Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements
Email Security Quick-links: ESA Product Support | SMA Product Support | Email Submission and Tracking Portal | Cisco SecurityHub
Current General Deployment (GD) Releases:
ESA: 11.0.0-264 WSA: 10.5.1-296 SMA: 11.0.0-115 Email Plug-in (Reporting): 1.0.1-048 Email Plug-in (Encryption): 1.0.0-036

New Member

3rd Party Tools

Empowering IPN Citizens through tools! IronPort’s Top 10 3rd Party Tools are listed below. Reply to this post to share your favorite 3rd party tools.

For IronPort Unsupported Contributed Tools visit the Support Portal.: http://tinyurl.com/3c5l8r


IRONPORT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, WITH RESPECT TO THE PACKAGES, POSTS OR THIRD PARTY TOOLS, INCLUDING WITHOUT LIMITATION ANY IMPLIED WARRANTY OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, NONINFRINGEMENT, OR ARISING FROM COURSE OF PERFORMANCE, DEALING, USAGE OR TRADE. IRONPORT DOES NOT PROVIDE ANY SUPPORT SERVICES FOR THE PACKAGES, POSTS OR THIRD PARTY TOOLS.

  1. Remote access - connect to an appliance from a PC. Putty, Free Telnet/SSH.
    http://www.chiark.greenend.org.uk/~sgtatham/putty/download.html
  2. Log Analysis - Freeware Kiwi Syslog
    http://www.kiwisyslog.com/products/
  3. Tcpdump - tcp capture via command line
    http://www.tcpdump.org/
  4. Softerra freeware LDAP browser
    http://www.ldapbrowser.com or http://download.softerra.com/files/ldapbrowser26.msi)
  5. SimpleCom Tools has a fantastic suite of tools: SMTP Test tools, TCP and UDP test tools etc.
    http://www.simplecomtools.com/downloads.html
  6. WinSCP is a great tool to move log or config files, SCP for Windows
    http://winscp.net/eng/download.php
  7. SolarWinds has a couple of useful free tools at the bottom of this page like a free TFTP Server
    http://www.solarwinds.net/downloads/index.aspx
  8. Relay Test Pro allows you to check for open relays, it’s a trial, but fully functional
    http://www.digiarch.org/relaytest.html
  9. Edit any kind of text file including xml, html, perl, php etc.
    http://www.editpadpro.com/download.html
  10. DNS Goodies pickups where DNS stuff left off and lets you search for free without commercial info
    http://www.dnsgoodies.com/

16 REPLIES
New Member

Re: 3rd Party Tools

Softerra's LDAP browser is Windows-only. The Apache Directory Studio is cross-platform, and phpLDAPadmin runs on a web server and thus is available from any browser.

New Member

Log Analysis

Sawmill - powerful and understands Ironport-specific logs
http://www.sawmill.net/

New Member

Monitoring/NMS

OpenNMS - Takes the best features of MRTG and makes it scalable to hundreds of systems
http://www.opennms.org/

New Member

Re: 3rd Party Tools

3CDaemon is a small TFTP/FTP/Syslog server for windows. Pretty useful for quickly setting up an FTP server on your laptop or to transfer files to/from devices using TFTP.

AD Explorer. One of those little tools from sysinternals, pretty useful to look up the full DN of users or groups in Active Directory for your copy/pasting pleasure.

And of course we have wireshark/ethereal to read packet captures and VIM to edit text files.

New Member

Re: 3rd Party Tools

Some of many windows utilities that I use:

wget win32: http://users.ugent.be/~bpuype/wget/ I like to add a file association with a custom open action that runs wget like this:

C:\path\to\wget.exe -nd -nH -c -i "%1" | pause


Then when you have a lot to download you can create a .wget file and winhose will know what to do when you double click or 'run" the file from a script.

NcFTP: http://www.ncftp.com/ncftp/ Great commandline ftp client suite. Great for scripting (ncftpput/ncftpget)

TFTPD32: http://tftpd32.jounin.net/ This little beauty is about the nicest tiny tftp server I've come accross. Also has tftp client, sntp server, syslog server, and dhcp server. All services can be enabled/disabled as you need.

