This article introduces several Linux operation and maintenance tools, hoping to be helpful to Linux operation and maintenance personnel.

1. Check the bandwidth usage of processes – Nethogs

Nethogs is a terminal network traffic monitoring tool that can intuitively display the bandwidth occupied by each process.

Download: http://sourceforge.net/projects/nethogs/files/nethogs/0.8/nethogs-0.8.0.tar.gz/download


     

    [root@localhost ~]#yum  -y install libpcap-devel  ncurses-devel

    [root@localhost ~]# tar zxvf nethogs-0.8.0.tar.gz

    [root@localhost ~]# cd nethogs

    [root@localhost nethogs]# make && make install

    [root@localhost nethogs]# nethogs eth0

Copy the code

2. Disk read performance test – IOZone

IOZone is a Linux file system performance test tool that can be used to test the read and write performance of file systems in different operating systems.

Download: http://www.iozone.org/src/current/


     

    [root@localhost current]# tar xvf iozone3_420.tar

    [root@localhost ~]# cd iozone3_420/src/current/

    [root@localhost current]# make linux

    [root@localhost current]# ./iozone -a -n 512m -g 16g -i 0 -i 1 -i 5 -f /mnt/iozone -Rb ./iozone.xls

Copy the code

-a Indicates the automatic mode

-n Sets the minimum file size (Kbytes) for automatic mode.

-g Sets the maximum file size Kbytes that can be used in automatic mode.

-i specifies which test to run.

-f Specifies the name of the test file to be automatically deleted after the test file is complete

-r generates Excel to standard output

-b Specifies the output to the specified file

3. Monitor disk IO-IOTop in real time

The IOTop command displays disk I/OS. The interface style is similar to that of the top command.


     

    [root@localhost ~]# yum -y install iotop

Copy the code

4. Network traffic monitoring – IPtraf

IPtraf is a simple network health analysis tool running on Linux.


     

    [root@localhost ~]# yum -y install iptraf

Copy the code

5. Network traffic monitoring – IFTop

Iftop is a real-time traffic monitoring tool similar to Top in Linux. It’s more intuitive than IPTRAf.

Download: http://www.ex-parrot.com/~pdw/iftop/


     

    [root@localhost ~]# tar zxvf iftop-0.17.tar.gz

    [root @ localhost ~] # CD iftop - 0.17

    [root @ localhost iftop 0.17] #. / configure

    [root@localhost iftop-0.17]# make && make install

    [root @ localhost iftop 0.17] # iftop

    [root@localhost iftop-0.17]# iftop -i eth0

Copy the code

TX: sends traffic

RX: receives traffic

TOTAL: indicates the TOTAL traffic

Cumm: indicates the total traffic of ifTOP until now

Peak: indicates the peak traffic

Rates: average flow rates over the past 2s 10s 40s, respectively

6. Real-time process monitoring – HTop

HTop is an interactive Linux process browser that can be used to replace the top command in Linux.

To install source of a third party YUM RPM – the ivh (http://pkgs.repoforge.org/rpmforge-release/rpmforge-release-0.5.2-2.el6.rf.x86_64.rpm)


     

    [root@localhost ~]# yum -y install htop

Copy the code

7. System resource monitoring – NMON

NMON is a monitoring and analysis tool widely used on AIX and various Linux operating systems

Download: http://sourceforge.jp/projects/sfnet_nmon/releases/


     

    [root@localhost ~]# chmod +x nmon_x86_64_rhel6

    [root@localhost ~]# mv nmon_x86_64_rhel6 /usr/sbin/nmon

    [root@localhost ~]# nmon

Copy the code

8. Monitor multiple logs – MultiTail

MultiTail is software that opens multiple Windows on the console to monitor multiple log documents at the same time, similar to the tail command.

To install source of a third party YUM RPM – the ivh (http://pkgs.repoforge.org/rpmforge-release/rpmforge-release-0.5.2-2.el6.rf.x86_64.rpm)


     

    [root@localhost ~]# yum -y install  multitail

    [root@localhost ~]# multitail -e "fail" /var/log/secure

    [root@localhost ~]# multitail -l "ping baidu.com" # Monitor command -l Command to be executed

    [root@localhost ~]# multitail -i /var/log/messages -i /var/log/secure #-i Specifies a file name

Copy the code

9. SSH brute force cracking protection – Fail2ban

Fail2ban monitors your system logs and then matches the error messages in the logs with regular matches to perform the appropriate masking action, usually by invoking firewall masking

Download: http://www.fail2ban.org/wiki/index.php/Downloads


     

    [root @ localhost ~] # CD fail2ban - 0.8.11

    [root@localhost fail2ban-0.8.11]# python setup.py install

    [root @ localhost fail2ban - 0.8.11] # files/CD

    [root@localhost files]# cp ./redhat-initd /etc/init.d/fail2ban

    [root@localhost files]# service fail2ban start

    [root@localhost files]# chkconfig --add fail2ban

    [root@localhost files]# chkconfig fail2ban on

Copy the code

Note: You need to configure the iptables function. If you restart iptables, you also need to restart fail2BAN, because fail2BAN uses iptables to block external attacks in real time.


