inux on the desktop is making great progress. However, the real beauty of Linux and Unix like operating system lies beneath the surface at the command prompt. nixCraft picks his best open source terminal applications of 2012.
Most of the following tools are packaged by all major Linux distributions and can be installed on *BSD or Apple OS X.
#1: siege – An HTTP/HTTPS stress load tester
Fig.01: siege in action
Siege is a multi-threaded http or https load testing and benchmarking utility. This tool allows me to measure the performance of web apps under duress. I often use this tool test a web server and apps. I have had very good results with this tool. It can stress a single url such as example.com/foo.php or multiple urls. At the end of each test you will get all data about the web server performance, total data transferred, latency, server response time, concurrency and much more.
#2: abcde – A better CD encoder
Usually, the process of grabbing the data off a CD and encoding it, then tagging or commenting it, is very involved. abcde is designed to automate this. It will take an entire CD and convert it into a compressed audio format – Ogg/Vorbis, MPEG Audio Layer III, Free Lossless Audio Codec (FLAC), Ogg/Speex, MPP/MP+(Musepack) and/or M4A (AAC) format(s). It will do a CDDB query over the Internet to look up your CD or use a locally stored CDDB entry.
#3: ngrep – Network grep
Fig.02: ngrep in action
Ngrep is a network packet analyzer. It follows most of GNU grep’s common features, applying them to the network layer. Ngrep is not related to tcpdump. It is just an easy to use tool. You can run queries such as:
## grep all HTTP GET or POST requests from network traffic on eth0 interface ## sudo ngrep -l -q -d eth0 "^GET |^POST " tcp and port 80
I often use this tool to find out security related problems and tracking down other network and server related problems.
The pv command allows you to see the progress of data through a pipeline. It provides the following info:
- Time elapsed
- Percentage completed (with progress bar)
- Current throughput rate
- Total data transferred
Fig.04: dtrx in action
dtrx is an acronmy for “Do The Right Extraction.” It’s a tool for Unix-like systems that take all the hassle out of extracting archives. As a sysadmin, I download source code and tar balls. This tool saves lots of time.
- You only need to remember one simple command to extract tar, zip, cpio, deb, rpm, gem, 7z, cab, lzh, rar, gz, bz2, lzma, xz, and many kinds of exe files, including Microsoft Cabinet archives, InstallShield archives, and self-extracting zip files. If they have any extra compression, like tar.bz2 files, dtrx will take care of that for you, too.
- dtrx will make sure that archives are extracted into their own dedicated directories.
- dtrx makes sure you can read and write all the files you just extracted, while leaving the rest of the permissions intact.
- Recursive extraction: dtrx can find archives inside the archive and extract those too.
- Download dtrx
#6:dstat – Versatile resource statistics tool
Fig.05: dstat in action
As a sysadmin, I heavily depends upon tools such as vmstat, iostat and friends for troubleshooting server issues. Dstat overcomes some of the limitations provided by vmstat and friends. It adds some extra features. It allows me to view all of my system resources instantly. I can compare disk usage in combination with interrupts from hard disk controller, or compare the network bandwidth numbers directly with the disk throughput and much more.
#7:ffmpeg – Record, convert, stream and play multimedia content
Fig.06: ffmpeg in action (ogv to mp4 conversion)
Recently, I started a youtube channel for nixCraft. I need to convert video and audio in various format such as Youtube HD web streaming format. This tool saves lots of my time. I often use this tool for audio/video conversion. This is the best tool for converting Audio, AVI, MP4, Ipod, Mobile phone, PSP, Quicktime, Rockbox, Web (Flash), WMV and much more.
#8:mtr – Traceroute+ping in a single network diagnostic tool
Fig.07: mtr in action
The mtr command combines the functionality of the traceroute and ping programs in a single network diagnostic tool. Use mtr to monitor outgoing bandwidth, latency and jitter in your network. A great little app to solve network problems. If you see a sudden increase in packetloss or response time is often an indication of a bad or simply overloaded link.
