Linux analysing tools

FireShootSK

Level 17
Thread author
Verified
Feb 17, 2015
824
Linux have default installed a lot of programs to analyse network traffic,system monitors, memory scan etc.
Here is my little list.

System/Memory/Disk monitoring tools:

  • top
Via top you got dynamic real-time view to all process runned on system.
Code:
$ top
Z,B Global: 'Z' change color mappings; 'B' disable/enable bold
l,t,m Toggle Summaries: 'l' load avg; 't' task/cpu stats; 'm' mem info
1,I Toggle SMP view: '1' single/separate states; 'I' Irix/Solaris mode

f,o . Fields/Columns: 'f' add or remove; 'o' change display order
F or O . Select sort field
<,> . Move sort field: '<' next col left; '>' next col right
R,H . Toggle: 'R' normal/reverse sort; 'H' show threads
c,i,S . Toggle: 'c' cmd name/line; 'i' idle tasks; 'S' cumulative time
x,y . Toggle highlights: 'x' sort field; 'y' running tasks
z,b . Toggle: 'z' color/mono; 'b' bold/reverse (only if 'x' or 'y')
u . Show specific user only
n or # . Set maximum tasks displayed

k,r Manipulate tasks: 'k' kill; 'r' renice
d or s Set update interval
W Write configuration file
q Quit
KiBHAkv.png

  • ps
PS display all current processes with CPU & memory usage,PID,uptime, process start time and user.
Code:
$ ps
you can PS run with this subcommands
-A,aux,-A1,-A1F,ps axjf

8dBU0IZ.png

  • kill
This command terminate process.
Code:
$ kill PID

  • free
The command free displays the total amount of free and used physical and swap memory in the system, as well as the buffers used by the kernel.
Code:
$ free

uojWGl4.png
  • iostat
The iostat command is used for monitoring system input/output device loading by observing the time the devices are active in relation to their average transfer rates. The iostat command generates reports that can be used to change system configuration to better balance the input/output load between physical disks.
Code:
$ iostat

1ycbyTE.png


  • pmap
The command pmap report memory map of a process. Use this command to find out causes of memory bottlenecks.
Code:
$ pmap -d PID

Network monitoring tools:

  • iptraf
The iptraf command is interactive colorful IP LAN monitor. It is an ncurses-based IP LAN monitor that generates various network statistics including TCP info, UDP counts, ICMP and OSPF information, Ethernet load info, node stats, IP checksum errors, and others.
Code:
$ sudo apt-get install iptraf
$ sudo iptraf
FgtcwCM.png
  • tcpdump
Tcpdump is simple command that dump traffic on a network.
Code:
$ sudo tpcdump
example: tcpdump -i eth0 'udp port 53'

A5squFE.png

Sayonara :)
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top