3rd Party Tools

Unanswered Question
Sep 14th, 2007

Empowering IPN Citizens through tools! IronPort’s Top 10 3rd Party Tools are listed below. Reply to this post to share your favorite 3rd party tools.

For IronPort Unsupported Contributed Tools visit the Support Portal.: http://tinyurl.com/3c5l8r


IRONPORT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, WITH RESPECT TO THE PACKAGES, POSTS OR THIRD PARTY TOOLS, INCLUDING WITHOUT LIMITATION ANY IMPLIED WARRANTY OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, NONINFRINGEMENT, OR ARISING FROM COURSE OF PERFORMANCE, DEALING, USAGE OR TRADE. IRONPORT DOES NOT PROVIDE ANY SUPPORT SERVICES FOR THE PACKAGES, POSTS OR THIRD PARTY TOOLS.

  1. Remote access - connect to an appliance from a PC. Putty, Free Telnet/SSH.
    http://www.chiark.greenend.org.uk/~sgtatham/putty/download.html
  2. Log Analysis - Freeware Kiwi Syslog
    http://www.kiwisyslog.com/products/
  3. Tcpdump - tcp capture via command line
    http://www.tcpdump.org/
  4. Softerra freeware LDAP browser
    http://www.ldapbrowser.com or http://download.softerra.com/files/ldapbrowser26.msi)
  5. SimpleCom Tools has a fantastic suite of tools: SMTP Test tools, TCP and UDP test tools etc.
    http://www.simplecomtools.com/downloads.html
  6. WinSCP is a great tool to move log or config files, SCP for Windows
    http://winscp.net/eng/download.php
  7. SolarWinds has a couple of useful free tools at the bottom of this page like a free TFTP Server
    http://www.solarwinds.net/downloads/index.aspx
  8. Relay Test Pro allows you to check for open relays, it’s a trial, but fully functional
    http://www.digiarch.org/relaytest.html
  9. Edit any kind of text file including xml, html, perl, php etc.
    http://www.editpadpro.com/download.html
  10. DNS Goodies pickups where DNS stuff left off and lets you search for free without commercial info
    http://www.dnsgoodies.com/

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
Bart_ironport Tue, 09/25/2007 - 13:54

3CDaemon is a small TFTP/FTP/Syslog server for windows. Pretty useful for quickly setting up an FTP server on your laptop or to transfer files to/from devices using TFTP.

AD Explorer. One of those little tools from sysinternals, pretty useful to look up the full DN of users or groups in Active Directory for your copy/pasting pleasure.

And of course we have wireshark/ethereal to read packet captures and VIM to edit text files.

Some of many windows utilities that I use:

wget win32: http://users.ugent.be/~bpuype/wget/ I like to add a file association with a custom open action that runs wget like this:

C:\path\to\wget.exe -nd -nH -c -i "%1" | pause


Then when you have a lot to download you can create a .wget file and winhose will know what to do when you double click or 'run" the file from a script.

NcFTP: http://www.ncftp.com/ncftp/ Great commandline ftp client suite. Great for scripting (ncftpput/ncftpget)

TFTPD32: http://tftpd32.jounin.net/ This little beauty is about the nicest tiny tftp server I've come accross. Also has tftp client, sntp server, syslog server, and dhcp server. All services can be enabled/disabled as you need.

Dig: http://www.isc.org/sw/bind/ Better than nslookup. Download the whole bind nameserver package and then copy the following files out to somewhere on your path:

dig.exe
bindevt.dll
libbind9.dll
libdns.dll
libeay32.dll
libisc.dll
libisccc.dll
libisccfg.dll
liblwres.dll

Common usage:
dig [@some.nameserver.ipaddy] [host.]example.com [mx | any | a | etc...]

The @xxx.xxx.xxx.xxx argument causes dig to query that specific nameserver
dkoh_ironport Wed, 02/11/2009 - 08:19

Any Free 3rd party software that could read Mail_log for C-Series?

Please advise.

:lol: :lol:

kluu_ironport Thu, 02/12/2009 - 09:18

The newer AsyncOS versions for the ESA appliance has message tracking if you're trying to locate particular messages. Also, on the Support Portal, there is a tool called "spamtowho" that will analyze the "mail_logs" and provide useful information with respect to spam traffic.

What in particular where you trying to extract from the mail_logs?



Any Free 3rd party software that could read Mail_log for C-Series?

Please advise.

:lol: :lol:
steven_geerts Sat, 06/13/2009 - 22:24

We use Nagios (http://www.nagios.org) for monitoring our Ironports.
Nagios support several plugins and has an active community developing plugins to check a variety of systems.
We use the check_ironport plugin to retrieve useful info then the HTTP(s) XML pages and the standard check_snmp plugin for the additional stuff like the hardware status.

With these two we have setup a quite robust monitoring system for our Ironports, including event forwarding to the corporate TE/C monitoring environment.

If anyone wants to have a copy of our Nagios checks, just send me a reply.


Besides this we use syslog-ng http://www.balabit.com/network-security/syslog-ng/opensource-logging-sys... (on our syslog host).
This tool allows us to filter several types of info’s from the Ironport logfiles and store those into separate logfiles. We have for example a logfile that logs all the “commit” actions and the supplied comments, a logfile that displays all the AV actions, a logfile that records all spoofed messages (by logging a custom X-header we add for spoofing) etc.
And the best of all: it supports syslog traffic over TCP (just like Ironport does)

(now we need to find someone who can convert the findevent command to a useful version on our syslog host) :)



Steven

RYAN KIM Wed, 02/24/2010 - 08:50

steven_geerts wrote:

If anyone wants to have a copy of our Nagios checks, just send me a reply.

Steven

Hi Steven, we're looking into the possiblity of using Nagios to monitor some of our IronPorts.  I'd be interested to see what your checking.

Thanks,

Ryan

Actions

This Discussion