Debian Administration Utilities

These are the utilities i have collected and each utility is having man page which gives you more information about each utility.


apachetop - Realtime Apache monitoring tool

Apache top is a curses-based realtime utility to display information from a running copy of Apache.

It is modelled after the standard 'top' utility, and displays information such as the requests pers second, bytes per second
and the most popular URLs displayed.

It must be run from a machine running Apache, as it works by processing the logfiles found in /var/log/apache.

Install apachetop in Debian

#apt-get install apachetop

If you want to monitor your apache log files need to be in /var/log/apache location


last hit: 00:00:00 atop runtime: 0 days, 00:04:05 17:21:05
All: 0 reqs ( 0.0/sec) 0.0B ( 0.0B/sec) 0.0B/req
2xx: 0 ( 0.0%) 3xx: 0 ( 0.0%) 4xx: 0 ( 0.0%) 5xx: 0 ( 0.0%)
R ( 30s): 0 reqs ( 0.0/sec) 0.0B ( 0.0B/sec) 0.0B/req
2xx: 0 ( 0.0%) 3xx: 0 ( 0.0%) 4xx: 0 ( 0.0%) 5xx: 0 ( 0.0%)

For more information about apachetop check the man page


apt-watch - Monitor apt sources for upgrades

apt-watch is a GNOME applet which will inform you when upgrades are available for your computer. It is similar to Windows Update or the Red Hat Network applet.

Install apt-watch in Debian

#apt-get install apt-watch


checkservice - Checks the status of services on (remote) hosts

Checkservice is a simple and fast service checking perl script. It is able to show the results in many ways: by keeping logs, showing it on the PHP status page, output that MRTG can use or warning(plugins) if something is wrong. Checkservice features grouping of hosts, very easy configuration and thorough service checking using checkplugins

Install checkservice in Debian

#apt-get install checkservice

For more information about checkservice check the man page


diffmon - Tool for reporting changes in system configuration.

This tool is run by a nightly cron job, and takes a `diff' of specified system configuration files and emails them to a specified email address. Options to diff can be specified. This is useful in friendly environments where there are multiple sysadmins working on configuration files/setups and everyone's changes are reported. CVS is a better answer, but most of us don't want to have the hassle of putting system files in a repository.

Install diffmon in Debian

#apt-get install diffmon

For more information about diffmon check the man page


dstat - versatile resource statistics tool

Dstat is a versatile replacement for vmstat, iostat and ifstat. Dstat overcomes some of the limitations of these programs and adds some extra features.

Dstat allows you to view all of your network resources instantly, you can for example, compare disk usage in combination with interrupts from your IDE controller, or compare the network bandwidth numbers directly with the disk throughput (in the same interval).

Dstat also cleverly gives you the most detailed information in columns and clearly indicates in what magnitude and unit the output is displayed.

Dstat is also unique in letting you aggregate block device throughput for a certain diskset or network bandwidth for a group of interfaces, i.e. you can see the throughput for all the block devices that make up a single filesystem or storage system.

Dstat's output, in its current form, is not suited for post-processing by other tools, it's mostly meant for humans to interprete real-time data as easy as possible.

Install dstat in Debian

#apt-get install dstat

For more information about dstat check man page


-cpu-total- -disk/total -net/total- ---paging-- ---system--
usr sys idl|_read write|_recv _send|__in_ _out_|_int_ _csw_
0 0 100| 0 0 | 0 0 | 0 0 | 0 0
1 1 98| 0 608k| 300B 1994B| 0 0 | 120 49
1 1 98| 0 0 | 420B 1328B| 0 0 | 120 42
0 2 98| 0 0 | 480B 1760B| 0 0 | 121 40
1 1 98| 0 0 | 600B 1760B| 0 0 | 123 44
0 2 98| 0 0 | 480B 1760B| 0 0 | 115 40
2 0 98| 0 0 | 473B 1330B| 0 0 | 113 45
2 0 98| 0 0 | 420B 1326B| 0 0 | 120 42
2 0 98| 0 0 | 480B 1544B| 0 0 | 119 42
0 2 98| 0 0 | 480B 1760B| 0 0 | 120 42
2 0 98| 0 0 | 420B 1546B| 0 0 | 112 44
1 1 98| 0 272k| 360B 1326B| 0 0 | 130 43
0 2 98| 0 8192B| 660B 1652B| 0 0 | 141 46
1 1 98| 0 0 | 420B 1544B| 0 0 | 121 40
2 0 98| 0 0 | 782B 1760B| 0 0 | 126 44
1 1 98| 0 0 | 480B 1760B| 0 0 | 120 40
2 0 98| 0 0 | 782B 1760B| 0 0 | 125 45
1 1 98| 0 0 | 646B 1760B| 0 0 | 122 40


e2undel - Undelete utility for the ext2 file system

Interactive console tool to recover the data of deleted files on an ext2 file system under Linux. It does not require knowledge about how ext2 file systems works and should be usable by most people.

