This article introduces several Linux operation and maintenance more practical tools, hope to be helpful to Linux administrators.
1. View the bandwidth usage of processes -Nethogs
Nethogs is a terminal network traffic monitoring tool that can intuitively display the bandwidth occupied by each process. Download: sourceforge.net/projects/ne…
[root@localhost ~]#yum -y install libpcap-devel ncurses-devel
[root@localhost ~]# tar zxvf nethogs-0.8.0.tar.gz
[root@localhost ~]# cd nethogs
[root@localhost nethogs]# make && make install
[root@localhost nethogs]# nethogs eth0
Copy the code
2. Disk read performance test -IOZone
IOZone is a Linux file system performance test tool that can be used to test the read and write performance of file systems in different operating systems. Download: www.iozone.org/src/current…
[root@localhost current]# tar xvf iozone3_420.tar
[root@localhost ~]# cd iozone3_420/src/current/
[root@localhost current]# make linux
[root@localhost current]# ./iozone -a -n 512m -g 16g -i 0 -i 1 -i 5 -f /mnt/iozone -Rb ./iozone.xls
Copy the code
-a Use automatic mode -n to set the minimum file size (Kbytes) for automatic mode. -g Sets the maximum file size Kbytes that can be used in automatic mode. -i specifies which test to run. -f specifies the name of the test file to be automatically deleted after completion. -r generates Excel to standard output. -b specifies the output to the specified file
3. Monitor disk IO-IOTop in real time
The IOTop command displays disk I/OS. The interface style is similar to that of the top command.
[root[@localhost](https://my.oschina.net/u/570656) ~]# yum -y install iotop
4. Network traffic monitoring -IPtraf
IPtraf is a simple network health analysis tool running on Linux.
[root@localhost ~]# yum -y install iptraf
Copy the code
5. Network traffic monitoring -IFTop
Iftop is a real-time traffic monitoring tool similar to Top in Linux. It’s more intuitive than IPTRAf. Download: www.ex-parrot.com/~pdw/iftop/
[root@localhost ~]# tar ZXVF iftop-0.17.tar.gz [root@localhost ~]# CD iftop-0.17 [root@localhost iftop-0.17]# /configure [root@localhost iftop-0.17]# make && make install [root@localhost iftop-0.17]# iftop [root@localhost./configure [root@localhost iftop-0.17]# make && make install [root@localhost iftop-0.17]# iftop [root@localhost Iftop-0.17]# iftop-i eth0Copy the code
TX: sent traffic RX: received traffic TOTAL: TOTAL traffic Cumm: TOTAL traffic between the ifTOP and the current time Peak: peak rates: indicates the average traffic in the past 2s 10s 40s
6. Process real-time monitoring -HTop
HTop is an interactive Linux process browser that can be used to replace the top command in Linux.
To install source of a third party YUM RPM - the ivh (http://pkgs.repoforge.org/rpmforge-release/rpmforge-release-0.5.2-2.el6.rf.x86_64.rpm) [root@localhost ~]# yum -y install htopCopy the code
7. System resource monitoring -NMON
NMON is a kind of AIX and Linux operating system is widely used in monitoring and analysis tools download: sourceforge. Jp/projects/sf,…
[root@localhost ~]# chmod +x nmon_x86_64_rhel6
[root@localhost ~]# mv nmon_x86_64_rhel6 /usr/sbin/nmon
[root@localhost ~]# nmon
Copy the code
8. Monitor multiple logs -MultiTail
MultiTail is software that opens multiple Windows on the console to monitor multiple log documents at the same time, similar to the tail command. The RPM – the ivh pkgs.repoforge.org/rpmforge-re… (Install third-party YUM source)
[root@localhost ~]# yum -y install multitail [root@localhost ~]# multitail -e "fail" /var/log/secure [root@localhost ~]# multitail -l "ping baidu.com" # Monitor the following command -l Command to be executed [root@localhost ~]# multitail -i /var/log/messages -i /var/log/secure #-i Specifies a file nameCopy the code
9. SSH brute force cracking protection -Fail2ban
Fail2ban can monitor your system log and log error regular type match the corresponding shielding action is generally call firewall blocking download: www.fail2ban.org/wiki/index….
