RFC 1147
FYI on a Network Management Tool Catalog: Tools for Monitoring and Debugging TCP/IP Internets and Interconnected Devices
Network Working Group R. Stine, Editor
Request for Comments: 1147 SPARTA, Inc.
FYI: 2 April 1990
FYI on a Network Management Tool Catalog:
Tools for Monitoring and Debugging TCP/IP Internets
and Interconnected Devices
Status of this Memo
The goal of this FYI memo is to provide practical informa-
tion to site administrators and network managers. This memo
provides information for the Internet community. It does
not specify any standard. It is not a statement of IAB pol-
icy or recommendations. Comments, critiques, and new or
updated tool descriptions are welcome, and should be sent to
Robert Stine, at stine@sparta.com, or to the NOCTools work-
ing group, at noctools@merit.edu.
Distribution of this memo is unlimited.
1. Introduction
This catalog contains descriptions of several tools avail-
able to assist network managers in debugging and maintaining
TCP/IP internets and interconnected communications
resources. Entries in the catalog tell what a tool does,
how it works, and how it can be obtained.
The NOCTools Working Group of the Internet Engineering Task
Force (IETF) compiled this catalog in 1989. Future editions
will be produced as IETF members become aware of tools that
should be included, and of deficiencies or inaccuracies.
Developing an edition oriented to the OSI protocol suite is
also contemplated.
The tools described in this catalog are in no way endorsed
by the IETF. For the most part, we have neither evaluated
the tools in this catalog, nor validated their descriptions.
Most of the descriptions of commercial tools have been pro-
vided by vendors. Caveat Emptor.
1.1 Purpose
The practice of re-inventing the wheel seems endemic to the
field of data communications. The primary goal of this
document is to fight that tendency in a small but useful
way. By listing the capabilities of some of the available
network management tools, we hope to pool and share
knowledge and experience. Another goal of this catalog is
to show those new in the field what can be done to manage
internet sites. A network management tutorial at the end of
the document is of further assistance in this area.
Finally, by omission, this catalog points out the network
management tools that are needed, but do not yet exist.
There are other sources of information on available network
management tools. Both the DDN Protocol Implementation and
Vendors Guide and the DATAPRO series on data communications
and LANs are particularly comprehensive and informative.
The DDN Protocol Implementation and Vendors Guide addresses
a wide range of internet management topics, including
evaluations of protocol implementations and network
analyzers.* The DATAPRO volumes, though expensive (check
your local university or technical libraries!), are good
surveys of available commercial products for network manage-
ment. DATAPRO also includes tutorials, market analyses,
product evaluations, and predictions on technology trends.
1.2 Scope
The tools described in this document are used for managing
the network resources, LANs, and devices that are commonly
interconnected by TCP/IP internets. This document is not,
however, a "how to" manual on network management. While it
includes a tutorial, the coverage is much too brief and gen-
eral to serve as a sole source: a great deal of further
study is required of aspiring network managers. Neither is
this catalog is an operations manual for particular tools.
Each individual tool entry is brief, and emphasizes the uses
to which a tool can be put. A tool's documentation, which
in some cases runs to hundreds of pages, should be consulted
for assistance in its installation and operation.
1.3 Overview
Section 1 describes the purpose, scope, and organization of
this catalog.
Section 2 lists and explains the standard keywords used in
_________________________
* Instructions for obtaining the DDN Protocol Guide are
given in Section 7 of the appendix.
the tool descriptions. The keywords can be used as a sub-
ject index into the catalog.
Section 3, the main body of the catalog, contains the
entries describing network management tools. The tool
entries in Section 3 are presented in alphabetical order, by
tool name. The tool descriptions all follow a standard for-
mat, described in the introduction to Section 3.
Following the catalog, there is an appendix that contains a
tutorial on the goals and practice of network management.
1.4 Acknowledgements
The compilation and editing of this catalog was sponsored by
the Defense Communications Engineering Center (DCEC), con-
tract DCA100-89-C-0001. The effort grew out of an initial
task to survey current internet management tools. The cata-
log is largely, however, the result of volunteer labor on
the part of the NOCTools Working Group, the User Services
Working Group, and many others. Without these volunteer
contributions, the catalog would not exist. The support
from the Internet community for this endeavor has been
extremely gratifying.
Several individuals made especially notable contributions.
