This article introduces several Linux operation and maintenance tools, hoping to be helpful to Linux operation and maintenance personnel.
1. Check the bandwidth usage of processes – Nethogs
Nethogs is a terminal network traffic monitoring tool that can intuitively display the bandwidth occupied by each process.
Download: http://sourceforge.net/projects/nethogs/files/nethogs/0.8/nethogs-0.8.0.tar.gz/download
[root@localhost ~]#yum -y install libpcap-devel ncurses-devel
[root@localhost ~]# tar zxvf nethogs-0.8.0.tar.gz
[root@localhost ~]# cd nethogs
[root@localhost nethogs]# make && make install
[root@localhost nethogs]# nethogs eth0
Copy the code
2. Disk read performance test – IOZone
IOZone is a Linux file system performance test tool that can be used to test the read and write performance of file systems in different operating systems.
Download: http://www.iozone.org/src/current/
[root@localhost current]# tar xvf iozone3_420.tar
[root@localhost ~]# cd iozone3_420/src/current/
[root@localhost current]# make linux
[root@localhost current]# ./iozone -a -n 512m -g 16g -i 0 -i 1 -i 5 -f /mnt/iozone -Rb ./iozone.xls
Copy the code
-a Indicates the automatic mode
-n Sets the minimum file size (Kbytes) for automatic mode.
-g Sets the maximum file size Kbytes that can be used in automatic mode.
-i specifies which test to run.
-f Specifies the name of the test file to be automatically deleted after the test file is complete
-r generates Excel to standard output
-b Specifies the output to the specified file
3. Monitor disk IO-IOTop in real time
The IOTop command displays disk I/OS. The interface style is similar to that of the top command.
[root@localhost ~]# yum -y install iotop
Copy the code
4. Network traffic monitoring – IPtraf
IPtraf is a simple network health analysis tool running on Linux.
[root@localhost ~]# yum -y install iptraf
Copy the code
5. Network traffic monitoring – IFTop
Iftop is a real-time traffic monitoring tool similar to Top in Linux. It’s more intuitive than IPTRAf.
Download: http://www.ex-parrot.com/~pdw/iftop/
[root@localhost ~]# tar zxvf iftop-0.17.tar.gz
[root @ localhost ~] # CD iftop - 0.17
[root @ localhost iftop 0.17] #. / configure
[root@localhost iftop-0.17]# make && make install
[root @ localhost iftop 0.17] # iftop
[root@localhost iftop-0.17]# iftop -i eth0
Copy the code
TX: sends traffic
RX: receives traffic
TOTAL: indicates the TOTAL traffic
Cumm: indicates the total traffic of ifTOP until now
Peak: indicates the peak traffic
Rates: average flow rates over the past 2s 10s 40s, respectively
6. Real-time process monitoring – HTop
HTop is an interactive Linux process browser that can be used to replace the top command in Linux.
To install source of a third party YUM RPM – the ivh (http://pkgs.repoforge.org/rpmforge-release/rpmforge-release-0.5.2-2.el6.rf.x86_64.rpm)
[root@localhost ~]# yum -y install htop
Copy the code
7. System resource monitoring – NMON
NMON is a monitoring and analysis tool widely used on AIX and various Linux operating systems
Download: http://sourceforge.jp/projects/sfnet_nmon/releases/
[root@localhost ~]# chmod +x nmon_x86_64_rhel6
[root@localhost ~]# mv nmon_x86_64_rhel6 /usr/sbin/nmon
[root@localhost ~]# nmon
Copy the code
8. Monitor multiple logs – MultiTail
MultiTail is software that opens multiple Windows on the console to monitor multiple log documents at the same time, similar to the tail command.
To install source of a third party YUM RPM – the ivh (http://pkgs.repoforge.org/rpmforge-release/rpmforge-release-0.5.2-2.el6.rf.x86_64.rpm)
[root@localhost ~]# yum -y install multitail
[root@localhost ~]# multitail -e "fail" /var/log/secure
[root@localhost ~]# multitail -l "ping baidu.com" # Monitor command -l Command to be executed
[root@localhost ~]# multitail -i /var/log/messages -i /var/log/secure #-i Specifies a file name
Copy the code
9. SSH brute force cracking protection – Fail2ban
Fail2ban monitors your system logs and then matches the error messages in the logs with regular matches to perform the appropriate masking action, usually by invoking firewall masking
Download: http://www.fail2ban.org/wiki/index.php/Downloads
[root @ localhost ~] # CD fail2ban - 0.8.11
[root@localhost fail2ban-0.8.11]# python setup.py install
[root @ localhost fail2ban - 0.8.11] # files/CD
[root@localhost files]# cp ./redhat-initd /etc/init.d/fail2ban
[root@localhost files]# service fail2ban start
[root@localhost files]# chkconfig --add fail2ban
[root@localhost files]# chkconfig fail2ban on
Copy the code
Note: You need to configure the iptables function. If you restart iptables, you also need to restart fail2BAN, because fail2BAN uses iptables to block external attacks in real time.
