ToolBoxNew Products for IT Professionals

Greg Steen

Network Backups

Cobian Backup

Cobian Backup 7.4.5, which was written by Luis Cobian, is a smooth-running, full-featured FTP backup program. The program was first released in November 2000; unlike some of the other freebies out there, the version number is representative of its build history—meaning it has had some time to evolve. And it shows.

Cobian Backup does not support SFTP, which may be a deal-breaker for some infrastructures, but it does support FTP over Transport Layer Security (TLS). You can not only back up to an FTP server, but also from an FTP server to local and networked resources. The application also supports backing up your data to multiple locations.

As is standard with most backup software, backups are delineated into tasks that can be either full, incremental, or differential backups. If you choose to overwrite existing backups, you can specify how many historical backups you would like to keep and the application automatically removes older backups. When relying on incremental backups, you can specify how often a full backup should be performed, making weekly rotations a snap. Adding file and folder lists to an archive task is as easy as drag and drop in Windows® Explorer. And the application fully supports wildcards and exclusion lists, so you can easily back up what you need and ignore what you don’t.

If, for some reason, you fear the polished world of the GUI and want to use your own scheduler for triggering backup tasks rather than using the built-in feature, you can use the application’s command-line mode. As with most networked applications, accessing network resources requires that the application’s service component run as a user and the application will warn you of this fact upon installation. If your backups are not segmented onto their own network interface cards (NICs) and network, bandwidth QoS during maintenance and management may be a concern. To address this, Cobian Backup allows you to limit the speed of your FTP transfers.

In addition, you can reduce the size of your archive (and thus your disk space usage and transfer bandwidth) by choosing to compress it with ZIP or SQX compression. The application uses the Zip64 format for files larger than 2GB; most of the popular extractors can now handle this file format, and the application includes its own integrated unzip utility.

If you are going to move your backups from nearline disk storage to some kind of removable media (like a CD or DVD), you can split the compressed archives into appropriately sized chunks. In addition to password protecting those archives, you can also encrypt them with pass-phrase protected 128-bit Blowfish, 128-bit Rijndael, or 64-bit Data Encryption Standard (DES) algorithms. A "red-light-green-light" indicator displays the perceived strength of your designated pass phrase. It is important to note that using encryption on large backups can be very resource intensive, so be sure to plan appropriately.

For each backup task, you can stipulate events that will take place both before and after the task has completed. For example, you can tell the application to pause for a number of seconds (a handy option when chaining maintenance events), or have it start (or stop) a Windows service. In addition, you can call for the parameterized execution of another application or call for that execution and wait for its completion (this is great for copying your Web logs to a central location and adding them to an archive). You can even close a running program based upon its window title and choose whether to forcibly close that application if it is currently in an unsaved state.

Cobian Backup is free to download, though the Web site does allow you to make donations. In my opinion, this is one of the better choices out there for the IT pro on a budget and is definitely deserving of a donation.

Price: Free

Analyze Web Requests


Whether you are a developer, QA specialist, or operations person, IEWatch from IEWatch Software, LLC, is worth considering for your IT toolbox. Simply put, the application shows you all the details of the requests and responses when you hit a URL from your browser. On a basic level, the application is a nice learning tool, showing you just how many and what kinds of requests and responses are involved in a single page request on your site.

Running as a plug-in for Microsoft® Internet Explorer®, IEWatch splits the browser window into two frames: the top shows the rendered Web page, while the bottom displays the components that made up the request and response combination. As you make a page request, the application lists the time each GET or POST request method was made along with how long it took to receive a response, the size of the response, the return code, the content type, and the URL that was requested. The response status code even shows when the browser has retrieved an item from cache instead of from the server—this is helpful for determining why a page may seem out of whack.

Clicking on an individual request gives you even more detail, showing you all the request and response HTTP headers for that individual request. A double-click gives you the script source for script requests, the graphic for image requests, and the HTML source or query string key/value pairs for text/HTML requests. Since IEWatch runs in the browser, it can even view HTTPS connection details. Double-clicking on a POST request spits out all the key value pairs in that post, which is great help in debugging your site’s Web forms.

Returning a temporary redirection instead of a permanent redirection when you are not intending to do so can be detrimental to your rankings on some search engines. You can use IEWatch to ensure that your redirects are pointing to the correct locations and giving the correct redirect responses. I also find it handy when searching for anomalies among servers in a Web farm. And you never know when that minor JavaScript bug may be writing the wrong tracking URL for keyword tracking, which leads to traffic stats ending up misaligned with the conversion rates. A single-user license for IEWatch runs $89.00 with small percentage discounts for multiple licenses.

Price: $89.00

Analyze Network Protocols

SoftPerfect Network Protocol Analyzer

SoftPerfect Network Protocol Analyzer , from SoftPerfect Research, is a cleanly implemented and easy-to-use network sniffer for the Windows desktop. Unlike many sniffer applications, SoftPerfect Network Protocol Analyzer does not require you to install the open source WinPCap (Windows Packet Capture Library) driver to access low-level network data.

