About a year ago, Windows IT Pro published my "8 Absolutely Cool, Totally Free Utilities" article (InstantDoc ID 50122)—a compilation of handy tools I'd gathered in my IT travels. I use these kinds of tools on a daily basis, carrying them around on a portable USB drive so that I can grab them at a moment's notice. They make me a happier administrator, and they help make my clients even happier, too. Best of all, every one of the tools is completely free.
That article received a generous amount of positive feedback, so for the past year, I've been keeping an eye out for other free utilities that are new or that I might have missed the first time around. Without further ado, here's my second collection of eight terrific, completely free utilities that will make your job easier.
Inventory and Monitoring Tools
The modern enterprise network contains a ton of data to manage—not just user or company data, mind you, but data about how everything is put together, how it's performing, and so on. Let's start by looking at a few utilities for keeping tabs on your environment and getting the information you need when you need it.
WinDirStat
The goal of WinDirStat—probably my favorite utility in the bunch—is simple: Determine how space is being utilized across your disks and represent it visually in multiple ways so that you can easily find wasted space. This utility does a great job of ferreting out directories or files that are taking up too much space in your network. Figure 1, shows how you can display disk utilization in three ways: a traditional directory list (i.e., upper left), a graphical and interactive tree map (i.e., bottom), and an extension list (i.e., upper right).
But the figure doesn't portray this utility's interactivity. As you move your mouse over large blocks in the lower portion of the display, the names of the files represented by those blocks appear in the status bar at the bottom of the window. When you click an item, the upper-left tree list expands to the individual file in question. Through this interface, I quickly discovered about 10GB worth of PST files hidden in a Norton Protected Recycle Bin on my desktop. The large files stood out on the map, so I instantly knew what was going on. (I'd uninstalled Norton several months earlier.)
Another interactive aspect of this utility lets you click a directory name in the upper-left side of the display, producing a white frame around the objects in the graphical display at the bottom. This display gives you a visual representation of how much space each directory on your system consumes. You can start at the top-level directories or navigate down to lower-level directories in the tree, and the behavior is the same.
WinDirStat is available for every flavor of Windows released in the past decade, from Windows 95 to Windows Server 2003.
System Information for Windows
Quite frankly, System Information for Windows (SIW) knocks my socks off. This simple, standalone utility can tell you nearly anything about an individual system—and I mean anything. Figure 2 shows SIW's main interface. Once you use this tool, you'll rarely ever go to My Computer and select Manage again.
The sheer amount of system information that this utility can extract is amazing. Need to know your original Windows installation serial number and product keys? Want to see CPU or other ambient temperatures currently reported by your motherboard (assuming it's capable)? Need to find application license keys for a wide range of common off-the-shelf applications, above and beyond Microsoft products? Need to recover a password? SIW can accomplish all these tasks and report on a huge amount of data:
- Software—OS, hotfixes, installed applications (and applicable license keys, in many cases), current processes, open files, audio and video codecs
- Hardware—motherboards, sensor data, BIOS, CPU, PCI/AGP, USB and ISA/PnP, memory, video card, monitor, disk drives, CD/DVD drives, SCSI devices, Self-Monitoring, Analysis, and Reporting Technology (SMART) data, ports, printers
- Network—network cards, shares, network connections, open ports
SIW also offers password-recovery tools for revealing passwords hidden behind asterisks, product keys, and serial numbers, as well as real-time CPU, memory, page-file-usage, and network-traffic monitors. SIW is available for every version of Windows since Win98, including 64-bit versions and Windows Vista. Many thanks to Gabriel Topala for providing such a great free utility to the world.
OCS Inventory NG
Another project available at SourceForge, Open Computers and Software Inventory (OCS Inventory NG) has a larger architecture than our first two utilities do, but its goal is loftier: to provide detailed inventory data and package management across an entire network of systems. Compatible client systems for OCS Inventory NG include Windows 2003/Vista/ XP/2000/Me/NT 4.0/98/95, HP-UX, IBM AIX, Linux and BSD, Macintosh OS X, and Sun Solaris. The utility's modular and scalable architecture makes it suitable for both small networks (of a few dozen devices) and large enterprise networks (of tens of thousands of devices). Figure 3 shows the main interface.
The OCS Inventory NG architecture is comprised of five major components: agents that reside on target devices, a database server to store collected information, a server to handle all communications between agents and the database, a deployment server to store any packages that require network deployment, and a Web-based administrative console. You can install each component on its own server for high scalability, or you can place them all on the same system in smaller environments.
