Network Computing is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them. Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

A Better Windows Watcher

I started with a basic ping scan of the network, but abandoned this after watching the application trudge through the network. The few machines it scanned showed several services running, which I verified. NetRAT is slow because it does more than tap the port (open and close the connection); it opens a connection and queries the service to determine if the port and service match.

Discovery via Windows workgroups/domains was much quicker and yielded the in-depth information I had anticipated. NetRAT displayed every domain and workgroup on the network and caught one I hadn't realized existed. By logging into individual systems as a user with administrative rights, I could examine accounts and system information, including rights, groups and auditing data.

This information can be saved for future reference or immediately added for differential analysis, letting you compare single or multiple devices for changes over time. Discovered information is encrypted and saved to a proprietary database. This mechanism also can be used to track Registry changes. And NetRAT provides a centralized store in its databases for tracking config changes.

NetRAT's SNMP discovery handles v1 and v2 equally well, and its SNMP scan is much faster than its ping and port scans. Detailed information is returned via SNMP discovery for devices as well as machines. I pulled detailed information from our Cisco routers and switches, IP and interface statistics, and general system information. NetRAT says it plans to support Unix and Novell next.

Data Breakdown

  • 1