Программы для анализа

• aescrypt:

1. Encrypt
2. http://www.aescrypt.com/

• atop:

1. Monitor processes

• dstat:

1. Monitor processes
2. dstat –tcp

• free:

1. Monitor memory
2. free -m

• htop:

1. Monitor processes

• ifconfig:

1. Monitor network
2. sudo ifconfig -a

• ifdata:

1. Monitor network:
2. Part of moreutils
3. http://kitenet.net/~joey/code/moreutils/

• iftop:

1. Monitor network

• iotop:

1. Monitor I/O

• ip:

1. Monitor network

• iptables:

1. Filewall
2. Cheat sheet: http://blog.oddeven.info/iptables-cheat-sheet/

• lsof:

1. List open files, including sockets
2. Output FD is File Descriptor
3. 4 is IPv4
4. lsof -i 4 -a
5. lsof -i 4:80

• memstat:

1. Monitor memory
2. memstat -w -p $pid

• Munin:

1. Monitor network
2. http://munin-monitoring.org/

• Netdisco:

1. Monitor network
2. http://www.netdisco.org/

• netstat:

1. Monitor processes
2. netstat -tupln is best
3. htop
4. netstat –tcp –udp –listening –program -nat
5. netstat -a –tcp

• nmap:

1. Monitor processes
2. nmap 127.0.0.1

• ntop etc:

1. Monitor network
2. http://www.ntop.org/
3. nBox
4. nProbe
5. ntop
6. n2n
7. PF_RING
8. vPF_RING

• ps:

1. Monitor processes
2. ps -ef | grep $a_name
3. ps auwx

I.e. don't use - to prefix auwx if piping into grep, since it produces a warning msg.

• pstree:

1. Monitor processes
2. pstree $pid

• socat:

1. Monitor network

• strace:

1. Monitor system calls
2. strace -e trace=clone,execve -ff perldoc strict

• stunnel:

1. Monitor network
2. http://www.stunnel.org/

• vmstat:

1. Monitor memory
2. vmstat 1 20

• vnstat:

1. Monitor network
2. http://humdi.net/vnstat/
3. vnstat