This post is not about software but hardware tools for network admins. Which network gadgets am I using during my daily business? At least three, namely the Airconsole, the Pockethernet and the ProfiShark, which help me in connecting to serial ports, testing basic network connectivity, and capturing packets in a high professional way. Come in and have a look at how I’m working.
One typical task during my work as a network security consultant is to install/pre-configure new firewalls. This involves at least the following two steps: Using the serial console port to set the management IP address/netmask/default gateway as well as testing basic network connectivity after the configuration is done. Of course you can do both steps with your laptop, but I tend to leave it on my working table while using some gadgets in the data center.
Another task is to capture network packets inline (that is: not with Wireshark installed on a computer, but with a network TAP that captures *all* packets on the wire) in order to solve high-level problems. Again, you could use your notebook with its Ethernet port plugged into a port mirror, but then you’re loosing all your connections. Hence a special device…
Airconsole: Serial Connection via Smartphone (Bluetooth/WiFi)
The first step is always setting some basic parameters on any network device, such as IP addresses or a username/password. Or, if an interface gets its IP address through DHCP (IPv4) or RA/SLAAC (IPv6), to figure out which one it has. One way to get rid of the laptop is to use the Airconsole, a small terminal server with bluetooth and WiFi connectivity to a smartphone app called “Get Console”. Of course you won’t configure many complicated CLI commands through your phone, but for getting very limited information it fits.
Looking at the price we are not talking about a high-end professional device but about an affordable gadget. Personally, I won’t trust it as an always-on terminal server that is possibly able to connect through the Internet via its LAN port, but as long as I am using only bluetooth for a limited time, I think it’s secure enough. In the following photo you can see the Airconsole hanging on a Palo Alto Networks firewall in the data center. I got some strange failures on the firewall that day, I think the data plane crashed and it was stuck in the management plane. Reboot solved it. ;)
Pockethernet: Basic Network Connectivity and much more
After I applied all network and Internet settings on the firewall (via my laptop and some central management stations for the firewalls such as Palo Alto Panorama or Juniper NSM or FortiGate FortiManager), I always want to test at least the DHCP, DNS and routing functionality. Rather than using my laptop again (which would terminate all current SSH/whatever sessions), I am using the Pockethernet, again a small device plugged in via Ethernet and connected to an app called “Pockethernet” via bluetooth. Using the Link, DHCP, and Ping features, it tests the layer 2 link such as 1000 Mbit MDI/MDIX, DHCP for IPv4 as well as DNS and ping. Great. And easy! It’s just too bad that it does not work with IPv6 at all. ;( But according to the author this is on the roadmap.
Note that you can use lots of other tests with the Pockethernet, such as as cable wiremap, PoE & cable length measurements, CDP/LLDP information gathering, and external IP detection. In the photo you can see it as I plugged it into a Cisco 3750G switch. The screenshots show the Link/DHCP/Ping results at the overview page, as well as details about DHCP and CDP in the drop-down sections.
ProfiShark: Capturing Network Packets when it comes to real problems
This one comes into place if I am facing really complicated network problems: The ProfiShark from Profitap, a network TAP connected via USB 3.0 to my computer. That is: capturing network packets inline without the need of additional switches (port mirrors) nor network cards. You can simply capture 1 Gbit full duplex directly into your disk or Wireshark. Great. And that small! Please have a look at this blogpost in which I explained the ProfiShark in detail. Also note some other blogposts from myself tagged with “ProfiShark” in which I used this TAP to solve some problems.
Compared to the other two mentioned tools, the ProfiShark really is a professional network capture device. Hence the price, as you’re advised to not rely on cheap capture devices when you really want to solve network problems. In the following photo I captured all connections from a home receiver.
Conclusion: My Tools-to-go
These are the three hardware tools I am carrying with me all the time. They are quite small and easily fit into my bag (though it’s getting heavier over time). And, beside of their actual functionalities, I like to play around with them. Just as any other gadgets out there. ;) Cheers!