The level of inventory data that OCS Inventory NG can collect is comprehensive (although not as comprehensive as that of SIW) and would make any systems administrator happy. All that data is easily available and up to date in a centralized database. But in addition to providing capable network-inventory functionality, OCS Inventory NG includes package-deployment capabilities on client computers that are in the inventory system. From a Web-based administration server, you define packages that clients will download via HTTP/HTTPS. An optional OCS Inventory NG agent on client computers performs package execution.
A deployment package has four primary components: priority, action, payload, and an optional launch command. The priority component defines which packages take deployment precedent over others, and the action component describes what happens with the payload itself: simply copy it to the target system, copy and execute it, or use the launch command (external to the payload) to launch it on the system as a part of the deployment. With enough time and creativity, you'll find OCS Inventory NG's package-deployment capabilities extremely useful.
PRTG Traffic Grapher
Paessler's PRTG Traffic Grapher takes much of its history from the original, open-source multirouter traffic grapher (MRTG) project, adding a considerable amount of user friendliness to the solution. In this freeware version, you can enumerate only three sensors, but given the simplicity of PRTG's setup process and the useful data it can provide, most administrators will find the tool valuable even with only three interfaces.
PRTG offers advanced capabilities that simplify the logging and graphing of performance data over time. Performance data can include bandwidth utilization, any SNMP-instrumented data, end-to-end LAN/ WAN latency monitoring, and traffic utilization per protocol type. PRTG collects the information on a set interval and logs it to its data stores so that you can easily monitor current and over-time network performance. Figure 4 shows PRTG's main screen while the tool is running and collecting data.
PRTG's sensors have varying capabilities. For example, you can use SNMP—a low-overhead solution on the monitoring station and on target devices—for lightweight WAN-bandwidth monitoring or for monitoring a number of other easily obtained SNMP counters (e.g., CPU utilization, memory utilization). However, if you need more traffic data, packet sniffing lets you log utilization data and break it down by protocol type. Outside of the bandwidth, PRTG can also collect data from any SNMP-based counter and log it over time. PRTG also supports the concept of an "aggregate sensor," which you can use to aggregate data for multiple individual sensors (e.g., measuring bandwidth utilization, but only across switch ports 2-7 instead of the entire switch).
The installation process is quick and painless. Within five minutes, you can have the application downloaded and plotting data in your network.
Security Tools
Obviously, security of data and assets is vital to any IT organization. The free utilities I discuss here certainly don't represent a complete set of solutions to tackle all the data- and asset-protection complexities that organizations face today, but they're helpful tools for solving specific problems you might typically face.
TrueCrypt
Back in my consulting days, I usually managed simultaneous projects across a half dozen active clients. Plus, I needed to retain data and files for numerous additional clients. I had all this information on my laptop, and much of it was confidential. But even if it wasn't all confidential, it was my obligation to protect my clients' data if I took copies of it beyond their walls. I turned to TrueCrypt, another open-source project at SourceForge, as the answer for my data-encryption needs. The tool remains a rock-solid solution that I depend on today. Figure 5, shows TrueCrypt's interface.
TrueCrypt, which is available for Windows and several flavors of Linux, offers two types of encryption. First, TrueCrypt can create a virtual encrypted disk on your system that's stored in a .tc file somewhere on a file system. To Windows, the TrueCrypt disk image looks like just another file on the drive. You can back it up, copy it around your network, or carry it on a USB thumb drive. But once TrueCrypt is running, you can mount and dismount these files as new volumes within Windows, then seamlessly work on the files as easily as manipulating files on your C drive. All encryption occurs on the fly, with no other prompting or tweaking necessary. You can even format the encrypted volumes with NTFS so that you can hold large files in an encrypted volume.
The second type of encryption is to have TrueCrypt automatically encrypt an entire device (e.g., hard drive, floppy drive, USB thumb drive)—although all data currently on the target device will be wiped out. In this scenario, all data on the target device will be encrypted and decrypted when TrueCrypt is running, and unusable when it isn't running.
TrueCrypt supports a number of advanced encryption algorithms, including some algorithms that are approved for US government classification levels—all the way up to Top Secret. The tool offers several helpful dialog boxes in each of its interfaces, removing a lot of the mystery and guesswork involved with encryption. TrueCrypt is an extremely well-designed Windows application, supporting both 32-bit and 64-bit Windows, Vista User Access Control (UAC), and is digitally signed and certified by GlobalSign.
