This article is an effort to help systems administrators of Windows systems get to know about open source tools that work very well on Windows.
To help Windows systems administrators do their job effortlessly, here is a review of the top four free and open source sysadmin tools for monitoring, backup and troubleshooting.
Wireshark is the world’s leading network traffic analyser and an essential tool for any security professional or systems administrator. It is used for network troubleshooting, analysis, software and communication protocol development as well as for education. It is cross-platform and was initially released in 1998. The currently stable version, 3.0.5, was released on September 20, 2019. Wireshark 3.0.5 is used with the Qt toolkit, which is free and open source, and is used for creating the graphical user interface. It implements the UI and is used with pcap (an API for capturing network traffic) to capture packets. It runs on all UNIX-like operating systems and on Microsoft Windows.
Wireshark intercepts and converts binary traffic into human-readable format. This makes it easy to identify what traffic is crossing your network, how much of it there is, how frequent it is, the latency between certain hops, etc.
The purpose of Wireshark is:
- To troubleshoot network problems
- Examine security problems
- Debug protocol implementations
- Learn network protocols
Wireshark is free and the de facto standard in network analyser tools. It sets you apart as a network analyst. It finds problems before the users do, and it bonds with the only source of networking truth — the packets.
There are no new features or protocols added in Wireshark 3.0.5, which is the latest release. Some major bugs have been fixed, like the Qt interface crashes only on a profile with the packet list.
This is a free, disk cloning, disk imaging, data recovery and development computer program. There are two versions of it — Clonezilla Live (for single machine backup and restore) and Clonezilla SE (the server edition for larger deployments).
Clonezilla Live enables a user to clone a single computer’s storage media, or a single partition on the media, to a separate medium device.
Clonezilla Server is used to clone many computers simultaneously across a network. This is done using a Diskless Remote Boot in Linux (DRBL) server and computer workstations that can boot from a network.
- It supports any file system like (1) ext2, ext3, ext4, reiserfs, reiser4, xfs, jfs, btrfs, f2fs and nilfs2 of GNU/Linux; (2) FAT12, FAT16, FAT32, NTFS of MS Windows; (3) HFS+ of Mac OS; (4) UFS of FreeBSD, NetBSD and OpenBSD; (5) minix of Minix; and (6) VMFS3 and VMFS5 of VMware ESX. Therefore you can clone GNU/Linux, MS Windows, Intel-based MacOS, FreeBSD, NetBSD, OpenBSD, Minix, VMware ESX and Chrome OS/Chromium OS, whether it’s 32-bit (x86) or 64-bit (x86-64) OS.
- Images can be encrypted. This is done with ecryptfs, a POSIX-compliant enterprise cryptographic stacked file system.
- Multicast is supported in Clonezilla SE, which is suitable for massive cloning. You can also remotely use it to save or restore a bunch of computers if PXE and Wake-on-LAN are supported in your clients.
The latest version of Clonezilla is 2.6.3-7. It includes some enhancements and bug fixes like the Linux kernel being updated to 5.2.9-2; zfs-fuse has been removed since it’s too old, apart from other changes.
The PowerShell console is an interactive environment built on the .NET framework that enables you to run various commands in real-time. It is designed specifically for systems administrators and power users who need to automate the administration of operating systems (Linux, MacOS, UNIX and Windows) and the processes related to the apps that run on those operating systems. In addition, you can run cmd.exe commands in the PowerShell environment. It was made open source and cross-platform on August 18, 2016 with the introduction of PowerShell Core. The PowerShell ISE looks and functions the same as the cmd.exe. All your frequently used utilities, such as ping, ipconfig and nslookup, will work exactly as you expect.
The latest version of PowerShell 7 is intended to replace PowerShell Core 6.x products as well as Windows PowerShell 5.1, which is the last supported Windows PowerShell version. In order for PowerShell 7 to be a viable replacement for Windows PowerShell 5.1, it must have near parity with the latter in terms of compatibility with modules that ship with Windows.
Released in 1999, PuTTY is a free implementation of SSH and Telnet for Windows and UNIX platforms, and includes a terminal emulator. It is written and maintained primarily by Simon Tatham. PuTTY is very lightweight and fast. It supports the SSH, SCP and rlogin protocols; multiple operating systems, including both Linux and Windows; and numerous variations on the secure remote terminal. PuTTY provides user control over the SSH encryption key and protocol version, as well as alternate ciphers such as 3DES, Arcfour, Blowfish, DES and public key authentication. The network communication layer supports IPv6.
The only downside is that there is no scripting, but it can otherwise be fully customised to suit the user’s needs. PuTTY is a worthwhile tool for those wanting to connect to remote systems on a regular basis.
The latest version of PuTTY is 0.73, which is a bug-fix release. It fixes a small number of bugs that emerged since the release of v 0.72 — a couple of these had potential security implications.
- It supports many variations on the secure remote terminal and provides user control over the SSH encryption key.
- It also supports SSO through GSSAPI (Generic Security Services Application Program Interface).
- It does not support session tabs, but many wrappers are available that can be used.