1. nmap (Network Mapper) - commandline port scanner
It works in Linux and Windows both
=> sudo apt-get install nmap
=> sudo nmap domainname (or IP address)
=> sudo nmap -sS -O 127.0.0.1
=> sudo nmap -sU 117.18.224.146
=> sudo nmap -sS -O -p 20-25 127.0.0.1
=> sudo nmap -sS -F 127.0.0.1
=> nmap -sP 117.18.224.146
=> nmap -A -T4 117.18.224.146
=> nmap -A -T4 scanme.nmap.org
See all the device on your LAN
=> nmap -sP 192.168.1.1-254
=> nmap -sP 192.168.1.1/24
2. iptraf - Packet analysis
=> sudo apt-get install iptraf
=> sudo iftraf
3. tcpdump - command line packet sniffer
Can be used to debug the network setup (tcpdump and wireshark used combined)
=> apt-get install tcpdump
"tcpdump -i eth0" is used to capture the udp traffic on eth0
=> tcpdump -i eth0
"tcpdump port test" is used to capture traffic at specified port (Specify port in place of ‘test’ )
=> sudo tcpdump port 25
"tcpdump -c n” is used to stop capture after ‘n’ packets. Where ‘n’ could be any integer value
=> sudo tcpdump -c 2
"tcpdump -d any” is used to see traffic at all ports/interfaces
=> sudo tcpdump -d
"tcpdump -v is used to display the verbose output
=> sudo tcpdump -v
4. ethereal - graphical expression of tcpdump
sudo apt-get install ethereal (if does not work) try :
sudo apt-get install wireshark
=> wireshark
Wireshark (Old Name Ethereal)
5. etherape - graphical traffic analyzer
sudo apt-get install etherape
=> etherape
6. tcptrack - displays information about TCP connections
sudo apt-get install tcptrack
=> tcptrack -i eth0
=> tcptrack -i eth0 src or dst 10.45.165.2
=> tcptrack -i eth0 port 80
7. Install Process Accounting
sudo apt-get install acct
Start Process Accounting
=> /etc/init.d/psacct start
on Ubuntu
=> sudo service acct start
=>ac
=> ac -d
=> ac -p
8. lastcomm - search out the commands of users
=> lastcomm
=> lastcomm mukul
9. /usr/sbin/sa - summary of commands
=> /usr/sbin/sa
=> /usr/sbin/sa -cpu
=> /usr/sbin/sa -re (does not work)
=> /usr/sbin/sa -k
=> /usr/sbin/sa -k*sec (does not work)
=> /usr/sbin/sa -u
=> /usr/sbin/sa -s
=> /usr/sbin/sa -m
10. Display All Names
=> sa -a
=> sa -c
11. Darkstat - gather network statistics
sudo apt-get install darkstat
=> sudo gedit /etc/darkstat/init.cfg
# Turn this to yes when you have configured the options below.
START_DARKSTAT=no
to
START_DARKSTAT=yes
=> sudo /etc/init.d/darkstat start
=> http://youripaddress:666
=> http://127.0.0.1:666/
12. Ethstatus - Console-based ethernet statistics monitor
sudo apt-get install ethstatus
=> ethstatus
13. OpManager - a network monitoring software
# apt-get install libgdbmg1 libexpat1
Create the following user and group
# adduser nobody
# groupadd nobody
Install Opmanager in Debian Etch
First you need to download the trail version of opmanager for
Linux. Then you should have
ManageEngine_OpManager_7_linux.bin file. You need to run this
file using the following command as root
# ./ ManageEngine_OpManager_7_linux.bin
Enter the web server port as 4430 because 443(https)
The file libdb-3.2.so may not exist in your system. OpManager
bundles this file under lib/backup under OpManager Installation directory. Copy this file to lib directory ie.(Execute this command under /opt/AdventNet/ME/OpManager - this is the default location where OpManager is installed under Linux distribution)
# cd /opt/AdventNet/ME/OpManager/
# cp lib/backup/libdb-3.2.so lib/
Now you need to start the opmanager using the follow command
# /opt/AdventNet/ME/OpManager/bin/StartOpmanagerServer.sh
Once it started you should see the following screen
Now you need to go to open https://serverip:4430 in your web browser you should see the following screen here you need to login using the following details
Username: - admin
Password: - admin
Opmanager Startup Script
If you want to start your opmanager automatically when you reboot your server you need to download this script
Download opmanager file into /etc/init.d directory and run the following command
#chmod 755 opmanager
Now you need to update the startup script link using the following command
#update-rc.d opmanager defaults 50
Thats it your opmanager is ready to use
Now you need to check this manual for how add devices and services.