Mike Patton, Paul Holbrook, Mark Fedor and Gary Malkin were
particularly helpful in composition and editorial review,
while Dave Crocker provided essential guidance and
encouragement. Bob Enger was active from the first with the
gut work of chairing the Working Group and building the
catalog. Phill Gross helped to christen the NOCTools Work-
ing Group, to define its scope and goals, and to establish
its role in the IETF. Mike Little contributed the formative
idea of enhancing and publicizing the management tool survey
through IETF participation.
Responsibility for any deficiencies and errors remains, of
course, with the editor.
2. Keywords This catalog uses "keywords" for terse characterizations of the tools. Keywords are abbreviated attributes of a tool or its use. To allow cross-comparison of tools, uniform key- word definitions have been developed, and are given below. Following the definitions, there is an index of catalog entries by keyword. 2.1 Keyword Definitions The keywords are always listed in a prefined order, sorted first by the general category into which they fall, and then alphabetically. The categories that have been defined for management tool keywords are: + the general management area to which a tool relates or a tool's functional role; + the network resources or components that are managed; + the mechanisms or methods a tool uses to perform its functions; + the operating system and hardware environment of a tool; and + the characteristics of a tool as a hardware pro- duct or software release. The keywords used to describe the general management area or functional role of a tool are: Alarm a reporting/logging tool that can trigger on specific events within a network. Analyzer a traffic monitor that reconstructs and interprets pro- tocol messages that span several packets. Benchmark a tool used to evaluate the performance of network com- ponents.
Control
a tool that can change the state or status of a remote
network resource.
Debugger
a tool that by generating arbitrary packets and moni-
toring traffic, can drive a remote network component to
various states and record its responses.
Generator
a traffic generation tool.
Manager
a distributed network management system or system com-
ponent.
Map
a tool that can discover and report a system's topology
or configuration.
Reference
a tool for documenting MIB structure or system confi-
guration.
Routing
a packet route discovery tool.
Security
a tool for analyzing or reducing threats to security.
Status
a tool that remotely tracks the status of network com-
ponents.
Traffic
a tool that monitors packet flow.
The keywords used to identify the network resources or com-
ponents that a tool manages are:
Bridge
a tool for controlling or monitoring LAN bridges.
CHAOS
a tool for controlling or monitoring implementations of
the CHAOS protocol suite or network components that use
it.
DECnet
a tool for controlling or monitoring implementations of
the DECnet protocol suite or network components that
use it.
DNS
a Domain Name System debugging tool.
Ethernet
a tool for controlling or monitoring network components
on ethernet LANs.
FDDI
a tool for controlling or monitoring network components
on FDDI LANs or WANs.
IP
a tool for controlling or monitoring implementations of
the TCP/IP protocol suite or network components that
use it.
OSI
a tool for controlling or monitoring implementations of
the OSI protocol suite or network components that use
it.
NFS
a Network File System debugging tool.
Ring
a tool for controlling or monitoring network components
on Token Ring LANs.
SMTP
an SMTP debugging tool.
Star
a tool for controlling or monitoring network components
on StarLANs.
The keywords used to describe a tool's mechanism are:
Curses
a tool that uses the "curses" tty interface package.
Eavesdrop
a tool that silently monitors communications media
(e.g., by putting an ethernet interface into "promiscu-
ous" mode).
NMS
the tool is a component of or queries a Network Manage-
ment System.
Ping
a tool that sends packet probes such as ICMP echo mes-
sages; to help distinguish tools, we do not consider
NMS queries or protocol spoofing (see below) as probes.
Proprietary
a distributed tool that uses proprietary communications
techniques to link its components.
SNMP
a network management system or component based on SNMP,
the Simple Network Management Protocol.
Spoof
a tool that tests operation of remote protocol modules
by peer-level message exchange.
X
a tool that uses X-Windows.
The keywords used to describe a tool's operating environment
are:
DOS
a tool that runs under MS-DOS.
HP
a tool that runs on Hewlett-Packard systems.
Macintosh
a tool that runs on Macintosh personal computers.
Standalone
an integrated hardware/software tool that requires only
a network interface for operation.
UNIX
a tool that runs under 4.xBSD UNIX or related OS.
VMS
a tool that runs under DEC's VMS operating system.
The keywords used to describe a tool's characteristics as a
hardware or software acquisition are:
Free
a tool is available at no charge, though other restric-
tions may apply (tools that are part of an OS distribu-
tion but not otherwise available are not listed as
"free").
