Network
Some tools which could be helpful in network and system troubleshooting
- driftnet - Picks out and displays images from network traffic
- ettercap - Multipurpose sniffer/interceptor/logger for switched LAN
- netcat - TCP/IP swiss army knife
- arping - sends IP and/or ARP pings (to the MAC address)
- mtr - Full screen ncurses and X11 traceroute tool
- nmap - The Network Mapper
- wireshark - network traffic analyzer - GTK+ version
- tshark - network traffic analyzer - console version
- tcpdump - A powerful tool for network monitoring and data acquisition + manual
- arptools - arp scanning and fingerprinting tools
- iptraf - Interactive Colorful IP LAN Monitor
- p0f - Passive OS fingerprinting tool
- tcpreplay - Tool to replay saved tcpdump files at arbitrary speeds
- ngrep - grep for network traffic
- netsed - The network packet altering stream editor
- InTrace - Traceroute-like application that enables users to enumerate IP hops. It could be useful for network reconnaissance and firewall bypassing.
- nload - A realtime console network usage monitor
System
Some tools which may be helpfull to deal with hardware/security
- sysstat - sar, iostat and mpstat - system performance tools for Linux
- isag - Interactive System Activity Grapher for sysstat
- ccze - A robust, modular log coloriser
- lsof - List open files, pipes, sockets, etc.
- collectd - statistics collection and monitoring daemon
- hddtemp - hard drive temperature monitoring utility
- iotop - simple top-like I/O monitor
- htop - interactive processes viewer
- beep - advanced pc-speaker beeper
Database management
- mtop - MySQL terminal based query monitor
- mytop - top like query monitor for MySQL
- ptop - PostgreSQL performance monitoring tool akin to top
Gentoo stuff :P
If you're working on Gentoo box you should think about:
- portage-utils - http://www.gentoo.org/doc/en/portage-utils.xml
- gentoolkit - http://www.gentoo.org/doc/en/gentoolkit.xml
Disable buzzer
# in ~/.bashrc setterm -blength 0Did I missed something? If there is some cool stuff that I could need, please write it in comments below.
I'm writing about "good stuff", and Pico wrote about "the evilc Perl scripts"
ReplyDeleteI've forgot about dsniff and urlsnarf to get know what HTTP URLs being accessed from my machine via a specific network interface ;).
ReplyDeleteAgain me - Friend of mine bookmarked some information How to use netstat with command line tools - thanks Marek - I'll probably will be using this soon.
ReplyDeleteOther ways to disable PC-Speaker
ReplyDeletemodprobe -r pcspkr
Edit /etc/inputrc and add or uncomment the following:
File: /etc/inputrc
set bell-style none
If you're running a suitable kernel (all 2.6 and a few of the more extreme 2.4), you can also disable PC Speaker in the kernel config. It is under Input Devices.
To remember, how to make software bridge for analyzing traffic (using tcpdump, wiresharc, etc.) on Linux:
ReplyDeleteifconfig eth1 -arp promisc 0.0.0.0 up
ifconfig eth2 -arp promisc 0.0.0.0 up
brctl addbr br0
brctl addif br0 eth1
brctl addif br0 eth2
ifconfig br0 -arp promisc 0.0.0.0 up
Configuration of PC should be:
eth1 - LAN
eth2 - WAN
eth0 - Management
Note: -arp promisc captures all packets ;). brclt is package bridge-utils.
Remember to shutdown DHCP server, and use filters in tcpdump :)