Dig: http://www.isc.org/sw/bind/ Better than nslookup. Download the whole bind nameserver package and then copy the following files out to somewhere on your path:

dig.exe
bindevt.dll
libbind9.dll
libdns.dll
libeay32.dll
libisc.dll
libisccc.dll
libisccfg.dll
liblwres.dll

Common usage:
dig [@some.nameserver.ipaddy] [host.]example.com [mx | any | a | etc...]

The @xxx.xxx.xxx.xxx argument causes dig to query that specific nameserver

New Member

Benchmark tools

For benchmark testing, I rely on a couple of tools:

Postal is excellent at SMTP load generation
http://www.coker.com.au/postal/

SLAMD does SMTP but is a bit weak at it. It does a great job of generating load for other protocols, like LDAP.
http://www.slamd.com/

New Member

Re: 3rd Party Tools

Free Regular Expression Designer:
http://www.radsoftware.com.au/regexdesigner/

New Member

Cacti template

Someone recently introduced me to this Cacti template for monitoring.

http://forums.cacti.net/about26829.html

I hope it's helpful.

New Member

Re: 3rd Party Tools

ldapvi is an interactive LDAP client for Unix terminals. Using it, you can update LDAP entries with a text editor (vim is the best)

http://www.lichteblau.com/ldapvi/

tcptraceroute is another powerfull traceroute that able to bypass the most common firewall filters through a specific port

http://michael.toren.net/code/tcptraceroute/

New Member

DNSStuff Hosted by Fastnext.com

All the DNSStuff tools including DNSReport hosted for free.. no trial limit.

http://dnsstuff.fastnext.com

New Member

Test Your Smtp server

I find this very usefull when it comes to testing either rules or relays from outside IP's.

http://www.wormly.com/test_smtp_server

New Member

Re: Test Your Smtp server

Another poster mentioned this free online regex tool that you can test out your regex with:


http://gskinner.com/RegExr/

New Member

Hello Anyone Can Help?

Any Free 3rd party software that could read Mail_log for C-Series?

Please advise.

:lol: :lol:

New Member

Re: Hello Anyone Can Help?

The newer AsyncOS versions for the ESA appliance has message tracking if you're trying to locate particular messages. Also, on the Support Portal, there is a tool called "spamtowho" that will analyze the "mail_logs" and provide useful information with respect to spam traffic.

What in particular where you trying to extract from the mail_logs?



Any Free 3rd party software that could read Mail_log for C-Series?

Please advise.

:lol: :lol:

New Member

Re: 3rd Party Tools

We use Nagios (http://www.nagios.org) for monitoring our Ironports.
Nagios support several plugins and has an active community developing plugins to check a variety of systems.
We use the check_ironport plugin to retrieve useful info then the HTTP(s) XML pages and the standard check_snmp plugin for the additional stuff like the hardware status.

With these two we have setup a quite robust monitoring system for our Ironports, including event forwarding to the corporate TE/C monitoring environment.

If anyone wants to have a copy of our Nagios checks, just send me a reply.


Besides this we use syslog-ng http://www.balabit.com/network-security/syslog-ng/opensource-logging-system/ (on our syslog host).
This tool allows us to filter several types of info’s from the Ironport logfiles and store those into separate logfiles. We have for example a logfile that logs all the “commit” actions and the supplied comments, a logfile that displays all the AV actions, a logfile that records all spoofed messages (by logging a custom X-header we add for spoofing) etc.
And the best of all: it supports syslog traffic over TCP (just like Ironport does)

(now we need to find someone who can convert the findevent command to a useful version on our syslog host) :)



Steven

New Member

Re: 3rd Party Tools

steven_geerts wrote:

If anyone wants to have a copy of our Nagios checks, just send me a reply.

Steven

Hi Steven, we're looking into the possiblity of using Nagios to monitor some of our IronPorts.  I'd be interested to see what your checking.

Thanks,

Ryan

609
Views
0
Helpful
16
Replies