Here are some tools I use on a fairly frequent basis, which may or may not be installed by default in your distribution. I highly recommend installing these tools during the provisioning stage of your system/environment because repositories aren’t always reachable on production systems. Furthermore, installing software on a running critical production system is often a tightly controlled process.
nmap
This is a very robust yet lightweight network tool. I typically use this tool for port and subnet scanning, but it packs a ton of features and is worth looking into if you’ve never heard of it. I use it on a weekly basis. Please note, this tool may not be appropriate for environments that have very tight security policies as it has the potential to be used maliciously.
telnet
This tool is fairly common, but is not installed by default on many distros, especially if you work from minimal installs like I do. It’s great for testing TCP connectivity to certain ports on remote hosts. My favorite usage is telnet google.com 80
This will tell you if you’re able to connect to webpages on the internet. Typing GET at the blank prompt will confirm a valid connection by downloading the html response from the page. Very useful for checking port connectivity inside your firewall as well.
ethtool
Use this to mine information from your network interfaces. Most common usage is ethtool eth0 which will show you the physical link-state of the adapter and various other settings. This tool can also be used to perform operations such as flashing a device’s firmware or having an interface blink so a technician in the data center can positively ID it.
logwatch
This is a great utility that will parse your log files for you, aggregate information, and display the information in an easy to read format.
mlocate
mlocate is the name of the package which installs locate and updatedb. The updatedb command indexes the filenames and paths of all files on your system. The locate command lets you quickly search that index for a file string. Much faster than using find, and much less complicated syntax for beginners.
mutt
This is a simple command line mail client. It can be used to compose email much like a desktop mail client, however I mainly use it to email attachments to remote systems as the mail command does not allow for such an operation.
Common usage: echo “this is the body of the email” | mutt -s “Subject goes here” -a myfile.txt — user@example.com
This should work as long as you have a MTA running, such as postfix or sendmail.
vim
vim is an enhanced version of the vi editor. It allows for color highlighting as well as using your arrow keys in insert mode. I recommend using vi / vim because it’s available on nearly any *nix system by default. That Solaris box you have to log into once a year might not have NANO when you need to edit some configuration file. Do yourself a favor and learn the use vi / vim.
system-config-network (RHEL/CentOS/Fedora)
This is a handy tool for configuring networking on the above mentioned distros. It’s a little more beginner friendly than editing the network config files manually.
system-config-firewall-tui (RHEL/CentOS/Fedora)
Same idea as the system-config-network command above, but in this case is used for configuring your system’s firewall. Can make complicated firewall rules much easier to implement for beginners.
policycoreutils-python (RHEL/CentOS/Fedora)
I frankly don’t know why this software isn’t installed by default, even on standard spins of these distributions. It’s essential for managing basic SELinux contexts and policies. If you’re running a system with SELinux enabled in enforcing mode, you need this tool to make permanent changes to SELinux contexts. The chcon command, which works will in a pinch, will not enable your filesystem’s contexts to survive a filesystem relabel. This can occur after booting a system into rescue mode or disabling / reenabling SELinux. The time to find out your SELinux contexts weren’t permanent isn’t after rescuing a broken production system.