One of the best aspects of the application is its filtering set, which allows you to easily narrow down your target traffic. You can filter by Ethernet and IP frames, MAC and IP addresses, ports, and packet content. When you click on a packet from the GUI, the program gives you a nice tree view of all the packet details including readable Ethernet, IP, UDP, and DNS headers where applicable. The app also allows you to maintain an address book of hostnames and IP and MAC addresses of interest. Another nice feature is its ability to reconstruct data flows based upon TCP streams, such as HTTP, and present them in an easy-to-read format. And this can be done with just a few quick clicks within the GUI.

SoftPerfect Network Protocol Analyzer also allows you to construct custom packets and deliver them to the network, which is a great way to test the robustness of new intrusion prevention and detection systems deployed in your infrastructure. When constructing your test packets, you can build your packet from scratch or start with a template, change the size of the packet, and even calculate the checksum of the packet before you send it into your network. You can even set both the delay between the packets and the number of times to send the packet.

If you need to test interprocess communication that occurs within the computer, this sniffer application also includes a loopback monitoring tool. One, of course, would hope that these powerful tools are only used for good purposes within your organization.

The company offers a 30-day unrestricted trial period before you must pay to continue using the sniffer.

Price: $99.00


A1Tech’s A1Monitor is cost-effective network and server monitoring solution. Setting up this application, which runs as a Windows service on your monitoring workstation, is a breeze. The application allows you to monitor multiple URLs (or IPs) on any TCP port. You can set a timeout threshold for both TCP request responses (to any port) and ICMP (Internet Control Message Protocol) ping responses.

Failure (and server back up) notifications are delivered via e-mail and you can set both a primary and secondary SMTP or POP3 server. One of the best features is the ability to check for response text from your servers; for example, a string in your Web page (this is useful since IIS gives you nice response pages on 500s and 404s) and that 250 response on your mail server. You can also pass URL query-string parameters to your Web server if you need to check server-side scripts that depend upon values passed to the page.

Managers love to see reports, and I like that A1Monitor publishes HTML reports to a user-specified directory, detailing current status, average response times, and historical up-time statistics in both graph and percentage formats. The formats can also

be customized using the provided HTML templates.

Price: $99.95 for a single license; $169.95 for a 3-computer license.

Book Reviews

Windows Security Resource Kit

The second edition of the Microsoft Windows Security Resource Kit (Microsoft Press®, 2005) by Ben Smith and Brian Komar with the Microsoft Security Team, is a resource that any IT administrator in charge of Windows infrastructure should keep close at hand. The 700 page tome covers everything from risk management strategies to designing an 802.1x authentication infrastructure for your environment.

The book ships with a companion CD that contains sample management scripts and tools. I find the EventCombMT tool particularly useful for an environment that doesn’t have an event log aggregation system. This is a multithreaded event log parser that can parse logs from multiple servers at once. Another cool tool on the disk is Robocopy—a utility I’ve found invaluable for managing file operations ranging from log shipping to file distribution across a Web farm. The book also contains a copy of "10 Immutable Laws of Security Administration." Like the safety signs that are required to be in public view at a restaurant, this is a list that every IT professional should have hanging in their bunker.

The book has a nice chapter on configuring security for Active Directory® objects and attributes, giving clear insight into how discretionary access control lists (DACLs) work. The book also covers basic security best practices for most of the services and applications that make up a typical Windows environment, from desktop applications like Microsoft Office to server applications like IIS.

The book ends with two incredibly useful chapters; the first on patch management and security updates and the second on planning and performing security assessments and incident responses. Even if you have the best security policies in place, you need a plan of attack in case a security breach occurs. This book will give you a good overview of what you need to consider when creating an incident response plan. One other nice feature of the book is that each chapter has a reference section that points out URLs and books that have additional information regarding the topic you just finished reading about.

Price: $49.99

VPNs Illustrated

If you are looking for the deep-down nitty-gritty behind tunneling and virtual private networks (VPNs), Jon Snader’s book, VPNs Illustrated: Tunnels, VPNs, and IPsec (Addison Wesley, 2005) may be the answer.

The first part of the book goes into the background behind VPNs and tunneling, first covering TCP and TCP encapsulation, then moving on to a briefing on modern cryptography, and finally an overview of tunneling and tunneling technology. The second part of the book really hits the particulars of tunnels and VPNs, discussing both SSH and SSL. The last part of the book gives you a detailed inspection of IPsec, covering the three protocols used in IPsec and showing you how to look at the output of tcpdump to see if your VPN is in fact doing what it should be doing.

For all its detail, the book is both clearly written and accessible to the seasoned IT professional.

Price: $54.99

Greg Steen is a technology professional, entrepreneur, and enthusiast. He is always on the hunt for new tools and methods to help make operations and development easier for IT professionals.

© 2008 Microsoft Corporation and CMP Media, LLC. All rights reserved; reproduction in part or in whole without permission is prohibited.