Open source tools can help manage your network footprint
May 14, 2013
By Kristina Urquhart
The industrial networking environment is continuing to evolve with additions to protocols, new tools and, with the Field Device Initiative (FDI), even amalgamation to some extent. However all the ‘buzz’ continues to be about wireless and cybersecurity, which is relevant regardless of the network you are operating.
Many of us forget that cybersecurity is about more than the network but starts with policy, procedures and physical access. With wireless, physical access includes managing your wireless footprint. This includes such things as the power levels of your transmitters and gateways as well as, if used, the associated antennas.
There are a number of open source tools to help you manage the footprint of your wireless network including:
• Netstumbler (Netstumbler.com), one of the original wireless network tools that was often used by hackers to find networks while roving.
• Netsurveyor (www.performancewifi.net/performance-wifi/main/NetSurveyor.htm), which is similar to Netstumbler but also has a recording/playback feature and comes with ‘add ins’ such as NetStress, which is a comparison tool to see how your network is doing over time.
• CommView for WiFi, which allows you to capture packets and then search them for specific strings and packet types. This is the wireless version of Wireshark (wireshark.org) for wired networks which, rather than gathering data on the network layer, allows you to diagnose problems in other layers as well.
• inSSIDer from Metageek (www.metageek.net/products/inssider/), which is similar to Net Stumbler and is designed to detect wireless networks and report on their type, maximum transfer rate and channel usage. InSSIDer includes graphical representation of each wireless network’s amplitude and channel usage
• Azulstar developed Wireless Wizard (www.azulstar.com/support/wireless-wizard/) to provide a series of diagnostic tests to see how well your wireless network is performing. More commonly used on ‘the home front,’ it also includes a spectrum analyzer that recommends the best wireless channel to use.
Staying with the “Open Source” concept, there is also an “Open source” antenna, or cantenna as it is affectionately known, with instructions available from a number of web sites. The cantenna was the created in July 2001 from an empty Pringles chips can and hence the name. The cantenna is a directional 2.4 Ghz wireless network 12dB yagi antenna, with a collector rod assembly, compatible with 802.11b and 802.11g wireless networks.
Open source is also coming to our assistance on the cybersecurity side with a test suite from the Open Information Security Foundation (OISF). OISF has created an Open Source Intrusion Detection and Prevention Engine called Suricata. The United States Department of Homeland Security’s Directorate funds Suricata for its Science and Technology HOST (Homeland Open Security Technology) program, the U.S. Navy’s Space and Naval Warfare Systems Command (SPAWAR) and other consortium members.
The Suricata Engine and the HTP Library, an HTTP normalizer and parser written by Ivan Ristic of Mod Security are available to use under GNU General Public License (GNU GPL) version 2. The HTP library is required by the engine integrates and provides very advanced processing of HTTP (Hyper Text Transfer Protocol – the same protocol used to read/display web pages) streams for Suricata. Suricata is available for download at www.openinfosecfoundation.org/index.php/download-suricata.
One more tool to help you manage your network is Network Diagnostic Tool (NDT) (www.internet2.edu/performance/ndt/) which is designed to quickly and easily identify a specific set of conditions that are known to impact network performance. NDT does this by performing the following tasks: simple bi-directional test to gather E2E (End To End) data; gather multiple data variables from the server; compare measured performance to analytical values; and then translate network values into plain text messages for interpretation by yourself or your network administrator.
This article originally appeared in the May 2013 issue of Manufacturing AUTOMATION.