13 more useful tools for Linux operations

This article introduces several useful tools for Linux operations, hoping to help Linux administrators.

1. View the process usage bandwidth-nethogs

Nethogs is a network traffic monitoring tool under a terminal that can visually display the bandwidth consumed by each process.

Download: http://sourceforge.net/projects/nethogs/files/nethogs/0.8/nethogs-0.8.0.tar.gz/download

1. [[Email protected] ~] #yum-y install libpcap-devel ncurses-devel
2. [Email protected] ~]# tar zxvf nethogs-0.8.0.tar.gz
3. [Email protected] ~]# CD Nethogs
4. [[email protected] nethogs]# make && make install
5. [Email protected] nethogs]# nethogs eth0

2, hard disk reading performance test-iozone

IOzone is a Linux file system performance testing tool that can test the read and write performance of file systems in different operating systems.

Download: http://www.iozone.org/src/current/

1. [Email protected] current]# tar xvf iozone3_420.tar
2. [Email protected] ~]# CD iozone3_420/src/current/
3. [[email protected] current]# make Linux
4. [Email protected] current]#./IOZONE-A-N 512m-g 16g-i 0-i 1-i 5-f/mnt/iozone-rb./iozone.xls

• -A use fully automatic mode
• -N Sets the minimum file size (Kbytes) for automatic mode.
• -G Sets the maximum file size Kbytes that automatic mode can use.
• -I is used to specify which test to run.
• -f Specifies that the name of the test file is automatically deleted after completion
• -r generates Excel to standard output
• -b Specifies the output to the specified file

3, real-time monitoring disk io-iotop

The iotop command is a command that displays hard disk IO specifically, and the interface style is similar to the top command.

1. [Email protected] ~]# yum-y install Iotop

4, network traffic monitoring-iptraf

Iptraf is a simple network condition analysis tool running under Linux.

1. [Email protected] ~]# yum-y install Iptraf

5, network traffic monitoring-iftop

Iftop is a real-time traffic monitoring tool similar to the top of Linux. More intuitive than Iptraf.

Download: http://www.ex-parrot.com/~pdw/iftop/

1. [Email protected] ~]# tar zxvf iftop-0.17.tar.gz
2. [Email protected] ~]# CD iftop-0.17
3. [Email protected] iftop-0.17]#./configure
4. [[email protected] iftop-0.17]# make && make install
5. [Email protected] iftop-0.17]# Iftop
6. [Email protected] iftop-0.17]# iftop-i eth0 #指定监控网卡接口

• TX: Send Traffic
• RX: Receive Traffic
• Total: Overall flow
• Cumm: Total traffic running iftop to current time
• Peak: Traffic Peaks
• Rates: Represents the average traffic for the past 2s 10s 40s, respectively

6, process real-time monitoring-htop

Htop is a Linux interactive process browser that can be used to replace the top command under Linux.

RPM-IVH http://pkgs.repoforge.org/rpmforge-release/rpmforge-release-0.5.2-2.el6.rf.x86_64.rpm (install third party yum source)

1. [Email protected] ~]# yum-y install Htop

7. System Resource Monitoring-nmon

Nmon is a monitoring and analysis tool that is widely used on AIX and various Linux operating systems

Download: http://sourceforge.jp/projects/sfnet_nmon/releases/

1. [Email protected] ~]# chmod +x nmon_x86_64_rhel6
2. [Email protected] ~]# MV Nmon_x86_64_rhel6/usr/sbin/nmon
3. [Email protected] ~]# Nmon

8. Monitor multiple log-multitail

Multitail is a software that opens multiple windows in the console to enable simultaneous monitoring of multiple log documents, similar to the functionality of the tail command.

RPM-IVH http://pkgs.repoforge.org/rpmforge-release/rpmforge-release-0.5.2-2.el6.rf.x86_64.rpm (install third party yum source)

1. [Email protected] ~]# yum-y install Multitail
2. [Email protected] ~]# multitail-e "fail"/var/log/secure #筛选关键字进行监控
3. [[email protected] ~]# multitail-l "Ping baidu.com" #监控后面的命令-l will execute the command
4. [[email protected] ~]# multitail-i/var/log/messages-i/var/log/secure #-i Specify a file name

9. SSH brute force hack protection-fail2ban

Fail2ban can monitor your system log and then match the log's error message regular match to perform the corresponding masking action in general it is called firewall masking

Download: http://www.fail2ban.org/wiki/index.php/Downloads

1. [Email protected] ~]# CD fail2ban-0.8.11
2. [[email protected] fail2ban-0.8.11]# python setup.py install
3. [Email protected] fail2ban-0.8.11]# CD files/
4. [email protected] files]# CP./redhat-initd/etc/init.d/fail2ban
5. [[Email protected] files]# service Fail2ban start
6. [Email protected] files]# chkconfig--add Fail2ban
7. [Email protected] files]# chkconfig Fail2ban on

Note: You need to configure the Iptables utility, if the restart Iptables also to restart the Fail2ban, because the Fail2ban principle is to call iptables real-time block outside the attack.