Library
a tool packaged with either an Application Programming
Interface (API) or object-level subroutines that may be
loaded with programs.
Sourcelib
a collection of source code (subroutines) upon which
developers may construct other tools.
2.2 Tools Indexed by Keywords Following is an index of catalog entries sorted by keyword. This index can be used to locate the tools with a particular attribute: tools are listed under each keyword that charac- terizes them. The keywords and the subordinate lists of tools under them are in alphabetical order. In the interest of brevity, some liberties have been taken with tool names. Capitalization of the names is as speci- fied by the tool developers or distributers. Note that parenthetical roman numerals following a tool's name are not actually part of the name. The use of roman numerals to differentiate tools with the same name is explained in the introduction of Section 3. alarm bridge CMIP Library ConnectVIEW EtherMeter decaddrs LanProbe NMC LANWatch proxyd NETMON (III) Snmp Libraries osilog snmpd SERAG sma Snmp Libraries CHAOS snmptrapd LANWatch SpiderMonitor map Unisys NCC WIN/MGT Station xnetmon (I) control XNETMON (II) CMIP Library ConnectVIEW NETMON (III) analyzer NMC LANWatch proxyd Sniffer Snmp Libraries SpiderMonitor snmpset TokenVIEW Unisys NCC benchmark WIN/MGT Station hammer XNETMON (II) nhfsstone SPIMS spray TTCP Unisys NCC
curses DOS
Internet Rover Comp. Security Checklist
net_monitor ConnectVIEW
nfswatch hammer
osimon hopcheck
snmpperfmon LAN Patrol
LANWatch
netmon (I)
debugger NETMON (III)
SPIMS netwatch
OverVIEW
ping
DECnet Snmp Libraries
decaddrs snmpd (II)
LANWatch TokenVIEW
NETMON (III) XNETMON (II)
net_monitor xnetperfmon
NMC
Sniffer
Snmp Libraries eavesdrop
SpiderMonitor ENTM
XNETMON (II) etherfind
xnetperfmon EtherView
LAN Patrol
LanProbe
DNS LANWatch
DiG NETMON (II)
LANWatch netwatch
netmon (I) nfswatch
nslookup NNStat
OSITRACE
Sniffer
SpiderMonitor
Tcplogger
TRPT
ethernet free
arp arp
ConnectVIEW CMIP Library
ENTM CMU SNMP
etherfind DiG
etherhostprobe ENTM
EtherMeter etherhostprobe
EtherView hammer
LAN Patrol hopcheck
LanProbe HyperMIB
LANWatch Internet Rover
map map
NETMON (III) netmon (I)
netwatch NETMON (II)
Network Integrator netstat
nfswatch netwatch
NMC net_monitor
NNStat nfswatch
proxyd nhfsstone
SERAG NNStat
Sniffer NPRV
Snmp Libraries nslookup
snmpd (II) osilog
SpiderMonitor osimic
tcpdump osimon
Unisys NCC OSITRACE
WIN/MGT Station ping
XNETMON (II) query
xnetperfmon sma
SNMP Kit
tcpdump
FDDI tcplogger
Unisys NCC traceroute
TRPT
TTCP
generator
hammer
nhfsstone
ping
Sniffer
SpiderMonitor
spray
TTCP
Unisys NCC
HP IP
xup arp
CMU SNMP
Dual Manager
ENTM
etherfind
etherhostprobe
EtherView
getone
hammer
hopcheck
Internet Rover
LANWatch
map
Netlabs CMOT Agent
Netlabs SNMP Agent
netmon (I)
NETMON (II)
NETMON (III)
netstat
netwatch
net_monitor
nfswatch
NMC
NNStat
NPRV
OverVIEW
ping
proxyd
query
SERAG
Sniffer
SNMP Kit
Snmp Libraries
snmpask
snmpd (I)
snmpd (II)
snmplookup
snmpperfmon
snmppoll
snmpquery
snmproute
snmpset
snmpsrc
snmpstat
snmptrapd
snmpwatch
snmpxbar
snmpxconn manager
snmpxmon CMIP Library
snmpxperf CMU SNMP
snmpxperfmon ConnectVIEW
snmpxrtmetric decaddrs
SpiderMonitor Dual Manager
SPIMS getone
spray LanProbe
Tcpdump map
