Anyone connected to the Internet is exposed to all kinds of attacks. An upstream router can reduce the danger for PCs, tablets or smartphones. But if the router itself has security gaps, it can become a target for attack. Hackers can then manipulate the name resolution on the Internet and attack online banking, for example. Attackers used gaps in the widely used Fritzbox to make calls abroad, causing telephone bills of over 1,000 euros. Security problems are also repeatedly found in routers from Netgear, D-Link, Telekom’s Speedports, and others.
Networks are not only used in companies, but many private households also operate a network. As soon as a connection to the Internet is established and PCs, notebooks, smartphones, and tablets are used, they are networked with each other. In companies, the IT department takes care of security. In private households, you provide security and an overview. For this purpose, we provide various aids and tools in this article.
Check open network ports for viruses and Trojans
A PC communicates with the Internet via its IP address through the router. Different programs use different network ports of the IP address assigned to the router by the provider. In the Windows command line, you can check which of your programs connect to the Internet and which ports are used. This way you can also detect viruses and Trojans. If you cannot identify certain programs, search for the name on the Internet. In most cases, you will find information about all programs quite quickly.
If you enter the command «netstat -an» in the command line, Windows shows the open ports. More detailed information appears with «netstat -banvo». The routing table of the computer is displayed with «netstat -r», statistics about TCP/IP can be seen with «netstat -san». This provides comprehensive information about a computer’s network settings.
Sysinternals provides TCPView, a simple program that allows even inexperienced users to see which network connections are currently open. The software developer NirSoft provides a similar free tool called CurrPorts. Like TCPView, the free toolCurrPorts does not need to be installed.
SmartSniff is a small tool to detect network connections on a computer. The tool can be started directly without installation. Therefore, even newcomers to the network world can quickly get to grips with it.
Once started, the process begins with a click on the green triangle to start the investigation process. The tool then displays the computer’s connections in the network and to the Internet. The window then shows the protocol, the local address, the remote address, the port, the name of the service, the size of the data packet, and the speed. By clicking on the connection you can see more information in the lower area. If you enter the data in a search engine, you will get more information about the corresponding area. This way you can quickly detect suspicious or unwanted network traffic.
Wireshark: Free network analysis
When it comes to network analysis, the open-source solution Wireshark is one of the best known. After starting, many options are available. In the title bar, you can see information about the current scan and the version of Wireshark. The scanning of the network is done in a graphical interface. Once the scan is started, Wireshark displays information in the window. The tool displays the options of the scan operations in the graphical interface via Record/Options. Once started, recording is performed by clicking on the Start recording packets menu item.
NetworkTraffic View also scans active networks
If you have an overview of the network with SmartSniff, you can use the tool NetworkTrafficeView from the same developer. The tool shows from local computers which packets are sent from source to destination addresses. NetworkTrafficView also points out the local program sending the data as well as the source and destination port. If possible, the icon of the corresponding program is also displayed. With NetworkTrafficView, however, you can also see packets sent by other computers on the network.
Unlike SmartSniff, however, NetworkTrafficView does not show the content of the packets, but only their source and destination data. If you select a process, you can display even more information about the packet via File/Properties. You can also see in the window the time of the transmission, the responsible processes, and the size of the packets. Via the context menu of individual packets, you can save them and send them as a mail, for example, if you need more information. In practical use and many tests showed that the tool works well with SmartSniff.
Many virus scanners, for example, the free virus scanner Avast Free Antivirus, have additional protection that scans the network for security vulnerabilities. If you run Avast Free Antivirus, the tool can help improve network protection. To do this, go to the tool’s management interface and select the WLAN Inspector option under Protection. Here you will get information about the devices and the problems in the network. Similar options are also offered by many other free scanners. You should check in the manual or help if your virus scanner has such a function and call it up regularly.
Searching for vulnerabilities with a smartphone
The free app Fing (iOS, Android) can be used to examine networks with a smartphone, create inventories and find security vulnerabilities. In addition, the free app can also read out the open ports and other information of network devices and display information.
An interesting alternative to Fing is the app Network Ping Lite for Apple devices. This app can also be used to scan networks for active devices and evaluate data. Security vulnerabilities are detected just as quickly here.
The NetSpot tool, which is available for macOS X and Windows, allows you to check the availability and performance of WLANs. After the tool is installed, it checks the availability of WLANs in the building. The advantage of NetSpot is that even users or administrators without extensive knowledge of network analysis can quickly and easily get an overview of the individual WLANs. As soon as the tool is started, it displays all available WLANs as well as their signal strength. This means that network connection problems and misconfigurations can be found very quickly without having to perform complicated or complex configurations.
In addition to the optimal positioning of WLAN devices, the tool is of course also useful on notebooks, which usually connect to different WLANs due to mobile use at different locations. Because with just a few clicks, you can see which WLANs can be optimally connected and where there are problems with range and then ultimately with a stable connection for data transfers.
Track packets on the Internet with free online tools
If you have detected data packets being sent to the Internet with SmartSniff, the tool will either display the name of the server or just the IP address if the name cannot be resolved. In this case, you also have the option to view the path of the packet and find out the name of the server on the Internet. On the Network-Tools.com site, you can efficiently resolve IP addresses by server name and perform a trace operation, i.e. a tracing, for the packets.
No device today is without vulnerabilities
When it comes to mobile devices, they still are very vulnerable to hackers. Every known device or software has vulnerabilities, be it Windows, Linux, OS X, Android or iOS. The key to protect yourself here is to only use the official stores.
The same applies to “smart” televisions, which are still vulnerable to hacking. They work under the operating systems based on Linux or Android, therefore the vulnerabilities for TVs of the new generation are the same as for mobile devices. In the case of TVs, it would be worthwhile to thoroughly inspect USB devices on the computer before turning them on.
The easiest way for testing your device is okay or not is to install an anti-virus protection tool, even the free firewall is enough to check your device.