Under Linux we have a lot of apps and commands that can help us at work or to test something. Here I collected the tools and commands that I have already used or wanted to use, but up till now did not managed. Comments are welcomed if you know a better tool.
- Network generators
tcpreplay – Packet replayer back out onto the network from pcap files
hping3 – TCP/IP packet generator
isic – IP Stack Integrity Checker
nuttcp – Network performance measurement tool
ttcp – TCP, UDP performance measurment tool
siege – HTTP server performance measurement tool
curl-loader – Application load tester for HTTP, HTTPS, FTP, FTPS - Penetration gesters
tcptraceroute – Traceroute implementation using TCP packets
nmap – Network exploration tool and security / port scanner
metasploit framework – Penetration tester
sara – Penetration tester
nessus-server – Penetration tester, server side
nessus-client – Penetration tester, client side
hunt – Network security auditing tool
others 1.
others 2. - Log analysation with unix commands
swatch – Log watcher
grep – Print lines matching a pattern
cut – Remove sections from each line of files
awk – Pattern scanning and processing language
sed – Stream editor for filtering and transforming text
uniq – Perl extension for managing list of values
sort – Sort lines of text files - Network tools
wireshark – Interactively dump and analyze network traffic
tcpdump – Dump traffic on a network
iptraf – Interactive Colorful IP LAN Monitor
iftop – Display bandwidth usage on an interface by host /with idle timer/
tcptrack – Monitor TCP connections on the network
ntop Display top network users
whatmask – Subnet mask notation conversion tool
mrtg – Famous monitoring tool for the traffic load on network links
nagios – Famous monitoring tool for the traffic load on network links
cacti – Famous monitoring tool for the traffic load on network links
tor – Free connection-oriented anonymizing communication service
argus – Audit record generation and utilization system - Managegement tools
truecrypt – Disk encryption software
gnupg2 – Data encryption, implementation of OpenPGP
gpa – Graphical user interface for the GnuPG
seahorse – Graphical application for managing encryption keys
wammu – The mobile phone manager
tftp-server – TFTP Server
putty – GUI SSH, Telnet and Rlogin client for X
tsclient – GNOME 2 program for remotely accessing systems with RDP or VNC
vncviewer – An X viewer client for VNC /tsclient component/
rdesktop – A Remote Desktop Protocol client /tsclient component/
openssh – OpenSSH SSH client SSH port forwarding - Virus, rootkit and their friends detection
tiger – The Unix security audit and intrusion detection tool
chkrootkit – Rootkit scanner
rkhunter – Rootkit scanner
clamav – Anti-virus toolkit. /Integrated in Cisco CSA agent/ - Virtualisation tools
virtualBox – virtualization software with GUI
- HW Management tools
ethtool – Display or change ethernet card settings
lsmod – List the status of modules in the Linux Kernel
lspci – List PCI devices
lsusb – List USB devices
lspcmcia – Controls PCMCIA cards
/proc/cpuinfo – Shows CPU informations
/proc/meminfo – Shows Memory informations
free | free -m – Shows Memory informations
dmidecode – DMI table decoder /for BIOS, motherboard infos/
/proc/asound/version – Files what ALSA uses for device information and for some control purposes
/proc/asound/cards – Files what ALSA uses for device information and for some control purposes
du -h –max-depth number – Report file space usage
df -h – Report file system disk space usage
top – Display Linux processes, memory usage, swap usage, etc
htop – Display Linux processes, memory usage, swap usage, etc
iotop – Display top disk I/O events by processTime setup tools
date – Show, set the date /command to set date: date MMDDhhmmYYYY/
hwclock – Show, set HW clock /Syncronise the HW clock to new date: hwclock –systohc/
timeconfig – Time setup tool /GUI based/
ntpd – Network Time Protocol (NTP) daemon - IDE
geany – Geany is a text editor. It was developed to provide a small and fast IDE, which has only a few dependencies from other packages.
codeblocks – free C++ IDE - Open source appslications (to build a free UTM)
netfilter – ACL, NAT (PAT)
SOCKS – SOCKS circuit-level firewall/proxy on wiki
SOCKS – SOCKS circuit-level firewall/proxy
SOCKS – Authentication with LDAP
FWKNOP – Single Packet Authorization (SPA)
IMSpector – IM inspection
P3Scan – POP3 inspection
qmail – SMTP inspection (mail server)
Mailscanner – SMTP inspection
clamav – SMTP inspection (Virus scanner)
spamassassin – SMTP inspection
maiamailguard – SMTP inspection
squid – http inspection (proxy)
Squid scripts – http inspection (scripts)
sslBump – HTTPS inspection
ftpproxy – FTP inspection (proxy)
frox – FTP inspection
SIPproxd – SIP inspection
Dansguardian – URL/Content Filter
Squidguardian – URL/Content Filter
Clamav – URL/Content Filter (Virus scanner)
Strongswan – VPN, WebVPN
Freeswan – VPN, WebVPN
Openswan – VPN, WebVPN
Openvpn – VPN, WebVPN
Linux-ha – High Availability
Keepalived – VRRP
Quagga – Routing (RIP, RIPng, OSPFv2, OSPFv3, BGP)
Netfilter – QoS
Squid – QoS for http
Snort – IPS
syslog-ng – Logging
NTOP – Monitoring
On the security market there are a lot of product which uses something from the list above. I googled a little and find the following companies:
UTM products (with GPL codes):
Astaro
Smoothwall
Endian
Vyatta
Untangle
Cobia
Watchguard
and Fortinet and Underground8,…
itsecworks 
April 16th, 2013 → 4:26 pm
[…] is to test it on your own network (or with traffic generators and tools, like those mentioned here) for a couple of weeks, but before the test you should know your network and it should be clear […]