[root@localhost ~]# CD fail2ban-0.8.11 [root@localhost fail2ban-0.8.11]# python setup.py install [root@localhost Fail2ban -0.8.11]# CD files/ [root@localhost files]# cp./ Redhat-initd /etc/init.d/fail2ban [root@localhost files]# service fail2ban start [root@localhost files]# chkconfig --add fail2ban [root@localhost files]# chkconfig fail2ban onCopy the code
Note: You need to configure the iptables function. If you restart iptables, you also need to restart fail2BAN, because fail2BAN uses iptables to block external attacks in real time.
/ root @ localhost ~ # grep -v "^ #"/etc/fail2ban/jail. Conf | grep -v "^ $[DEFAULT] ignoreip =" 127.0.0.1/8 # ignore the machine IP bantime If three times in 600 seconds, maxRetry is performed. = 3 maximum number of attempts Backend = auto Gamin, polling, and auto usedns = warn [ssh-iptables] enabled = true# default: false filter = SSHD action = Iptables [name=SSH, port= SSH, protocol= TCP] # sendmail-whois[name=SSH,dest= sender= sender, Sendername ="Fail2Ban"] logpath = /var/log/sshd.log # Response error log generally in /var/log/secure maxretry = 5 # Maxretry in globalCopy the code
Note: All application protection is disabled by default, we need to manually enable. The fail2ban.conf file is the log information and the jail.conf file is the specific service and action configuration information for protection.
[root@localhost ~]# touch /var/log/sshd.log [root@localhost ~]# service fail2ban restart [root@localhost ~]# Fail2ban - client # status view monitoring has open status | - Number of jail: 1 ` - jail list: Ssh-iptables [root@localhost ~]# iptables -l #iptables Fail2ban A rule fail2ban -ssh TCP -- anywhere anywhere TCP DPT: SSHCopy the code
10. Connection session terminal persistence -tMUx
Tmux is an excellent terminal reuse software similar to GNU Screen that is more versatile, flexible and efficient than Screen. To ensure that the job is not affected when the SSH connection is disconnected. The RPM – the ivh pkgs.repoforge.org/rpmforge-re… (Install third-party YUM source)
11. Display disk space usage -Agedu
Download: www.chiark.greenend.org.uk/~sgtatham/a…
[root@localhost ~]# tar zxvf agedu-r9723.tar.gz [root@localhost ~]# cd agedu-r9723 [root@localhost ~]# ./configure [root@localhost ~]# make && make install [root@localhost ~]# agedu-s / #-s scan [root@localhost ~]# agedu-w --address 192.168.0.10:80 #-w Enter a web link [root@localhost ~]# agedu -w --address 192.168.0.108080 --auth None #-- Auth turns off authentication if no port number is added to generate a random browser accessCopy the code
12. Security scanning tool -NMap
NMap is a Network connection scanning and sniffing toolkit for Linux that scans open network connections on computers on the Internet. Download: nmap.org/download.ht…
[root@localhost ~]# tar JXVF nmap-6.40.tar.bz2 [root@localhost nmap-6.40]#./configure [root@localhost nmap-6.40]# make && make install [root@localhost ~]# nmap 192.168.0.10 # obtain basic information [root@localhost ~]# nmap -o 192.168.0.10 # Obtain system version information [root@localhost ~]# nmap 192.168.0.0/24 # Obtain basic information about A network segmentCopy the code
-sSTCP scan -sV system version check
13, Web stress test -Httperf
Httperf is more powerful than AB, testing the maximum amount of service a Web service can handle and finding potential problems. For example: memory usage, stability. Biggest advantage: pressure test can be specified to simulate the real environment. Download: code.google.com/p/httperf/d…
[root@localhost ~]# tar ZXVF httperf-0.9.0.tar.gz [root@localhost ~]# CD httperf-0.9.0 [root@localhost httperf-0.9.0]# /configure [root@localhost httperf-0.9.0]# make && make install [root@localhost ~]# httperf --hog - server = 192.168.0.202 -- uri = / index. HTML - num - conns = 10000 - wsess,10,0.1 = 10Copy the code
– HOG: Allows Httperf to generate as many connections as possible. Httperf generates access connections regularly based on hardware configuration. – num-conns: indicates the number of connections. The total number of connections is 10000. – WSESS: the first 10 indicates that 10 session connections are generated, the second 10 indicates that 10 requests are made for each session connection, and 0.1 indicates the interval /s between each session connection request.