This tools searches all inodes marked as deleted on a file system and lists them as sorted by owner and time of deletion. Additionally, it gives you the file size and tries to determine the file type in the way file(1) does. If you did not just delete a whole bunch of files with a 'rm -r *', this information should be helpful to find out which of the deleted files you would like to recover.

E2undel will not work on ext3 (journaling) filesystems.

Install e2undel in Debian

#apt-get install e2undel

For more information about e2undel check man page


gkrellm - multiple stacked system monitors: 1 process [client]

GKrellM charts CPU, Disk, and all active net interfaces automatically. An on/off button and online timer for the PPP interface is provided. Meters for memory and swap usage as well as a system uptime monitor are provided. Additional features are:

* Client/server capabilities
* Clicking on left or right frame slides GKrellM shut to gain screen space.
* Autoscaling grid lines with configurable grid line resolution.
* LED indicators for the net interfaces.
* Configurable chart sizes.

Install gkrellm in Debian

#apt-get install gkrellm

For more information about gkrellm check man page


hwinfo - Hardware identification system

hwinfo is the hardware detection tool used in SuSE Linux.

In Debian-Edu (Skolelinux) hwinfo has shown better results than discover when detecting mouse, keyboard and monitor.

hwinfo is collecting information about the hardware installed on a system. Among others, libhd contains information about cdrom, zip, floppy, disks and partitions, network card, graphics card, monitor, camera, mouse, sound, pppoe, isdn, modem, printer, scanner, bios, cpu, usb, memory and smp.

Install hwinfo in Debian

#apt-get install hwinfo

For more information about hwinfo check man page


harden-remoteaudit - Audit your remote systems from this host

This package helps you to install a set of tools to check remote systems, sniff for passwords and more. Observe that this kind of activity can be illegal so you have to check if you are authorized to do so in the environment where you install this package.

You can check exploits, sniff for passwords and similar things.

Nessus note: You have to have the nessus client installed on some host. The client is provided by the 'nessus' package. You can install it on the same host but that is not necessary.

NOTE! This package includes packages that can damage the system that you audit. It should NOT be used on any host, network or system that you are not responsible for. It can also damage the hosts that are checked. You have been warned!

Install harden-remoteaudit in Debian

#apt-get install harden-remoteaudit


jmon - distributed resource monitor

Resource monitoring for large networks. The jMon system allows for the real time monitoring of CPU, memory and swap usage. The system makes use of a small daemon running on each of the machines that are to be monitored.

The client makes a TCP/IP connection with each of the servers specified in the configuration file. The statistics of all the host machines are displayed in an ncurses window on the console.

Install jmon in Debian

#apt-get install jmon

For more information about jmon check man page


localepurge - Automagically remove unnecessary locale data

This is just a simple script to recover diskspace wasted for unneeded locale files and localized man pages. It will
automagically be invoked upon completion of any apt installation run.

Please note, that this tool is a hack which is *not* integrated with Debian's package management system and therefore is not for the faint of heart. This program interferes with the Debian package management and does provoke strange, but usually harmless, behaviour of programs related with apt/dpkg like dpkg-repack, debsums, reportbug, etc. Responsibility for its usage and possible breakage of your system therefore lies in the sysadmin's (your) hands.

Please definitely do abstain from reporting any such bugs blaming localepurge if you break your system by using it. If you don't know what you are doing and can't handle any resulting breakage on your own then please simply don't use this package.

Install localepurge in Debian

#apt-get install localepurge

For more information about localepurge check man page


localepurge: Disk space freed in /usr/share/locale: 32672K


lsscsi - list all SCSI devices (or hosts) currently on system

Uses information in sysfs (linux kernels 2.6.0 and later) to list all scsi devices (or hosts) currently attached to the system. Options can be used to control the amount and form of information provided for each device.

