• 04/23/2003
    6:02 PM
  • Network Computing
  • News
  • Connect Directly
  • Rating: 
    0 votes
    Vote up!
    Vote down!

A Better Windows Watcher

NetRAT provides in-depth analysis of Windows machines.
I started with a basic ping scan of the network, but abandoned this after watching the application trudge through the network. The few machines it scanned showed several services running, which I verified. NetRAT is slow because it does more than tap the port (open and close the connection); it opens a connection and queries the service to determine if the port and service match.

Discovery via Windows workgroups/domains was much quicker and yielded the in-depth information I had anticipated. NetRAT displayed every domain and workgroup on the network and caught one I hadn't realized existed. By logging into individual systems as a user with administrative rights, I could examine accounts and system information, including rights, groups and auditing data.

This information can be saved for future reference or immediately added for differential analysis, letting you compare single or multiple devices for changes over time. Discovered information is encrypted and saved to a proprietary database. This mechanism also can be used to track Registry changes. And NetRAT provides a centralized store in its databases for tracking config changes.

NetRAT's SNMP discovery handles v1 and v2 equally well, and its SNMP scan is much faster than its ping and port scans. Detailed information is returned via SNMP discovery for devices as well as machines. I pulled detailed information from our Cisco routers and switches, IP and interface statistics, and general system information. NetRAT says it plans to support Unix and Novell next.

Data Breakdown

We welcome your comments on this topic on our social media channels, or [contact us directly] with questions about the site.

Log in or Register to post comments