[root@localhost ~]# grep -v "^#" /etc/fail2ban/jail.conf | grep -v "^$"
[DEFAULT]
Ignoreip = 127.0.0.1/8# Ignore local IP
Bantime = 600 # Lockout time after rule compliance
Findtime = 600 # How long does it take to execute a blockade in accordance with the rule
Maxretry = 3 # Maximum number of attempts
Backend = auto # Logs can be changed to detect logs at gamin, polling, and auto
usedns = warn
[ssh-iptables]
Enabled = true# the default is false
filter = sshd
action = iptables[name=SSH, port=ssh, protocol=tcp]
# sendmail-whois[name=SSH,dest = sender, senderName = Fail2Ban] # sendmail-whois[name=SSH,dest = sender, senderName ="Fail2Ban"]
Logpath = /var/log/sshd.log # Response error log is generally in /var/log/secure
Maxretry = 5 # Number of attempts to override global maxretry
Copy the code
Note: All application protection is disabled by default, we need to manually enable. The fail2ban.conf file is the log information and the jail.conf file is the specific service and action configuration information for protection.
[root@localhost ~]# touch /var/log/sshd.log
[root@localhost ~]# service fail2ban restart
[root@localhost ~]# fail2ban-client status # Check that monitoring is enabled
Status
|- Number of jail: 1
`- Jail list: ssh-iptables
[root@localhost ~]# iptables -l #iptables Has a rule of fail2ban
fail2ban-SSH tcp -- anywhere anywhere tcp dpt:ssh
Copy the code
10. Connection session terminal persistence -tMUx
Tmux is an excellent terminal reuse software similar to GNU Screen that is more versatile, flexible and efficient than Screen. To ensure that the job is not affected when the SSH connection is disconnected.
To install source of a third party YUM RPM – the ivh (http://pkgs.repoforge.org/rpmforge-release/rpmforge-release-0.5.2-2.el6.rf.x86_64.rpm)
11. Display disk space usage – Agedu
Download: http://www.chiark.greenend.org.uk/~sgtatham/agedu/
[root@localhost ~]# tar zxvf agedu-r9723.tar.gz
[root@localhost ~]# cd agedu-r9723
[root@localhost ~]# ./configure
[root@localhost ~]# make && make install
[root@localhost ~]# agedu-s / #-s scan
[root@localhost ~]# agedu -w --address 192.168.0.10:80 #-w Enter a web page link
[root@localhost ~]# agedu -w --address 192.168.0.108080 --auth None #--auth Disable authentication if no port number is added to generate a random browser access
Copy the code
12. Security scan tool – NMap
NMap is a Network connection scanning and sniffing toolkit for Linux that scans open network connections on computers on the Internet.
Download: http://nmap.org/download.html
[root@localhost ~]# tar jxvf nmap-6.40.tar.bz2
[root @ localhost nmap 6.40] #. / configure
[root@localhost nmap-6.40]# make && make install
[root@localhost ~]# nmap 192.168.0.10
[root@localhost ~]# nmap -o 192.168.0.10 # Obtain system version information
[root@localhost ~]# nmap -a 192.168.0.10
[root@localhost ~]# nmap 192.168.0.0/24 # Get basic information about a network segment working device
Copy the code
– sSTCP scanning
– Detects the sV system version
13.Web stress test – Httperf
Httperf is more powerful than AB, testing the maximum amount of service a Web service can handle and finding potential problems. For example: memory usage, stability. Biggest advantage: pressure test can be specified to simulate the real environment.
Download: http://code.google.com/p/httperf/downloads/list
[root@localhost ~]# tar zxvf httperf-0.9.0.tar.gz
[root @ localhost ~] # CD httperf - 0.9.0
[root @ localhost httperf - 0.9.0] #. / configure
[root@localhost httperf-0.9.0]# make && make install
[root@localhost ~]# httperf --hog --server=192.168.0.202 --uri=/index.html --num-conns=10000 --wsess=10,10,0.1
Copy the code
Parameter Description:
— HOG: Let Httperf generate as many connections as possible. Httperf will generate access connections regularly, depending on the hardware configuration
–num-conns: indicates the number of connections. The total number of requests is 10000
— WSESS: simulation of the time rule for users to open web pages. The first 10 represents 10 session connections, the second 10 represents 10 requests for each session connection, and 0.1 represents the interval time/s between each session connection request
There is no royal road to learning. blog
Recommended reading
Carefully arrange | public number article directory
Comics: HTTP protocol minimal tutorial, any fool can understand!
This is the best Shell I’ve ever seen, 619 lines of code!
17 key problems buried in MYSQL database application!
The most complete and detailed kafka study notes in history!
Interview installation force series | this article, so that operation and maintenance monitoring is no longer your short board!
, end,
— Writing is not easy, your forwarding is the biggest support for me —
Let’s have fun together
At present, more than 40,000 people are interested in joining us
Click on the menu “wechat group” to join the group and communicate with your partners!
Like, scan code attention to increase a reader to it!
All the essence of the official account is here!