1. ifstat - Report InterFace STATistics
2. vmstat - Report virtual memory statistics
3. iostat - Report Central Processing Unit (CPU) statistics and input/output statistics for devices,
partitions and network filesystems (NFS)
4. Dstat - A versatile replacement for vmstat, iostat and ifstat. Dstat overcomes some of the
limitations and adds some extra features.
5. iptraf - Interactive IP LAN Monitor
6. top - display Linux tasks
7. sar - Collect, report, or save system activity information.
8. mpstat - Report processors related statistics.
9. pmap - report memory map of a process
10. ss - Utility to investigate sockets
eg.
# ss -l
Recv-Q Send-Q Local Address:Port Peer Address:Port
0 128 :::ssh :::*
0 128 *:ssh *:*
0 5 127.0.0.1:42551 *:*
11. netstat - Print network connections, routing tables, interface statistics, masquerade con‐nections,
and multicast memberships
12. nmap - Network exploration tool and security / port scanner
13. nethogs - Net top tool grouping bandwidth per process
14. tcpdump - dump traffic on a network
eg.
tcpdump -i eth0 'udp port 53'
This shows all packets going in and out of the machine for UDP port 53
15. sosreport - Generate debugging information for system
16. iftop - display bandwidth usage on an interface by host
B. Utilities:
1. AIDE - Advanced Intrusion Detection Environment. A host-based intrusion detection system
(HIDS) for checking the integrity of files. It does this by creating a baseline database
of files on an initial run, and then checks this database against the system on
subsequent runs.
2. DenyHosts - is a log-based intrusion prevention security tool for SSH servers.
3. Fail2ban - Fail2ban scans log files (e.g. /var/log/apache/error_log) and bans IPs that show the
malicious signs -- too many password failures, seeking for exploits, etc
4. Monit - utility for monitoring services on a Unix system
5.
