How can I know what programs are running in another machine in the same network? Is there any software to run it locally for monitoring other machines? Does Ethereal do this work?
There are actually a few tools that may allow you to see what processes are running remotely on another machine. All of these tools require at one point or another to have authorized administrative rights to the machine. Many companies use this technology to administer servers and help troubleshoot desktop issues remotely.
The first tool that comes to mind is SNMP. Mostly because there are so many tools out there that will allow you to report upon processes running on a machine if you have SNMP access to it. There are a lot of freeware, shareware, and commercial products that will utilize the flexibility of SNMP to manage servers in this capacity. The only requirement is that you have access to the device and it is SNMP-enabled. Do a quick search for server management SNMP on Google to find a list of products available.
Depending on the operating system and platform, there are numerous remote management tools that will allow you to identify what processes are running on a client's workstation. Administration tools and resource kits (look at pstools) for Windows Operating Systems give you the ability through the Windows Management interface to connect via RPC to a client's workstation that you have administrative rights to. Similar functions exist for Unix and Linux platforms as well. They will list the processes in use, CPU, memory, and other diagnostic information for the device selected.
Unfortunately ethereal doesn't really give you this same information. Ethereal will certainly allow you to see the traffic passing through a device from one machine to the other off of a port mirror or capture on a host. But it won't tell you the actual processes that are running if it is not a network-based process. For things like HTTP, DNS, DHCP requests, ethereal will give you insight into those transactions. It is great at telling you what your packet level transactions are like for those various network services. Issuing the netstat command will also reveal information about the processes that have network connections to other hosts on the network. Using this information will allow you to troubleshoot issues regarding network connection problems. There are also several freeware tools out there that I will use for troubleshooting networking issues on a host like qCheck and TCPView.
This was first published in March 2007