13 Linux utility recommended, all are artifact!

Time:2020-10-31

13 Linux utility recommended, all are artifact!

This paper introduces several useful Linux tools, hoping to help.

1. View process bandwidth usage – nethogs

Nethogs is a network traffic monitoring tool under the terminal, which can intuitively display the bandwidth occupied by each process.

Download:http://sourceforge.net/projec…

[[email protected] ~]#yum-y install libpcap-develncurses-devel 
[[email protected] ~]# tar zxvf nethogs-0.8.0.tar.gz 
[[email protected] ~]# cd nethogs 
[[email protected] nethogs]# make && make install 
[[email protected] nethogs]# nethogs eth0 

13 Linux utility recommended, all are artifact!

2. Hard disk read performance test iozone

Iozone is a Linux file system performance testing tool, which can test the read and write performance of file systems in different operating systems.

Download:http://www.iozone.org/src/cur…

[root]# tar xvf iozone3_420.tar 
[root]# cd iozone3_420/src/current/ 
[root]# make linux 
[root]# ./iozone -a -n 512m -g 16g -i 0 -i 1 -i 5 -f /mnt/iozone -Rb ./iozone.xls 
  • -A use fully automatic mode
  • -N sets the minimum file size (Kbytes) for automatic mode.
  • -G sets the maximum file size Kbytes that can be used in automatic mode.
  • -I is used to specify which test to run.
  • -F specifies that the name of the test file is automatically deleted after completion
  • -R generates Excel to standard output
  • -B specifies the output to the specified file

3. Real time monitoring disk io-iotop

The iotop command is a special command to display the IO of hard disk. The interface style is similar to the top command.

yum -y install iotop 

13 Linux utility recommended, all are artifact!

4. Network traffic monitoring iptraf

Iptraf is a simple network analysis tool running under Linux.

# yum -y install iptraf

13 Linux utility recommended, all are artifact!

5. Network traffic monitoring iftop

Iftop is a real-time traffic monitoring tool similar to top under Linux. It’s more intuitive than iptraf.

Download:http://www.ex-parrot.com/~pdw…

[[email protected] ~]# tar zxvf iftop-0.17.tar.gz
[[email protected] ~]# cd iftop-0.17 
[[email protected] iftop-0.17]# ./configure 
[[email protected] iftop-0.17]# make && make install 
[[email protected] iftop-0.17]# iftop 
[ [email protected] Iftop-0.17] # iftop - I eth0 # specifies the monitoring network interface

13 Linux utility recommended, all are artifact!

  • TX: sending traffic
  • Rx: received traffic
  • Total: total flow
  • Cumm: the total flow from running iftop to the current time
  • Peak: peak flow
  • Rates: the average traffic in the past 2S, 10s and 40s respectively

6. Process real time monitoring htop

Htop is an interactive process browser under Linux, which can be used to replace the top command under Linux.

rpm -ivh  http://pkgs.repoforge.org/rpmforge-release/rpmforge-release-0.5.2-2.el6.rf.x86_ 64. RPM (installing third party Yum source)
yum -y install htop

13 Linux utility recommended, all are artifact!

7. System resource monitoring – nmon

Nmon is a monitoring and analysis tool widely used on AIX and various Linux operating systems

Download:http://sourceforge.jp/project…

chmod +x nmon_x86_64_rhel6 
mv nmon_x86_64_rhel6 /usr/sbin/nmon 
[[email protected] ~]# nmon

13 Linux utility recommended, all are artifact!

8. Monitoring multiple logs multitail

Multitail is a software that opens multiple windows on the console to monitor multiple log documents at the same time, similar to tail command.

rpm -ivh  http://pkgs.repoforge.org/rpmforge-release/rpmforge-release-0.5.2-2.el6.rf.x86_ 64. RPM (installing third party Yum source)
yum -y installmultitail 
Multitail - e "fail" / var / log / secure ා filters keywords for monitoring 
multitail -l "ping  baidu.com "ා monitor the following command - l the command to be executed 
Multitail - I / var / log / messages - I / var / log / secure ා - I specifies a file name

13 Linux utility recommended, all are artifact!

9. SSH brute force cracking protection – fail2ban

Fail2ban can monitor your system log, and then match the error information of the log to perform the corresponding blocking action. Generally speaking, the firewall is called to block

