Программы для анализа

  • aescrypt:
  1. Encrypt
  2. http://www.aescrypt.com/
  • atop:
  1. Monitor processes
  • dstat:
  1. Monitor processes
  2. dstat –tcp
  • free:
  1. Monitor memory
  2. free -m
  • htop:
  1. Monitor processes
  • ifconfig:
  1. Monitor network
  2. sudo ifconfig -a
  • ifdata:
  1. Monitor network:
  2. Part of moreutils
  3. http://kitenet.net/~joey/code/moreutils/
  • iftop:
  1. Monitor network
  • iotop:
  1. Monitor I/O
  • ip:
  1. Monitor network
  • iptables:
  1. Filewall
  2. Cheat sheet: http://blog.oddeven.info/iptables-cheat-sheet/
  • lsof:
  1. List open files, including sockets
  2. Output FD is File Descriptor
  3. 4 is IPv4
  4. lsof -i 4 -a
  5. lsof -i 4:80
  • memstat:
  1. Monitor memory
  2. memstat -w -p $pid
  • Munin:
  1. Monitor network
  2. http://munin-monitoring.org/
  • Netdisco:
  1. Monitor network
  2. http://www.netdisco.org/
  • netstat:
  1. Monitor processes
  2. netstat -tupln is best
  3. htop
  4. netstat –tcp –udp –listening –program -nat
  5. netstat -a –tcp
  • nmap:
  1. Monitor processes
  2. nmap 127.0.0.1
  • ntop etc:
  1. Monitor network
  2. http://www.ntop.org/
  3. nBox
  4. nProbe
  5. ntop
  6. n2n
  7. PF_RING
  8. vPF_RING
  • ps:
  1. Monitor processes
  2. ps -ef | grep $a_name
  3. ps auwx

I.e. don't use - to prefix auwx if piping into grep, since it produces a warning msg.

  • pstree:
  1. Monitor processes
  2. pstree $pid
  • socat:
  1. Monitor network
  • strace:
  1. Monitor system calls
  2. strace -e trace=clone,execve -ff perldoc strict
  • stunnel:
  1. Monitor network
  2. http://www.stunnel.org/
  • vmstat:
  1. Monitor memory
  2. vmstat 1 20
  • vnstat:
  1. Monitor network
  2. http://humdi.net/vnstat/
  3. vnstat