If you are a network administrator you probably have a couple of must-have tools installed on your systems. Personally, I can't imagine working without Wireshark and Nmap on every computer I use.
For these and many other programs, the core functionality may not seem very different than it did a few years ago- so there's no need to update regularly, right?
Wrong. I was reminded of this in last week's Pauldotcom Security Weekly podcast, they interviewed Fyodor (creator and lead developer of Nmap). He observed that he gets a lot of feature requests and bug reports...for things which have been added/fixed years ago- but people are still using "vintage" versions of Nmap. If you aren't using Nmap 4.76 you may have missed the fact that the Zenmap GUI now includes a topology mapping utility. That's right, Zenmap can now literally draw you a picture of your network. There are also multiple performance enhancements in the latest version, many based on developments made during Fyodor's "Scan the Internet" project.
The same happens with Wireshark, I see it frequently on the maillist. Besides the obvious bugfixes and security patches, you are often missing new features- if you are not using Wireshark 1.0.3 you don't have access to the thousands of per-protocol fields now supported (including hundreds of MIBs), nor do you have all of the 935 protocols and packet types now supported. You may not even have the "firewall ACL rules" function which can write a variety of packet filter/ACL rules for many different system for you based on the packet selected. (Of course, with an Astaro you don't need that kind of arcane rules).
What tools do you need to update now?
No comments:
Post a Comment