Tcplogger Netlabs CMOT Agent
Traceroute Netlabs SNMP Agent
TRPT NETMON (III)
TTCP NMC
Unisys NCC NNStat
WIN/MGT Station osilog
xnetmon (I) osimic
XNETMON (II) osimon
xnetperfmon OverVIEW
sma
SNMP Kit
library Snmp Libraries
CMIP Library snmpask
Dual Manager snmpd (I)
LANWatch snmpd (II)
proxyd snmplookup
WIN/MGT Station snmpperfmon
snmppoll
snmpquery
Macintosh snmproute
HyperMIB snmpsrc
snmpset
snmpstat
snmptrapd
snmpwatch
snmpxbar
snmpxconn
snmpxmon
snmpxperf
snmpxperfmon
snmpxrtmetric
TokenVIEW
Unisys NCC
WIN/MGT Station
xnetmon (I)
XNETMON (II)
xnetperfmon
map NMS
decaddrs CMU SNMP
etherhostprobe ConnectVIEW
EtherMeter decaddrs
LanProbe Dual Manager
map EtherMeter
NETMON (III) getone
Network Integrator LanProbe
NPRV map
Snmp Libraries Netlabs CMOT Agent
snmpxconn Netlabs SNMP Agent
snmpxmon NETMON (III)
Unisys NCC NMC
xnetmon (I) NNStat
XNETMON (II) OverVIEW
proxyd
SERAG
NFS SNMP Kit
etherfind Snmp Libraries
EtherView snmpask
nfswatch snmpd (I)
nhfsstone snmpd (II)
Sniffer snmplookup
tcpdump snmpperfmon
snmppoll
snmpquery
snmproute
snmpset
snmpsrc
snmpstat
snmptrapd
snmpwatch
snmpxbar
snmpxconn
snmpxmon
snmpxperf
snmpxperfmon
snmpxrtmetric
TokenVIEW
Unisys NCC
WIN/MGT Station
xnetmon (I)
XNETMON (II)
xnetperfmon
OSI ring
CMIP Library ConnectVIEW
Dual Manager LANWatch
LANWatch map
Netlabs CMOT Agent NETMON (III)
NETMON (III) netwatch
osilog proxyd
osimic Sniffer
osimon Snmp Libraries
OSITRACE snmpd (II)
sma TokenVIEW
Sniffer XNETMON (II)
Snmp Libraries xnetperfmon
SpiderMonitor
SPIMS
XNETMON (II) routing
xnetperfmon arp
ConnectVIEW
decaddrs
ping etherhostprobe
etherhostprobe getone
hopcheck hopcheck
Internet Rover NETMON (III)
map netstat
netmon (I) net_monitor
net_monitor NMC
NPRV NPRV
ping query
spray Snmp Libraries
traceroute snmproute
TTCP snmpsrc
Unisys NCC snmpxrtmetric
xup traceroute
WIN/MGT Station
XNETMON (II)
proprietary
ConnectVIEW
EtherMeter security
LanProbe Comp. Security Checklist
SERAG ConnectVIEW
TokenVIEW Dual Manager
LAN Patrol
SERAG
reference XNETMON (II)
HyperMIB
Unisys NCC
SMTP sourcelib
Internet Rover CMIP Library
LANWatch CMU SNMP
mconnect HyperMIB
Sniffer Internet Rover
LANWatch
map
SNMP NETMON (III)
CMU SNMP net_monitor
decaddrs proxyd
Dual Manager SNMP Kit
getone Snmp Libraries
map Snmpd (II)
Netlabs SNMP Agent SpiderMonitor
NETMON (III) XNETMON (II)
NMC xnetperfmon
OverVIEW
proxyd
SNMP Kit spoof
Snmp Libraries DiG
snmpask Internet Rover
snmpd (I) mconnect
snmpd (II) nhfsstone
snmplookup nslookup
snmpperfmon query
snmppoll SPIMS
snmpquery
snmproute
snmpset standalone
snmpsrc EtherMeter
snmpstat Sniffer
snmptrapd SpiderMonitor
snmpwatch
snmpxbar
snmpxconn star
snmpxmon LAN Patrol
snmpxperf LANWatch
snmpxperfmon map
snmpxrtmetric NETMON (III)
Unisys NCC proxyd
WIN/MGT Station Sniffer
xnetmon (I) Snmp Libraries
XNETMON (II) snmpd (II)
xnetperfmon XNETMON (II)
xnetperfmon
status traffic
CMIP Library ENTM
CMU SNMP etherfind
ConnectVIEW EtherMeter
DiG EtherView
Dual Manager LAN Patrol
getone LanProbe
Internet Rover LANWatch
LanProbe NETMON (II)
mconnect netwatch
Netlabs CMOT Agent Network Integrator
Netlabs SNMP Agent nfswatch
netmon (I) NMC
net_monitor NNStat
NMC osimon
NNStat OSITRACE
NPRV Sniffer
nslookup snmpxperfmon
osimic SpiderMonitor
osimon tcpdump
OverVIEW tcplogger
ping TRPT