#9:multitail – Tail command on steroids
Fig.08: multitail in action (image credit – official project)
MultiTail is a program for monitoring multiple log files, in the fashion of the original tail program. This program lets you view one or multiple files like the original tail program. The difference is that it creates multiple windows on your console (with ncurses). I often use this tool when I am monitoring logs on my server.
#10: curl – Transfer data and see behind the scenes
Fig.09: curl command in action
Curl is a command line tool to transfer data from or to a server, using one of the supported protocols. The command is designed to work without user interaction. curl offers a busload of useful tricks like proxy support, user authentication, FTP upload, and much more. I often usecurl command to:
- Troubleshoot http/ftp/cdn server problems.
- Check or pass HTTP/HTTPS headers.
- Upload / download files using ftp protocol or to cloud account.
- Debug HTTP responses and find out exactly what an Apache/Nginx/Lighttpd/IIS server is sending to you without using any browser add-ons or 3rd party applications.
- Download curl
#11: netcat – TCP/IP swiss army knife
Fig.10: nc server and telnet client in action
Netcat or nc is a simple Linux or Unix command which reads and writes data across network connections, using TCP or UDP protocol. I often use this tool to open up a network pipe to test network connectivity, make backups, bind to sockets to handle incoming / outgoing requests and much more. In this example, I tell nc to listen to a port # 3005 and execute /usr/bin/w command when client connects and send data back to the client:
$ nc -l -p 3005 -e /usr/bin/w
From a different system try to connect to port # 3005:
$ telnet server1.cyberciti.biz.lan 3005
#12: nmap – Offensive and defensive network security scanner
Nmap is short for Network Mapper. It is an open source security tool for network exploration, security scanning and auditing. However, nmap command comes with lots of options that can make the utility more robust and difficult to follow for new users.
#13: openssl command line tool
The openssl command is used for the various cryptography functions of OpenSSL’s crypto library from the shell. I often use this tool to encrypt files, test/verify ssl connections, and check the integrity of downloaded files. Further, openssl can be used for:
- Creation of RSA, DH and DSA key parameters
- Creation of X.509 certificates, CSRs and CRLs
- Calculation of Message Digests
- Handling of S/MIME signed or encrypted mail
The following few examples demonstrate the power of openssl command:
File integrity verification (cryptographic hashing function)
Verify that a file called financial-records-fy-2011-12.dbx.aes has not been tampered with:
openssl dgst -sha1 -c financial-records-fy-2011-12.dbx.aes openssl dgst -ripemd160 -c financial-records-fy-2011-12.dbx.aes openssl dgst -md5 -c financial-records-fy-2011-12.dbx.aes
Sample outputs from the last command:
Encryption and Decryption with Ciphers (files)
## encrypt file ## openssl aes-256-cbc -salt -in financial-records-fy-2011-12.dbx -out financial-records-fy-2011-12.dbx.aes ## decrypt file ## openssl aes-256-cbc -d -in financial-records-fy-2011-12.dbx.aes -out financial-records-fy-2011-12.dbx
SSL/TLS client and server tests
## connect to gmail mail server for testing purpose ## openssl s_client -connect smtp.gmail.com:995 openssl s_client -connect smtp.gmail.com:995 -CApath /etc/ssl
#14: lftp: A better command-line ftp/http/sftp client
This is the best and most sophisticated sftp/ftp/http download and upload client program. I often use this tool to:
- Recursively mirroring entire directory trees from a ftp server
- Accelerate ftp / http download speed
- Location bookmarks and resuming downloads.
- Backup files to a remote ftp servers.
- Transfers can be scheduled for execution at a later time.
- Bandwidth can be throttled and transfer queues can be set up.
- Lftp has shell-like command syntax allowing you to launch several commands in parallel in background (&).
- Segmented file transfer, that allows more than one connection for the same file.
- And much more.
- Download lftp
#15: Irssi – IRC client
Fig.#12: irssi in action (image credit wikipedia)
Irssi is a modular Internet Relay Chat client. It is highly extensible and very secure. Being a fullscreen, termcap based client with many features, Irssi is easily extensible through scripts and modules. I often use this client to get help about certain problmes from IRC rooms or just to hang out with old buddies.