     

    [root@localhost ~]# grep -v "^#" /etc/fail2ban/jail.conf | grep -v "^$"

    [DEFAULT]

    Ignoreip = 127.0.0.1/8# Ignore local IP

    Bantime = 600 # Lockout time after rule compliance

    Findtime = 600 # How long does it take to execute a blockade in accordance with the rule

    Maxretry = 3 # Maximum number of attempts

    Backend = auto # Logs can be changed to detect logs at gamin, polling, and auto

    usedns = warn

    [ssh-iptables]

    Enabled = true# the default is false

    filter   = sshd

    action   = iptables[name=SSH, port=ssh, protocol=tcp]

    # sendmail-whois[name=SSH,dest = sender, senderName = Fail2Ban] # sendmail-whois[name=SSH,dest = sender, senderName ="Fail2Ban"]

    Logpath = /var/log/sshd.log # Response error log is generally in /var/log/secure

    Maxretry = 5 # Number of attempts to override global maxretry

Copy the code

Note: All application protection is disabled by default, we need to manually enable. The fail2ban.conf file is the log information and the jail.conf file is the specific service and action configuration information for protection.


     

    [root@localhost ~]# touch /var/log/sshd.log

    [root@localhost ~]# service fail2ban restart

    [root@localhost ~]# fail2ban-client status # Check that monitoring is enabled

    Status

    |- Number of jail:      1

    `- Jail list:           ssh-iptables

    [root@localhost ~]# iptables -l #iptables Has a rule of fail2ban

    fail2ban-SSH  tcp  --  anywhere             anywhere            tcp dpt:ssh

Copy the code

10. Connection session terminal persistence -tMUx

Tmux is an excellent terminal reuse software similar to GNU Screen that is more versatile, flexible and efficient than Screen. To ensure that the job is not affected when the SSH connection is disconnected.

To install source of a third party YUM RPM – the ivh (http://pkgs.repoforge.org/rpmforge-release/rpmforge-release-0.5.2-2.el6.rf.x86_64.rpm)

11. Display disk space usage – Agedu

Download: http://www.chiark.greenend.org.uk/~sgtatham/agedu/


     

    [root@localhost ~]# tar zxvf agedu-r9723.tar.gz

    [root@localhost ~]# cd agedu-r9723

    [root@localhost ~]# ./configure

    [root@localhost ~]# make && make install

    [root@localhost ~]# agedu-s / #-s scan

    [root@localhost ~]# agedu -w --address 192.168.0.10:80 #-w Enter a web page link

    [root@localhost ~]# agedu -w --address 192.168.0.108080 --auth None #--auth Disable authentication if no port number is added to generate a random browser access

Copy the code

12. Security scan tool – NMap

NMap is a Network connection scanning and sniffing toolkit for Linux that scans open network connections on computers on the Internet.

Download: http://nmap.org/download.html


     

    [root@localhost ~]# tar jxvf nmap-6.40.tar.bz2

    [root @ localhost nmap 6.40] #. / configure

    [root@localhost nmap-6.40]# make && make install

    [root@localhost ~]# nmap 192.168.0.10

    [root@localhost ~]# nmap -o 192.168.0.10 # Obtain system version information

    [root@localhost ~]# nmap -a 192.168.0.10

    [root@localhost ~]# nmap 192.168.0.0/24 # Get basic information about a network segment working device

Copy the code

– sSTCP scanning

– Detects the sV system version

13.Web stress test – Httperf

Httperf is more powerful than AB, testing the maximum amount of service a Web service can handle and finding potential problems. For example: memory usage, stability. Biggest advantage: pressure test can be specified to simulate the real environment.

Download: http://code.google.com/p/httperf/downloads/list


     

    [root@localhost ~]# tar zxvf httperf-0.9.0.tar.gz

    [root @ localhost ~] # CD httperf - 0.9.0

    [root @ localhost httperf - 0.9.0] #. / configure

    [root@localhost httperf-0.9.0]# make && make install

    [root@localhost ~]# httperf --hog --server=192.168.0.202 --uri=/index.html --num-conns=10000 --wsess=10,10,0.1

Copy the code

Parameter Description:

— HOG: Let Httperf generate as many connections as possible. Httperf will generate access connections regularly, depending on the hardware configuration

–num-conns: indicates the number of connections. The total number of requests is 10000

— WSESS: simulation of the time rule for users to open web pages. The first 10 represents 10 session connections, the second 10 represents 10 requests for each session connection, and 0.1 represents the interval time/s between each session connection request

There is no royal road to learning. blog

Recommended reading

Carefully arrange | public number article directory

Comics: HTTP protocol minimal tutorial, any fool can understand!

This is the best Shell I’ve ever seen, 619 lines of code!

17 key problems buried in MYSQL database application!

The most complete and detailed kafka study notes in history!

Interview installation force series | this article, so that operation and maintenance monitoring is no longer your short board!

, end,

— Writing is not easy, your forwarding is the biggest support for me —

Let’s have fun together

At present, more than 40,000 people are interested in joining us

             

             

Click on the menu “wechat group” to join the group and communicate with your partners!

Like, scan code attention to increase a reader to it!

All the essence of the official account is here!