proxyd Unisys NCC
sma WIN/MGT Station
SNMP Kit
Snmp Libraries
snmpask
snmpd (I)
snmpd (II)
snmplookup
snmpperfmon
snmppoll
snmpquery
snmpstat
snmpwatch
snmpxbar
snmpxconn
snmpxmon
snmpxperf
snmpxperfmon
TokenVIEW
Unisys NCC
WIN/MGT Station
xnetmon (I)
XNETMON (II)
xnetperfmon
xup
snmpxbar
UNIX snmpxconn
arp snmpxmon
CMIP Library snmpxperf
CMU SNMP snmpxperfmon
decaddrs snmpxrtmetric
DiG SPIMS
Dual Manager spray
etherfind tcpdump
etherhostprobe tcplogger
EtherView traceroute
getone TRPT
Internet Rover TTCP
map Unisys NCC
mconnect WIN/MGT Station
NETMON (II) xnetmon (I)
netstat XNETMON (II)
Network Integrator xnetperfmon
net_monitor
nfswatch
nhfsstone VMS
NMC arp
NNStat ENTM
nslookup netstat
osilog net_monitor
osimic NPRV
osimon nslookup
OSITRACE ping
ping Snmp Libraries
proxyd tcpdump
query traceroute
SERAG TTCP
sma XNETMON (II)
SNMP Kit xnetperfmon
Snmp Libraries
snmpask
snmpd (I)
snmpd (II)
snmplookup
snmpperfmon
snmppoll
snmpquery
snmproute
snmpset
snmpsrc
snmpstat
snmptrapd
snmpwatch
X
Dual Manager
map
snmpxbar
snmpxconn
snmpxmon
snmpxperf
snmpxperfmon
snmpxrtmetric
WIN/MGT Station
XNETMON (II)
xnetperfmon
xup
3. Tool Descriptions This section is a collection of brief descriptions of tools for managing TCP/IP internets. These entries are in alpha- betical order, by tool name. The entries all follow a standard format. Immediately after the NAME of a tool are its associated KEYWORDS. Keywords are terse descriptions of the purposes or attributes of a tool. A more detailed description of a tool's purpose and characteristics is given in the ABSTRACT section. The MECHANISM section describes how a tool works. In CAVEATS, warnings about tool use are given. In BUGS, known bugs or bug-report procedures are given. LIMITATIONS describes the boundaries of a tool's capabilities. HARDWARE REQUIRED and SOFTWARE REQUIRED relate the operational environment a tool needs. Finally, in AVAILABILITY, pointers to vendors, online repositories, or other sources for a tool are given. We deal with the problem of tool-name clashes -- different tools that have the same name -- by appending parenthetical roman numerals to the names. For example, BYU, MITRE, and SNMP Research each submitted a description of a tool called "NETMON." These tools were independently developed, are functionally different, run in different environments, and are no more related than Richard Burton the 19th century explorer and Richard Burton the 20th century actor. BYU's tool "NETMON" is listed as "NETMON (I)," MITRE's as "NETMON (II)," and the tool from SNMP Research as "NETMON (III)." The parenthetical roman numerals reveal only the order in which the catalog editor received the tool descriptions. They should not be construed to indicate any sort of prefer- ence, priority, or rights to a tool name.
NAME
arp
KEYWORDS
routing; ethernet, IP; UNIX, VMS; free.
ABSTRACT
Arp displays and can modify the internet-to-ethernet
address translations tables used by ARP, the address
resolution protocol.
MECHANISM
The arp program accesses operating system memory to
read the ARP data structures.
CAVEATS
None.
BUGS
None known.
LIMITATIONS
Only the super user can modify ARP entries.
HARDWARE REQUIRED
No restrictions.
SOFTWARE REQUIRED
BSD UNIX or related OS, or VMS.