Download:http://www.fail2ban.org/wiki/…

[root]# cd fail2ban-0.8.11
[root]# python setup.py install
[root]# cd files/
[root]# cp ./redhat-initd /etc/init.d/fail2ban [[email protected] files]# service fail2ban start
[root]# chkconfig --add fail2ban
[root]# chkconfig fail2ban on

Note: you need to configure iptables to be practical. If you restart iptables, you should also restart fail2ban, because the principle of fail2ban is to call iptables to block external attacks in real time.

grep -v "^#" /etc/fail2ban/jail.conf | grep -v "^$"
[DEFAULT] ignoreip = 127.0.0.1/8
#Ignore native IP bantime = 600
#Blocking time after compliance with rules findtime = 600
#How long does it take to execute blocking according to the rules? For example, if 600 seconds reach 3 times, then execute maxtry=
#Maximum attempts backend = Auto
#Log modification detection logs gamin, polling and Auto: usedns = warn [SSH iptables] enabled = true
#By default, false filter = sshd, action = iptables [name = SSH, port = SSH, protocol = TCP]
#Sendmail whois [name = SSH, DeST = recipient mailbox, sender = sender mailbox, sendername = fail2ban "] logpath = / var / log/ sshd.log
#The error log of the response is usually at / var / log / secure maxreport = 5
#The number of attempted errors covers the maxregistry in the global

Note: by default, all application protection is turned off, and we need to turn it on manually. fail2 ban.conf Files are log information, jail.conf File is the specific service and action configuration information of protection.

[root]# touch /var/log/sshd.log
[root]# service fail2ban restart
[root] ා fail2ban client status ා view monitoring has been turned on
Status
|- Number of jail:1
`- Jail list: ssh-iptables
Iptables - L iptables filter table has a rule of fail2ban
fail2ban-SSHtcp--anywhere anywheretcp dpt:ssh

10. Connect session terminal persistence TMUX

TMUX is an excellent terminal reuse software, similar to GNU screen, which is more aspect, flexible and efficient than screen. In order to ensure that dropping the line when connecting to SSH does not affect the task running.

rpm -ivh  http://pkgs.repoforge.org/rpmforge-release/rpmforge-release-0.5.2-2.el6.rf.x86_ 64. RPM (installing third party Yum source)

11. Page shows disk space usage – agedu

Download:http://www.chiark.greenend.or…

tar zxvf agedu-r9723.tar.gz
cd agedu-r9723
./configure
make && make install
Agedu - S / ා - s scan
Agedu - W -- address 192.168.0.10:80
Agedu - W -- address 192.168.0.108080 -- auth none

13 Linux utility recommended, all are artifact!

12. Security scanner nmap

Nmap is a network connection scanning and sniffing toolkit under Linux, which is used to scan the open network connections of computers on the Internet.

Download:http://nmap.org/download.html

tar jxvf nmap-6.40.tar.bz2
./configure
make && make install 
[root] ා nmap 192.168.0.10 # get basic information
[root] # nmap - O 192.168.0.10 ා get system version information
[root] ා nmap - a 192.168.0.10 ා access to system comprehensive information
[root] ා nmap 192.168.0.0/24 ා get the basic information of working equipment of a network segment
-STCP scan
-SV system version detection

13. Web stress testing httperf

Httperf is more powerful than AB, which can test the maximum amount of services that web services can carry and find potential problems, such as memory usage and stability. The biggest advantage: can specify the law to carry on the pressure test, simulates the real environment.

Download:http://code.google.com/p/http…

[root]# tar zxvf httperf-0.9.0.tar.gz
[root]# cd httperf-0.9.0
[root]# ./configure
[root]# make && make install
[root]# httperf --hog --server=192.168.0.202 --uri=/index.html --num-conns= 10000 --wsess=10,10,0.1

Parameter Description:

  • –How: let httperf generate as many connections as possible. Httperf will generate access connections regularly according to the hardware configuration
  • –Num Conns: number of connections, 10000 requests in total
  • –Wsess: Simulation of user’s opening web page time rule. The first 10 represents the generation of 10 session connections, the second 10 represents 10 requests per session connection, and 0.1 represents the interval time / s between each session connection request

source:https://www.cnblogs.com/liubi…

13 Linux utility recommended, all are artifact!