LocatePC
I often wonder why I never thought of writing the LocatePC utility myself. It's a simple application with just one purpose: to email you whenever any private or public IP address in your system changes and to otherwise remain quiet and hidden.
Why is that functionality so useful? You would use LocatePC primarily to aid in the recovery of stolen systems. Because LocatePC simply sits in the background and sends out email whenever an IP address changes, it can be beneficial if you're trying to track down a laptop that has been lost or confiscated from one of your employees during a business trip. The faster you get that asset back, the less risk of exposure you have.
Every time Windows detects a possible change in a system's IP information, LocatePC—which you can see in Figure 6— sends a detailed email message to an address that you predefine. This message includes information about every IP address in the system, the resolved public IP address of the system (which the tool gets by sending a test query to a public Internet site), a trace-route mapping to that same public system, logon details for any dial-up networking connections on the system (including phone numbers and usernames), and any hard-coded identifying information you configure for the host.
You need to understand a few caveats. First, if a thief is smart enough to completely wipe out Windows before hooking up to the Internet, you're out of luck. Second, if the thief doesn't connect to the Internet or doesn't connect to a location that permits outbound SMTP connections, you're also out of luck. No solution is guaranteed. But considering LocatePC's simplicity and small size, it's a great security measure that takes only two minutes to set up.
My only complaint is that LocatePC is never absolutely sure that something has changed. In my testing, I've determined that my home router has a tendency to blink offline for a minute every so often. When it does, as soon as the Wi-Fi interface comes back up, Windows thinks it has a new connection (even though the IP address is the same) and LocatePC sends me an alert message. I get a few of these per day. My simple solution to this annoyance was to create a custom mailbox on my mail server for all my LocatePC notices from all my PCs and laptops. Hopefully, I'll never need to look through all that information to try to recover a stolen system. However, if misfortune strikes, I'll have a good chance of discovering the computer's location when it comes back online and LocatePC emails me.
SyncBack
For years, I'd been looking for a reliable file-synchronization utility to help me perform automated backups of my data across my network. After all, who needs tape or CD backups if disk space is so cheap that you can simply have one system back up to another? I've tried a number of solutions over the years—from open-source to commercial—but SyncBack is the only solution I've stuck with.
SyncBack helps you easily back up (or synchronize) files to another location on the same drive, a different drive, a different storage medium (e.g., CD-RW, CompactFlash, USB thumb-drive), an FTP server, a network share, or a Zip archive. Unlike other utilities in this space that try to accomplish too much, SyncBack really nails its interface—which Figure 7 shows—with an approach that's simple enough to follow but doesn't skimp on features or configuration options.
I use this tool for daily, weekly, and monthly backups on my home network. By setting up three target directories on a removable 300GB USB 2.0 drive and using SyncBack's built-in scheduling capabilities (which populate the appropriate commands into the Windows scheduler service), I've created three backup profiles: one to run nightly at 5 p.m., one to run weekly at 3 a.m., and one to run on the first day of every month at 1 a.m.. I've selected a backup profile and instructed SyncBack to delete any files in the destination that aren't in the source. Now, I rest easy at night knowing that my data is backed up every single evening. These backups have saved me on more than one occasion when I've accidentally wiped out development code. By simply going to my always-up-to-date backups, I'm ready to go again. For absolutely critical files, I also have an offsite backup profile that delivers my files to an FTP server on the other side of the country.
SyncBack also supports a sync profile (i.e., changes on both sides are replicated to each other), as well as the use of direct UNC path names. The tool also supports the use of FTP servers as destinations. SyncBack can ensure that certain applications are closed before running its profiles and can email you the results of each profile it runs—or email you only when an error occurs while executing a profile.
If you have file synchronization needs on your network that you haven't figured out a workable solution for, I would suggest you take a look at SyncBack and see if it will meet your needs. The amount of functionality available in the freeware version is impressive, and its execution is rock solid.
Expand Your Toolkit
I hope some of the utilities I've described can help you reduce the number of hours you spend every day on inventory/monitoring and security tasks. For one more fantastic utility—which didn't fit into this article's categories—check out the "Screencasting with Wink" sidebar. Download all these tools and give them a try! In the meantime, I'll be keeping my eye out for more great free utilities. Check back next fall for a new batch.