AVAILABILITY
Available via anonymous FTP from uunet.uu.net, in
directory bsd-sources/src/etc. Available with 4.xBSD
UNIX and related operating systems. For VMS, available
as part of TGV MultiNet IP software package, as well as
Wollongong's WIN/TCP.
NAME
CMIP Library
KEYWORDS
alarm, control, manager, status; OSI; UNIX; free,
library, sourcelib.
ABSTRACT
The CMIP Library implements the functionality of the
Common Management Information Service/Protocol as in
the documents ISO DP 9595-2/9596-2 of March 1988. It
can act as a building block for the construction of
CMIP-based agent and manager applications.
MECHANISM
The CMIP library uses ISO ROS, ACSE and ASN.1 presenta-
tion, as implemented in ISODE, to provide its service.
CAVEATS
None.
BUGS
None known.
LIMITATIONS
The M-CREATE, M-DELETE and M-ACTION protocol primitives
are not implemented in this version.
HARDWARE REQUIRED
Developed on Sun3, tested on Sun3 and VAXStation.
SOFTWARE REQUIRED
The ISODE protocol suite, BSD UNIX.
AVAILABILITY
The CMIP library and related management tools built
upon it, known as OSIMIS (OSI Management Information
Service), are publicly available from University Col-
lege London, England via FTP and FTAM. To obtain
information regarding a copy send email to
gknight@ac.ucl.cs.uk or call +44 1 380 7366.
NAME
The CMU SNMP Distribution
KEYWORDS
manager, status; IP; NMS, SNMP; UNIX; free, sourcelib.
ABSTRACT
The CMU SNMP Distribution includes source code for an
SNMP agent, several SNMP client applications, an ASN.1
library, and supporting documentation.
The agent compiles into about 10 KB of 68000 code. The
distribution includes a full agent that runs on a
Kinetics FastPath2/3/4, and is built into the KIP
appletalk/ethernet gateway. The machine independent
portions of this agent also run on CMU's IBM PC/AT
based router.
The applications are designed to be useful in the real
world. Information is collected and presented in a
useful format and is suitable for everyday status moni-
toring. Input and output are interpreted symbolically.
The tools can be used without referencing the RFCs.
MECHANISM
SNMP.
CAVEATS
None.
BUGS
None reported. Send bug reports to
sw0l+snmp@andrew.cmu.edu. ("sw0l" is "ess double-you
zero ell.")
LIMITATIONS
None reported.
HARDWARE REQUIRED
The KIP gateway agent runs on a Kinetics FastPath2/3/4.
Otherwise, no restrictions.
SOFTWARE REQUIRED
The code was written with efficiency and portability in
mind. The applications compile and run on the follow-
ing systems: IBM PC/RT running ACIS Release 3, Sun3/50
running SUNOS 3.5, and the DEC microVax running Ultrix
2.2. They are expected to run on any system with a
Berkeley socket interface.
AVAILABILITY
This distribution is copyrighted by CMU, but may be
used and sold without permission. Consult the copy-
right notices for further information. The distribu-
tion is available by anonymous FTP from the host
lancaster.andrew.cmu.edu (128.2.13.21) as the files
pub/cmu-snmp.9.tar, and pub/kip-snmp.9.tar. The former
includes the libraries and the applications, and the
latter is the KIP SNMP agent.
Please direct questions, comments, and bug reports to
sw0l+snmp@andrew.cmu.edu. ("sw0l" is "ess double-you
zero ell.") If you pick up this package, please send a
note to the above address, so that you may be notified
of future enhancements/changes and additions to the set
of applications (several are planned).
NAME
Computer Security Checklist
KEYWORDS
security; DOS.
ABSTRACT
This program consists of 858 computer security ques-
tions divided up in thirteen sections. The program
presents the questions to the user and records their
responses. After answering the questions in one of the
thirteen sections, the user can generate a report from
the questions and the user's answers. The thirteen
sections are: telecommunications security, physical
access security, personnel security, systems develop-
ment security, security awareness and training prac-
tices, organizational and management security, data and
program security, processing and operations security,
ergonomics and error prevention, environmental secu-
rity, and backup and recovery security.
The questions are weighted as to their importance, and
the report generator can sort the questions by weight.
This way the most important issues can be tackled
first.
MECHANISM
The questions are displayed on the screen and the user
is prompted for a single keystroke reply. When the end
of one of the thirteen sections is reached, the answers
are written to a disk file. The question file and the
answer file are merged to create the report file.
CAVEATS
None.
BUGS
None known.