Install lsscsi in Debian

#apt-get install lsscsi

For more information about lsscsi check man page


mbmon - Hardware monitoring without kernel dependencies (text client)

(x)mbmon allows you to monitor hardware status using your motherboard's sensors. This information can be: temperatures, voltages and/or fan speeds.This package contains the console client.

Install mbmon in Debian

#apt-get install mbmon

For more information about mbmon check man page


medussa - Distributed password cracking system

Medussa is a distributed password cracking system that can attempt various types of attacks to crypted passwords distributing the work on many machines.

Install medussa in Debian

#apt-get install medussa


nessus - Remote network security auditor, the client

The Nessus Security Scanner is a security auditing tool. It makes possible to test security modules in an attempt to find vulnerable spots that should be fixed.

It is made up of two parts: a server, and a client. The server/daemon, nessusd, is in charge of the attacks, whereas the client, nessus, provides the user a nice X11/GTK+ interface.

This package contains the GTK+ client, which exists in other forms and on other platforms, too.

Install nessus in Debian

#apt-get install nessus

For more information about nessus check man page


nessusd - Remote network security auditor, the server

The Nessus Security Scanner is a security auditing tool. It makes possible to test security modules in an attempt to find vulnerable spots that should be fixed.

It is made up of two parts: a server, and a client. The server/daemon, nessusd, is in charge of the attacks, whereas the client, nessus, provides the user a nice X11/GTK+ interface.

This package contains the nessusd server, which must be run as root.

Install nessusd in Debian

#apt-get install nessusd

For more information about nessusd check man page


packagesearch - GUI for searching packages and viewing package information

This tool is aimed to help you search the packages you need. It should make the task of searching a pleasant experience.

Search can be done by

* pattern
* tags (based on the debtags system, a new way of categorizing Debian packages)
* files
* installed status
* orphaned packages
Additionally a lot of information about the packages is displayed, including the files belonging to them.
It is possible to install or remove packages.

Install packagesearch in Debian

#apt-get install packagesearch

For more information about packagesearch check man page


parted - The GNU Parted disk partition resizing program

GNU Parted is a program that allows you to create, destroy, resize, move and copy hard disk partitions. This is useful for creating space for new operating systems, reorganising disk usage, and copying data to new hard disks. This package contains the Parted binary and manual page.

Parted currently supports DOS, Mac, Sun, BSD, GPT, MIPS and PC98 disklabels/partition tables, as well as a 'loop' (raw disk) type which allows use on RAID/LVM. Filesystems which are currently fully supported are ext2, ext3, fat (FAT16 and FAT32), ReiserFS (with libreiserfs) and linux-swap. Parted can also detect and remove HFS (Mac OS), JFS, NTFS, UFS (Sun and HP), XFS and ASFS/AFFS/APFS (Amiga) filesystems, but cannot create, resize or check these filesystems yet.

Note that ReiserFS support is only enabled if you install the libreiserfs0.3-0 package. Since libreiserfs0.3-0 has been removed from sarge, ReiserFS support is not compiled in the default package.

The nature of this software means that any bugs could cause massive data loss. While there are no known bugs at the moment, they could exist, so please back up all important files before running it, and do so at your own risk.

Install parted in Debian

#apt-get install parted

For more information about parted check man page


powertweak - Tool to tune system for optimal performance

Powertweak is a tool for tweaking Linux systems to peak performance. It tunes PCI devices to use optimal settings and enables performance enhancing features of the CPU(s).

This package contains no files. It merely ensures that you install the following packages: powertweakd, powertweak-extra, powertweak-gtk

Install powertweak in Debian

#apt-get install powertweak

For more information about powertweak check man page


printtool - Tk-based printer configuration tool

This is an enhanced version of the Red Hat printtool, with autodetection of printers and PPD support.

Install printtool in Debian

#apt-get install printtool

For more information about printtool check man page


recover - Undelete files on ext2 partitions

Recover automates some steps as described in the ext2-undeletion howto. This means it seeks all the deleted inodes on your hard drive with debugfs. When all the inodes are indexed, recover asks you some questions about the deleted file. These questions are:

* Hard disk device name
* Year of deletion
* Month of deletion
* Weekday of deletion
* First/Last possible day of month
* Min/Max possible file size
* Min/Max possible deletion hour
* Min/Max possible deletion minute
* User ID of the deleted file
* A text string the file included (can be ignored)
If recover found any fitting inodes, it asks to give a directory name and dumps the inodes into the directory. Finally it asks you if you want to filter the inodes again (in case you typed some wrong answers).

