Web Browser Summary Report. Added details about results of Ping Sweep action.

-Review History: it now remembers the last mode (Switch Lists or Manual Mappings) between successive uses of Review History within a session. If you were looking at a Switch Mapping, then come back to look at another, you do not have to reselect the mode again unless you are changing to a different mode.

-Review History: added switch alias column to Manual Switch Mappings view in the 'Switch Lists or Manual Mappings' list.

-Updated SQLite to version 3.7.17

-Updated MAC address/Manufacturer database.
Posted by at No comments:
Labels: , , , ,

Wednesday, July 10, 2013

Configuring Cisco IOS Switches to work with SNMPv1 or v2c

In order to use Cisco switches with the Managed Switch Port Mapping tool, you need to have at least SNMPv1 or v2c running. You can do this with one line in the running-config.

1. from CLI, type enable followed by enter. You may need to enter a password.
2. switch# config term
3. switch(config)# snmp-server community public ro
^this makes it read only with the community name public, you can add rw at the end for read/write. You can use any community name that makes better sense, but remember that SNMPv1 and SNMPv2c are plaintext packets meaning they can be captured and read in Wireshark or any packet capture tool.
4. switch(config)# end or use CTRL-Z
5. switch# write memory

You should be able to map the switch immediately.
Posted by at No comments:
Labels: , , ,

Friday, July 5, 2013

New Training Videos for the Managed Switch Port Mapping Tool

A number of videos have been recently completed explaining in detail procedures and techniques for properly and effectively using the Managed Switch Port Mapping Tool.
Videos:
  • How to use the USB Switch Port Mapping Tool (basic operating methods also apply to the installed version)
  • Obtaining IP Addresses of Attached Devices using the Managed Switch Port Mapping Tool
  • Exporting Results to a Spreadsheet from the Managed Switch Port Mapping Tool
  • Switch Lists in the Managed Switch Port Mapping Tool
  • Command Line Operation in the Managed Switch Port Mapping Tool
  • Understanding Results from the Managed Switch Port Mapping Tool 
 
There is a playlist for this set called “Training: Managed Switch Port Mapping Tool” and it can be found here: 
 
All of our videos are here on our YouTube Channel for both NetScanTools Pro and the Managed Switch Port Mapping Tool:
 
 
 
Posted by at No comments:
Labels: , ,

Configuring Cisco® IOS Switches for use with SNMPv3 and the Managed Switch Port Mapping Tool

Cisco switches are not typically configured for default reading of all the Bridge-MIB information on a per-VLAN basis when using SNMPv3. You can usually see VLAN-1 data without changes, but to see other VLANs, you have to make some changes to running-config.

Cisco uses SNMPv3 'context' to allow retrieval of per-VLAN data from Bridge-MIB (things like device MAC addresses). This is not pre- configured so each switch must have the running-config in the switch changed to report the VLAN details. If the switch is not configured, this software and any other switch mapping software cannot map the switch with SNMPv3. We can map it using SNMPv1 or v2c if allowed without any special config changes.

First, you need to see if your switch supports contexts. From CLI do:

show snmp context

Assuming success – your switch IOS version supports context, check to see if your switch supports prefix matching. In your running config add:

snmp-server group yourV3groupName v3 auth context vlan- match prefix

(don't forget the dash character after vlan)

If it does support prefix matching every Cisco switch using IOS and SNMPv3 that you intend to map must have that command in the config - you can skip the next section - you are done after saving your config.

If it does NOT support prefix matching you have a lot of work to do. Every VLAN must have a context set up for it.

You have to add this command into running config for EVERY VLAN:

snmp-server group yourV3groupName v3 priv context vlan-(vlanid)

So if you have 10 VLANs on the switch, that command must appear 10 times, once for each VLAN (no parens around 'vlanid' and you may want to add 'access #' at the end).

Examples of lines to add to running-config:
snmp-server group yourV3groupName v3 priv context vlan-1
snmp-server group yourV3groupName v3 priv context vlan-6
snmp-server group yourV3groupName v3 priv context vlan-50
snmp-server group yourV3groupName v3 priv context vlan-100

Posted by at No comments:
Labels: , , ,

June 2013 NetScanTools Newsletter Ready

This newsletter talks about the two Managed Switch Port Mapper releases that happened in June. The first release 2.10 addresses a problem with the size of the ARP table when you ping scan a subnet while on Windows 8, 7, Vista or 2012/2008. The second release 2.11 fixed a problem using SNMPv3 on Cisco switches. One part of the problem had to do with the Context field and the other part had to do with the required changes to running-config in order to map the switch.

I go into detail the changes to IOS based Cisco switches that are required to map them when communicating with SNMPv3.  Mapping a Cisco switch with SNMPv1 or SNMPv2c is pretty easy, running-config on requires the command snmp-server community public to allow mapping the switch with the community name of public. But SNMPv3 requires more than that, specifically contexts have to be supported and ideally prefix matching. The details will be posted in another blog post.

A third major new topic in the newsletter are the new training video series - a full hour of videos that cover using Managed Switch Port Mapper v2.x. Some new NetScanTools Pro videos were also added. Please visit this link for the training video playlist:

http://www.youtube.com/playlist?list=PL1forIW_A8wneXBqnm4bwIxpnToHGOSCX

This link goes to the NetScanTools Channel on YouTube:
http://www.youtube.com/user/netscantools

The final topic is a reminder about the release of NetScanTools Pro version 11.50 in May. The two new tools are the Duplicate IP Scanner and Firewall Rules Tool. A visible new addition to Ping, Ping Scan, ARP Ping and Traceroute are the new timing charts showing times. You can print or save the charts as images.

Look for a new release of NetScanTools Pro in July and another release of the Managed Switch Port Mapping Tool too.
Posted by at No comments:
Labels: ,
Subscribe to: Posts (Atom)