LIMITATIONS
None reported.
HARDWARE REQUIRED
No restrictions.
SOFTWARE REQUIRED
DOS operating system.
AVAILABILITY
A commercial product available from:
C.D., Ltd.
P.O. Box 58363
Seattle, WA 98138
(206) 243-8700
NAME
ConnectVIEW
KEYWORDS
control, manager, routing, security, status; bridge,
ethernet, ring; NMS, proprietary; DOS.
ABSTRACT
The ConnectVIEW Network Management System consists of
various software managers that control and manage Hal-
ley System's internets made of of ConnectLAN 100 ether-
net and ConnectLAN 200 Token Ring Brouters. The
management software provides an icon-based graphical
network display with real-time monitoring and report-
ing, along with configuration, fault, performance and
security management functions for managing ConnectLAN
brouters. A Planning function is also provided that
allows users to draw their networks.
MECHANISM
Proprietary.
CAVEATS
The ConnectVIEW software must be running under Micro-
soft Windows, preferably on a dedicated management sta-
tion. There is, however, no degradation of LAN
throughput.
BUGS
None known.
LIMITATIONS
Currently works only with Halley System's products.
HARDWARE REQUIRED
Requires a PC/AT compatible, with 640KB RAM, EGA
adapter and monitor, keyboard, mouse, and ethernet
adapter.
SOFTWARE REQUIRED
MSDOS 3.3 or higher. Microsoft Windows/286 version
2.1.
AVAILABILITY
Commercially available from:
Halley Systems, Inc.
2730 Orchard Parkway
San Jose, CA 95134
NAME
decaddrs, decaroute, decnroute, xnsroutes, bridgetab
KEYWORDS
manager, map, routing; bridge, DECnet; NMS, SNMP; UNIX.
ABSTRACT
These commands display private MIB information from
Wellfleet systems. They retrieve and format for
display values of one or several MIB variables from the
Wellfleet Communications private enterprise MIB, using
the SNMP (RFC1098). In particular these tools are used
to examine the non-IP modules (DECnet, XNS, and Bridg-
ing) of a Wellfleet system.
Decaddrs displays the DECnet configuration of a
Wellfleet system acting as a DECnet router, showing the
static parameters associated with each DECnet inter-
face. Decaroute and decnroute display the DECnet
inter-area and intra-area routing tables (that is area
routes and node routes). Xnsroutes displays routes
known to a Wellfleet system acting as an XNS router.
Bridgetab displays the bridge forwarding table with the
disposition of traffic arriving from or directed to
each station known to the Wellfleet bridge module. All
these commands take an IP address as the argument and
can specify an SNMP community for the retrieval. One
SNMP query is performed for each row of the table.
Note that the Wellfleet system must be operating as an
IP router for the SNMP to be accessible.
MECHANISM
Management information is exchanged by use of SNMP.
CAVEATS
None.
BUGS
None known.
LIMITATIONS
None reported.
HARDWARE REQUIRED
Distributed and supported for Sun 3 systems.
SOFTWARE REQUIRED
Distributed and supported for SunOS 3.5 and 4.x.
AVAILABILITY
Commercial product of:
Wellfleet Communications, Inc.
12 DeAngelo Drive
Bedford, MA 01730-2204
(617) 275-2400
NAME
DiG
KEYWORDS
status; DNS; spoof; UNIX; free.
ABSTRACT
DiG (domain information groper), is a command line tool
which queries DNS servers in either an interactive or a
batch mode. It was developed to be more
convenient/flexible than nslookup for gathering perfor-
mance data and testing DNS servers.
MECHANISM
Dig is built on a slightly modified version of the bind
resolver (release 4.8).
CAVEATS
none.
BUGS
None known.
LIMITATIONS
None reported.
HARDWARE REQUIRED
No restrictions.
SOFTWARE REQUIRED
BSD UNIX.
AVAILABILITY
DiG is available via anonymous FTP from venera.isi.edu
in pub/dig.1.0.tar.Z.
NAME
Dual Manager
KEYWORDS
alarm, control, manager, map, security, status; IP,
OSI; NMS, SNMP, X; UNIX; library.