Note that recover works only with ext2 filesystems - it does not support ext3.

Install recover in Debian

#apt-get install recover

For more information about recover check man page


router-audit-tool - Tool for auditing Cisco router configuration

The Router Audit Tool (rat) audits router configurations. It will log into the routers specified using provided login
information, download the configuration and audit against a set of provided rules.

This package also provides the NSA's Cisco Router Configuration Guide

Install router-audit-tool in Debian

#apt-get install router-audit-tool


samhain - Data integrity and host intrusion alert system

Samhain is an integrity checker and host intrusion detection system that can be used on single hosts as well as large, UNIX-based networks. It supports central monitoring as well as powerful (and new) stealth features to run undetected on memory using steganography.

Main features

* Complete integrity check
+ uses cryptographic checksums of files to detect modifications,
+ can find rogue SUID executables anywhere on disk, and
* Centralized monitoring
+ native support for logging to a central server via encrypted and authenticated connections
* Tamper resistance
+ database and configuration files can be signed
+ logfile entries and e-mail reports are signed
+ support for stealth operation

Install samhain in Debian

#apt-get install samhain

For more information about samhain check man page


srg - Fast, Flexible and Detailed log analysis for the Squid Proxy

SRG provides fast and flexible analysis of squid proxy log files while retaining a high level of detail, including down the the exact URLs visited by users and the times at which they were visited. SRG also contains support for generated PHP reports that can be integrated with your existing authentication system to provide granular access to report output.

Install srg in Debian

#apt-get install srg

For more information about srg check man page


tiger - Report system security vulnerabilities

TIGER, or the 'tiger' scripts, is a set of Bourne shell scripts, C programs and data files which are used to perform a security audit of UNIX systems. TIGER has one primary goal: report ways 'root' can be compromised.

Debian's TIGER incorporates new checks primarily oriented towards Debian distribution including: md5sums checks of installed files, location of files not belonging to packages, check of security advisories and analysis of local listening processes.

Install tiger in Debian

#apt-get install tiger

For more information about tiger check man page


userinfo - display informations about a local user

Userinfo is a small console utility to display as much information about a local user as possible. It currently supports: password file info, home directory mode, mail forwards/aliases/last read time/new time/folder size, utmp info and more

Install userinfo in Debian

#apt-get install userinfo

For more information about userinfo check man page


varmon - VA RAID monitor

A text-based tool to monitor DAC 960 RAID controllers. This includes Mylex RAID cards from the 960 and 1100 series, eXteremeRAID 2000 & 3000, AcceleRAID 352 & 170.

Install varmon in Debian

#apt-get install varmon

For more information about varmon check man page


whowatch - Real-time user logins monitoring tool

whowatch is a ncurses who-like utility that displays information about the users currently logged on to the machine, in real-time. Besides standard information (login name, tty, host, user's process), the type of the connection (ie. telnet or ssh) is shown.

Install whowatch in Debian

#apt-get install whowatch

For more information about whowatch check man page


wwwstat - httpd logfile analysis package

wwwstat processes a sequence of httpd Common Logfile Format access_log files and prior summary outputs, and then outputs a summary of the access statistics in a nice HTML format.

splitlog processes a sequence of httpd Common Logfile Format access_log files (or CLF with a one-field prefix) and splits the entries into separate files according to the requested URL and/or vhost prefix.

Install wwwstat in Debian

#apt-get install wwwstat

For more information about wwwstat check man page


xmbmon - Hardware monitoring without kernel dependencies

(x)mbmon allows you to monitor hardware status using your motherboard's sensors. This information can be: temperatures, voltages and/or fan speeds.

This package contains the graphical client.

Install xmbmon in Debian

#apt-get install xmbmon

For more information about xmbmon check man page


xlogmaster - A program to monitor logfiles

Xlogmaster can monitor an almost infinite number of logfiles and all devices that can be read via "cat" like the /proc ones.On a regular expression base, you can hide, raise or lower lines in the logfile and set triggers, which can launch scripts or pop-up a window

Install xlogmaster in Debian

#apt-get install xlogmaster

For more information about xlogmaster check man page