Friends, Romans, Sysadmins – lend me your /dev/ears so that I can listen to myself talk. Actually, I’m more interested in you talking. So tell me, what kind of tools do you use in your line of work, or in your spare time while tinkering?
A little while ago I did this thing where I made a somewhat extensive list of nifty malware removal and diagnostic tools. I want to do something like this for general purpose sysadmin type tools. Perhaps you will learn about a new cool app from this, or maybe I will. Either way, we all should benefit.
Shameless Self Promotion
This is the bit where I pimp my own tool. As you may or may not know, I have made Luke’s Setup Assistant into my Swiss army knife of Windows maintenance, security and administration. On it’s own the application doesn’t really do much. It basically acts as a compact launcher for bigger and better things. This way you don’t have to open a web browser to download something like Process Explorer, Malwarebytes or Hijack This. If you haven’t checked it out, please do. It has useful stuff in there.
General Purpose Utilities:
Shameless self promotion out of the way, lets pimp other people’s tools. If you could only use two website on the internet to get your resources from, what would they be? For me it would be these two:
- Windows Sysinternals – is probably the most widely known and most frequently used admin treasure chest. It’s a collection of essential tools that ought to be in Windows, but aren’t. In fact, Microsoft liked these tools so much that they hired their author and brought the website under their fold to ensure the entire collection will be maintained and updated to work on their new releases. If you never used these tools, you have probably been living under a rock or something. Here are a few self contained tiny apps that you have been missing out on:
- Autoruns – lets you see and edit what services and applications launch with windows. It’s like MSConfig but it is much, much more thorough.
- Process Explorer – is a drop in replacement for Task Manager, and about a 100 times more useful than the original app.
- SDelete – a command line, DOD 5220.22-M compliant file shredder that’s only 81Kb.
- Nirsoft Tools – are a little bit less popular, but not less useful. The page is low profile and low key, but similarly to Sysinternals it uses the treasure trove of small, single purpose, self executable apps approach. Some of my favorites include:
- Blue Screen View – a tool that lets you analyze the memory dump files left over after BSOD events
- RegDll View – lists all the registered DLL files on your system.
- NK2Edit – allows you to edit and repair Outlook NK2 (auto-complete cache) files.
- What Is Hang – helps you identify the process that is hanging up your application.
Both of these sites are extremely useful and provide a very wide range of nifty utilities. Listing them all here would be a waste of time, so I will let you explore these places on your own. Now if you were allowed to use more than two sites, here are some other tools I would recommend:
- WinDiff – is my favorite diff tool for windows. It’s easy to use, relatively fast and a good way to quickly compare files.
- WinDirStat is a tool that helps you answer the question “what the fuck is taking all this space on my hard drive?”. In other words it is disk usage visualization tool. Why would you need one? Well, sometimes Windows like to gobble up disk space in rather strange and hidden ways.
- Memtestx86 – is your one stop shop RAM testing tool. This is usually what I run when a machine is behaving erratically or hangs up in weird ways.
Every windows admin secretly wishes he was a unix admin. Don’t deny it. You know this to be true. Hell, even Microsoft knows this. So what are the best ways to get your Unix on while on windows without using a virtual machine?
- Cygwin is probably your best bet. It gives you a full bash shell, along with hundreds of downloadable utilities running within Windows. Best part is that this is not a VM or emulator. The shell can access Windows filesystem just fine – each windows drive is simply mounted under /cygdrive/ directory.
- Unix Utils – I actually wrote about this nifty collection very recently. It is nowhere near as extensive and versatile as Cygwin, but you can easily bundle it’s individual executables with batch scripts as I demonstrated in my article. You can’t do that with Cygwin binaries which must be run from within the bash shell.
Sometimes you are handed a random computer you know nothing about and are given a task of upgrading it’s hardware and getting it infected with the latest version of Windows. The problem is that short of opening the machine up it is often hard to guess what kind of guts are in there. Sure, you can probably figure out how much RAM it has, but Windows usually will not tell you if said memory resides on a single DIMM or multiple ones. Or how many DIMM’s can be put into the machine. Linux users have the excellent information tool known as LSHW which will tell you just about everything you could possibly want to know about your hardware. Windows admins are not so lucky. The built in systeminfo command is much less powerful. Fear not though, because there are a few very useful tools at your disposal:
- CPU-Z is probably the most comprehensive and thorough hardware inspection tool. It reveals a lot of information about your CPU, including Cache amount and type, temperature, latency, special features, etc. It also is very good at telling you about the specs of your memory, and other components.
- Memory Viewer is a tool you would use if all you wanted to know is amount and type of installed memory. It has nowhere near as many reporting options as CPU-Z but it is an easy, quick and painless way to check if the machine’s memory can be upgraded and by how much.
- Unknown Devices – have you ever been in this situation: you are given a machine with a fresh windows installation. Nothing works because half the hardware drivers are missing. Your Device Manager is littered with those ugly yellow question marks. To make matters worse, the machine is a custom built rig, so you can’t even look up the specs on a manufacturer’s website. What do you do? Well, this tool will turn most of the ugly question marks into actual vendor and model names. It is a life saver.
Setup & Recovery:
In our line of business we frequently need to set up, or tear down random systems. Here are some tools that make this process much easier.
Every once in a while lusers need help with their computing and usually the fastest way to help them is to wrestle the control away from them before they break more things. Fortunately nowadays this is almost as easy to do remotely as in person.
- Team Viewer is my favorite remote assistance tool. It is by far the fastest and most straightforward tool to work with. It can also be installed in service mode. The commercial license is a tad expensive though.
- CrossLoop used to be my favorite tool. Why? Because it was free and used free technology stack (TightVNC among other things). Unfortunately something has happened to it and now it is unbearably slow. Maybe it’s my network, maybe it’s something else. All I know Team Viewer is blazing fast, whereas CrossLoop connection to the same computer tends to be sluggish. Still, it might work for you.
- Join Me in theory this is the easiest one to use. You instruct the user to go to a website, click on a button and then read you a number that pops up. In practice 80% of my users is incapable of seeing the popup window because it is small and unobtrusive. Still, it is pretty good if you can get the users to notice it without spazzing out.
- PST (Problem Steps Recorder) – Not many people are aware of this little gem, but Win7 has a nifty built in tool that will “record” a session. If your user is experiencing a weird error, you can just have them run PST from the search box, then do the problem causing action. PST will save a series of screenshots and diagnostic data into a zipped up HTML slideshow that can be easily sent via email. This is pretty good when you can’t use any other remote assistance tools because of a firewall. For users that are running XP or Vista you can use Screen Recorder instead.
There are actually dozens of great security tools out there, so I will only highlight few of my favorite ones. I guess I should get the swiss army knife of everything network related out of the way first. Netcat is not really a security tool per se, but it is an extremely useful took to keep in your virtual utility belt. It you don’t believe me, just check out what you can do with it.
So there you have it. That’s my short list. Did I miss anything useful? What are your favorite tools? Please share them in the comments.