14. Whowatch - interactive users and process monitoring tool
sudo apt-get install whowatch
=> whowatch
Ctrl-I - send INT signal to selected process
Ctrl-K - send KILL signal to selected process
s - It will provide the system details
d - Details about the user
Check all shares on your network
=> smbtree -N
=> smbtree -NS
It works in Linux and Windows both
=> sudo apt-get install nmap
=> sudo nmap domainname (or IP address)
=> sudo nmap -sS -O 127.0.0.1
=> sudo nmap -sU 117.18.224.146
=> sudo nmap -sS -O -p 20-25 127.0.0.1
=> sudo nmap -sS -F 127.0.0.1
=> nmap -sP 117.18.224.146
=> nmap -A -T4 117.18.224.146
=> nmap -A -T4 scanme.nmap.org
See all the device on your LAN
=> nmap -sP 192.168.1.1-254
=> nmap -sP 192.168.1.1/24
2. iptraf - Packet analysis
=> sudo apt-get install iptraf
=> sudo iftraf
3. tcpdump - command line packet sniffer
Can be used to debug the network setup (tcpdump and wireshark used combined)
=> apt-get install tcpdump
"tcpdump -i eth0" is used to capture the udp traffic on eth0
=> tcpdump -i eth0
"tcpdump port test" is used to capture traffic at specified port (Specify port in place of ‘test’ )
=> sudo tcpdump port 25
"tcpdump -c n” is used to stop capture after ‘n’ packets. Where ‘n’ could be any integer value
=> sudo tcpdump -c 2
"tcpdump -d any” is used to see traffic at all ports/interfaces
=> sudo tcpdump -d
"tcpdump -v is used to display the verbose output
=> sudo tcpdump -v
4. ethereal - graphical expression of tcpdump
sudo apt-get install ethereal (if does not work) try :
sudo apt-get install wireshark
=> wireshark
Wireshark (Old Name Ethereal)
5. etherape - graphical traffic analyzer
sudo apt-get install etherape
=> etherape
6. tcptrack - displays information about TCP connections
sudo apt-get install tcptrack
=> tcptrack -i eth0
=> tcptrack -i eth0 src or dst 10.45.165.2
=> tcptrack -i eth0 port 80
7. Install Process Accounting
sudo apt-get install acct
Start Process Accounting
=> /etc/init.d/psacct start
on Ubuntu
=> sudo service acct start
=>ac
=> ac -d
=> ac -p
8. lastcomm - search out the commands of users
=> lastcomm
=> lastcomm mukul
9. /usr/sbin/sa - summary of commands
=> /usr/sbin/sa
=> /usr/sbin/sa -cpu
=> /usr/sbin/sa -re (does not work)
=> /usr/sbin/sa -k
=> /usr/sbin/sa -k*sec (does not work)
=> /usr/sbin/sa -u
=> /usr/sbin/sa -s
=> /usr/sbin/sa -m
10. Display All Names
=> sa -a
=> sa -c
11. Darkstat - gather network statistics
sudo apt-get install darkstat
=> sudo gedit /etc/darkstat/init.cfg
# Turn this to yes when you have configured the options below.
START_DARKSTAT=no
to
START_DARKSTAT=yes
=> sudo /etc/init.d/darkstat start
=> http://youripaddress:666
=> http://127.0.0.1:666/
12. Ethstatus - Console-based ethernet statistics monitor
sudo apt-get install ethstatus
=> ethstatus
13. OpManager - a network monitoring software
# apt-get install libgdbmg1 libexpat1
Create the following user and group
# adduser nobody
# groupadd nobody
Install Opmanager in Debian Etch
First you need to download the trail version of opmanager for
Linux. Then you should have
ManageEngine_OpManager_7_linux.bin file. You need to run this
file using the following command as root
# ./ ManageEngine_OpManager_7_linux.bin
Enter the web server port as 4430 because 443(https)
The file libdb-3.2.so may not exist in your system. OpManager
bundles this file under lib/backup under OpManager Installation directory. Copy this file to lib directory ie.(Execute this command under /opt/AdventNet/ME/OpManager - this is the default location where OpManager is installed under Linux distribution)
# cd /opt/AdventNet/ME/OpManager/
# cp lib/backup/libdb-3.2.so lib/
Now you need to start the opmanager using the follow command
# /opt/AdventNet/ME/OpManager/bin/StartOpmanagerServer.sh
Once it started you should see the following screen
Now you need to go to open https://serverip:4430 in your web browser you should see the following screen here you need to login using the following details
Username: - admin
Password: - admin
Opmanager Startup Script
If you want to start your opmanager automatically when you reboot your server you need to download this script
Download opmanager file into /etc/init.d directory and run the following command
#chmod 755 opmanager
Now you need to update the startup script link using the following command
#update-rc.d opmanager defaults 50
Thats it your opmanager is ready to use
Now you need to check this manual for how add devices and services.
14. Whowatch - interactive users and process monitoring tool
sudo apt-get install whowatch
=> whowatch
Ctrl-I - send INT signal to selected process
Ctrl-K - send KILL signal to selected process
s - It will provide the system details
d - Details about the user
Check all shares on your network
=> smbtree -N
=> smbtree -NS
No comments:
Post a Comment