2. [Email protected] ~]# grep-v "^#"/etc/fail2ban/jail.conf | Grep-v "^$"
4. [DEFAULT]
6. Ignoreip = 127.0.0.1/8# Ignore native IP
8. Bantime = #符合规则后封锁时间
10. Findtime = #在多长时间内符合规则执行封锁如600秒达到3次则执行
12. Maxretry = 3 #最大尝试次数
14. Backend = three types of auto #日志修改检测日志gamin, polling and auto
16. Usedns = Warn
18. [Ssh-iptables]
20. Enabled = true# default is disable false
22. Filter = sshd
24. Action = iptables[name=ssh, port=ssh, protocol=TCP]
26. # sendmail-whois[name=SSH,dest= recipient mailbox, sender= sender mailbox, sendername="Fail2ban"]
28. LogPath =/var/log/sshd.log #响应的错误日志一般在/var/log/secure
30. Maxretry = 5 #尝试错误次数覆盖全局中的maxretry

Note: All application protections are turned off by default and need to be turned on manually. fail2ban.conf files are log information, jail.conf files are protected by specific service and action configuration information.

1. [[email protected] ~]# touch /var/log/sshd.log 
2. [[email protected] ~]# service fail2ban restart 
3. [[ email protected] ~]# fail2ban-client status     #查看监控已经开启  
4. status 
5. |- NUMBER OF JAIL:      1 
6. '- jail list:           ssh-iptables  
7. [[email protected] ~]# iptables -l  # Iptables Filter table has fail2ban a rule  
8. fail2ban-ssh  tcp  --  anywhere              anywhere             tcp dpt:ssh 

10. Connection session Terminal Continuous-TMUX

Tmux is an excellent terminal reuse software similar to GNU screen than screen, more flexible and efficient. To ensure that the drop-off is not affecting the task running when SSH is connected.

RPM-IVH http://pkgs.repoforge.org/rpmforge-release/rpmforge-release-0.5.2-2.el6.rf.x86_64.rpm (install third party yum source)

11, the page shows disk space usage-agedu

Download: http://www.chiark.greenend.org.uk/~sgtatham/agedu/

1. [Email protected] ~]# tar zxvf agedu-r9723.tar.gz
2. [Email protected] ~]# CD agedu-r9723
3. [Email protected] ~]#./configure
4. [[email protected] ~]# make && make install
5. [[email protected] ~]# agedu-s/#-s Scan
6. [[email protected] ~]# agedu-w--address 192.168.0.10:80 #-w Enter a web link
7. [[email protected] ~]# agedu-w--address 192.168.0.108080--auth None #--auth off authentication if the port number is not added, a random browser access is generated

12. Security Scan Tool-nmap

Nmap is a network connection scan and sniffer kit under Linux that is used to scan online computers for open network connections.

Download: http://nmap.org/download.html

1. [Email protected] ~]# tar jxvf nmap-6.40.tar.bz2
2. [Email protected] nmap-6.40]#./configure
3. [[email protected] nmap-6.40]# make && make install
4. [Email protected] ~]# Nmap 192.168.0.10 #获取基本信息
5. [Email protected] ~]# Nmap-o 192.168.0.10 #获取系统版本信息
6. [Email protected] ~]# nmap-a 192.168.0.10 #获取系统综合信息
7. [Email protected] ~]# nmap 192.168.0.0/24 #获取一个网段工作设备基本信息

• -SSTCP Scan
• -SV System version Detection

13. Web Stress Test-httperf

Httperf is more powerful than AB and can test the maximum number of services a Web service can carry and identify potential problems, such as memory usage and stability. Maximum advantage: You can specify a regular pressure test to simulate the real environment.

Download: http://code.google.com/p/httperf/downloads/list

1. [Email protected] ~]# tar zxvf httperf-0.9.0.tar.gz
2. [Email protected] ~]# CD httperf-0.9.0
3. [Email protected] httperf-0.9.0]#./configure
4. [[email protected] httperf-0.9.0]# make && make install
5. [Email protected] ~]# httperf--hog --server=192.168.0.202--uri=/index.html --num-conns=10000 --wsess=10,10,0.1

Parameter description:

--hog: Let Httperf as many connections as possible, Httperf will be based on the hardware configuration, the regular generation of access connections

--num-conns: Number of connections, total initiating 10000 requests

--wsess: The user opens the Web page time pattern simulation, the first 10 means to generate 10 session connections, the second 10 means that each session connection makes 10 requests, 0.1 indicates the interval between each session connection request/s

13 more useful tools for Linux operations