Linux tools and commands

Posted on December 1, 2010


Under Linux we have a lot of apps and commands that can help us at work or to test something. Here I collected the tools and commands that I have already used or wanted to use, but up till now did not managed. Comments are welcomed if you know a better tool.

  1. Network generators

    tcpreplay – Packet replayer back out onto the network from pcap files
    hping3 – TCP/IP packet generator
    isic – IP Stack Integrity Checker
    nuttcp – Network performance measurement tool
    ttcp – TCP, UDP performance measurment tool
    siege – HTTP server performance measurement tool
    curl-loader – Application load tester for HTTP, HTTPS, FTP, FTPS

  2. Penetration gesters

    tcptraceroute – Traceroute implementation using TCP packets
    nmap – Network exploration tool and security / port scanner
    metasploit framework – Penetration tester
    sara – Penetration tester
    nessus-server – Penetration tester, server side
    nessus-client – Penetration tester, client side
    hunt – Network security auditing tool
    others 1.
    others 2.

  3. Log analysation with unix commands

    swatch – Log watcher
    grep – Print lines matching a pattern
    cut – Remove sections from each line of files
    awk – Pattern scanning and processing language
    sed – Stream editor for filtering and transforming text
    uniq – Perl extension for managing list of values
    sort – Sort lines of text files

  4. Network tools

    wireshark – Interactively dump and analyze network traffic
    tcpdump – Dump traffic on a network
    iptraf – Interactive Colorful IP LAN Monitor
    iftop – Display bandwidth usage on an interface by host /with idle timer/
    tcptrack – Monitor TCP connections on the network
    ntop Display top network users
    whatmask – Subnet mask notation conversion tool
    mrtg – Famous monitoring tool for the traffic load on network links
    nagios – Famous monitoring tool for the traffic load on network links
    cacti – Famous monitoring tool for the traffic load on network links
    tor – Free connection-oriented anonymizing communication service
    argus – Audit record generation and utilization system

  5. Managegement tools

    truecrypt – Disk encryption software
    gnupg2 – Data encryption, implementation of OpenPGP
    gpa – Graphical user interface for the GnuPG
    seahorse – Graphical application for managing encryption keys
    wammu – The mobile phone manager
    tftp-server – TFTP Server
    putty – GUI SSH, Telnet and Rlogin client for X
    tsclient – GNOME 2 program for remotely accessing systems with RDP or VNC
    vncviewer – An X viewer client for VNC /tsclient component/
    rdesktop – A Remote Desktop Protocol client /tsclient component/
    openssh – OpenSSH SSH client SSH port forwarding

  6. Virus, rootkit and their friends detection

    tiger – The Unix security audit and intrusion detection tool
    chkrootkit – Rootkit scanner
    rkhunter – Rootkit scanner
    clamav – Anti-virus toolkit. /Integrated in Cisco CSA agent/

  7. Virtualisation tools

    virtualBox – virtualization software with GUI

  8. HW Management tools

    ethtool – Display or change ethernet card settings
    lsmod – List the status of modules in the Linux Kernel
    lspci – List PCI devices
    lsusb – List USB devices
    lspcmcia – Controls PCMCIA cards
    /proc/cpuinfo – Shows CPU informations
    /proc/meminfo – Shows Memory informations
    free | free -m – Shows Memory informations
    dmidecode – DMI table decoder /for BIOS, motherboard infos/
    /proc/asound/version – Files what ALSA uses for device information and for some control purposes
    /proc/asound/cards – Files what ALSA uses for device information and for some control purposes
    du -h –max-depth number – Report file space usage
    df -h – Report file system disk space usage
    top – Display Linux processes, memory usage, swap usage, etc
    htop – Display Linux processes, memory usage, swap usage, etc
    iotop – Display top disk I/O events by process

    Time setup tools

    date – Show, set the date /command to set date: date MMDDhhmmYYYY/
    hwclock – Show, set HW clock /Syncronise the HW clock to new date: hwclock –systohc/
    timeconfig – Time setup tool /GUI based/
    ntpd – Network Time Protocol (NTP) daemon

  9. IDE

    geany – Geany is a text editor. It was developed to provide a small and fast IDE, which has only a few dependencies from other packages.
    codeblocks – free C++ IDE

  10. Open source appslications (to build a free UTM)

    netfilter – ACL, NAT (PAT)
    SOCKS – SOCKS circuit-level firewall/proxy on wiki
    SOCKS – SOCKS circuit-level firewall/proxy
    SOCKS – Authentication with LDAP
    FWKNOP – Single Packet Authorization (SPA)
    IMSpector – IM inspection
    P3Scan – POP3 inspection
    qmail – SMTP inspection (mail server)
    Mailscanner – SMTP inspection
    clamav – SMTP inspection (Virus scanner)
    spamassassin – SMTP inspection
    maiamailguard – SMTP inspection
    squid – http inspection (proxy)
    Squid scripts – http inspection (scripts)
    sslBump – HTTPS inspection
    ftpproxy – FTP inspection (proxy)
    frox – FTP inspection
    SIPproxd – SIP inspection
    Dansguardian – URL/Content Filter
    Squidguardian – URL/Content Filter
    Clamav – URL/Content Filter (Virus scanner)
    Strongswan – VPN, WebVPN
    Freeswan – VPN, WebVPN
    Openswan – VPN, WebVPN
    Openvpn – VPN, WebVPN
    Linux-ha – High Availability
    Keepalived – VRRP
    Quagga – Routing (RIP, RIPng, OSPFv2, OSPFv3, BGP)
    Netfilter – QoS
    Squid – QoS for http
    Snort – IPS
    syslog-ng – Logging
    NTOP – Monitoring

On the security market there are a lot of product which uses something from the list above. I googled a little and find the following companies:

UTM products (with GPL codes):

and Fortinet and Underground8,…

Posted in: Linux, Security, tools