ABSTRACT
Netlabs' Dual Manager provides management of TCP/IP
networks using both SNMP and CMOT protocols. Such
management can be initiated either through the X-
Windows user interface (both Motif and Openlook), or
through OSI Network Management (CMIP) commands. The
Dual Manager provides for configuration, fault, secu-
rity and performance management. It provides extensive
map management features, including scanned maps in the
background. It provides simple mechanisms to extend
the MIB and assign specific lists of objects to
specific network elements, thereby providing for the
management of all vendors' specific MIB extensions. It
provides an optional relational DBMS for storing and
retrieving MIB and alarm information. Finally, the
Dual Manager is an open platform, in that it provides
several Application Programming Interfaces (APIs) for
users to extend the functionality of the Dual Manager.
The Dual Manager is expected to work as a TCP/IP
"branch manager" under DEC's EMA, AT&T's UNMA and other
OSI-conformant enterprise management architectures.
MECHANISM
The Netlabs Dual Manager supports the control and moni-
toring of network resources by use of both CMOT and
SNMP message exchanges.
CAVEATS
None.
BUGS
None known.
LIMITATIONS
None reported.
HARDWARE REQUIRED
Runs on Sun/3 and Sun/4s.
SOFTWARE REQUIRED
Available on System V or SCO Open Desktop environments.
Uses X-Windows for the user interface.
AVAILABILITY
Commercially available from:
Netlabs Inc
11693 Chenault Street Ste 348
Los Angeles CA 90049
(213) 476-4070
lam@netlabs.com (Anne Lam)
NAME
ENTM -- Ethernet Traffic Monitor
KEYWORDS
traffic; ethernet, IP; eavesdrop; VMS; free.
ABSTRACT
ENTM is a screen-oriented utility that runs under
VAX/VMS. It monitors local ethernet traffic and
displays either a real time or cumulative, histogram
showing a percent breakdown of traffic by ethernet pro-
tocol type. The information in the display can be
reported based on packet count or byte count. The per-
cent of broadcast, multicast and approximate lost pack-
ets is reported as well. The screen display is updated
every three seconds. Additionally, a real time, slid-
ing history window may be displayed showing ethernet
traffic patterns for the last five minutes.
ENTM can also report IP traffic statistics by packet
count or byte count. The IP histograms reflect infor-
mation collected at the TCP and UDP port level, includ-
ing ICMP type/code combinations. Both the ethernet and
IP histograms may be sorted by ASCII protocol/port name
or by percent-value. All screen displays can be saved
in a file for printing later.
MECHANISM
This utility simply places the ethernet controller in
promiscuous mode and monitors the local area network
traffic. It preallocates 10 receive buffers and
attempts to keep 22 reads pending on the ethernet dev-
ice.
CAVEATS
Placing the ethernet controller in promiscuous mode may
severly slow down a VAX system. Depending on the speed
of the VAX system and the amount of traffic on the lo-
cal ethernet, a large amount of CPU time may be spent
on the Interrupt Stack. Running this code on any pro-
duction system during operational hours is discouraged.
BUGS
Due to a bug in the VAX/VMS ethernet/802 device driver,
IEEE 802 format packets may not always be detected. A
simple test is performed to "guess" which packets are
in IEEE 802 format (DSAP equal to SSAP). Thus, some
DSAP/SSAP pairs may be reported as an ethernet type,
while valid ethernet types may be reported as IEEE 802
packets.
In some hardware configurations, placing an ethernet
controller in promiscuous mode with automatic-restart
enabled will hang the controller. Our VAX 8650 hangs
running this code, while our uVAX IIs and uVAX IIIs do
not.
Please report any additional bugs to the author at:
Allen Sturtevant
National Magnetic Fusion Energy Computer Center
Lawrence Livermore National Laboratory
P.O. Box 808; L-561
Livermore, CA 94550
Phone : (415) 422-8266
E-Mail: sturtevant@ccc.nmfecc.gov
LIMITATIONS
The user is required to have PHY_IO, TMPMBX and NETMBX
privileges. When activated, the program first checks
that the user process as enough quotas remaining
(BYTLM, BIOLM, ASTLM and PAGFLQUO) to successfully run
the program without entering into an involuntary wait
state. Some quotas require a fairly generous setting.
The contents of IEEE 802 packets are not examined.
Only the presence of IEEE 802 packets on the wire is
reported.
The count of lost packets is approximated. If, after
each read completes on the ethernet device, the utility
detects that it has no reads pending on that device,
the lost packet counter is incremented by one.
When the total number of bytes processed exceeds
7fffffff hex, all counters are automatically reset to
zero.
HARDWARE REQUIRED
A DEC ethernet controller.
(next page on part 2)
