A program for gaining access to a remote PC and sharing files. The application does not require mandatory installation and is of high quality image transmission. This is a program for remote access to a PC. It allows you to use the functions of a remote computer as if you were sitting at it yourself. Eni Desk is distinguished by high quality and stability of the transmitted picture; in terms of connection setup speed, this utility is at the level of the best solutions like Ammyy Admin. The application has the ability to display videos, there is an integrated file manager.
version: 10.0.17763.1 from 09 April 2019The program for creating an ISO file for Windows 10 - allows you to download a free distribution of the operating system and burn it to an optical disc or flash drive.
Media Creation Tool allows you to instantly update the current version of the OS, download an image in a common ISO format or a distribution kit that is ready to be transferred to a USB flash drive. The user can choose one of the many official languages of Windows 10 - download the Russian or other version for free in the required bit depth (64/32 bits). If you plan to install the system on another computer, you can download both versions at the same time - x86, x64.
version: 8.4.0.7 from 05 March 2019With this program, you can erase any object from the computer disk - be it a separate file or folder, a plug-in, a program or an application package. However, it does not require installation and can be run from a flash drive or memory card.
Once launched, the utility finds all installed software and components and sorts them into different categories (Large, Recently Installed, Rarely Used, and so on).
version: 2.0.6 from 01 February 2019Revo Uninstaller is a professional program uninstaller that allows you to completely remove programs installed on your computer, even if you have problems removing them using the standard Windows uninstaller.
Thanks to its advanced and fast algorithm, before uninstalling an application, Revo Uninstaller analyzes all files to be removed and only then removes them. You can also remove unnecessary additional files, folders and registry keys that usually accumulate on the computer before using professional uninstallers.
version: 3.8 from 23 January 2019This small application is used to remotely control other computers or servers. You can control the operation of the mouse and keyboard, run the programs you need, or copy any data to your working system.
The Ammi Admin program is relevant for users who are well versed in computers and can help their friends or work colleagues sort out certain problems. For example, by connecting remotely to another PC, you can install any program, burn a disc, or troubleshoot. In addition, this application will be useful for system administrators, who will be able to spend less time at work, managing servers and computers from a distance.
version: 4.6.3055 from 12 November 2018A program to control another PC via the Internet or an internal local network. The application allows you to access all the functions of the remote machine. 
With the help of AeroAdmin, you can manage a remote desktop as if you were sitting at a remote machine yourself. When exchanging information, a hybrid AES + RSA encryption algorithm is used.
AnVir Task Manager is a free system utility that allows you to control everything that is running on your computer, and also provides convenient tools for configuring your computer.
Short list of features:
- Manage startup, running processes, services and drivers and replace the Task Manager;
- Detection and removal of viruses and spyware;
- Tweaking XP and Vista, including installing hidden settings;
- Speed up Windows boot and computer performance.
A network administration and monitoring program that contains tools for building visual diagrams of computers, servers, and other elements. 
Reliable assistant for the system administrator. As the name implies, Friendly Pinger allows you to find out the status of each computer connected to a common network. In addition, using this program, you can inventory the installed software and hardware components of the PC, view a list of users who are currently accessing the administrator file system, search for network services and set up an alert system, thanks to which you can receive instant notification in case of a stop or start. server. Supports the ability to send external commands to other devices (for example, telnet, tracert and others), as well as the function of creating distributions.
The system administrator is constantly fighting for free disk space. This applies to both user systems and servers. Sometimes you can quickly determine which files are occupying the disk, but when in a hurry (force majeure) or when the problem is not obvious, a free program will come to the rescue - WinDirStat.
With its help, you can quickly determine the size of directories, files, their structure and location on the disk. There are several display modes, among them the familiar Explorer, as well as a graphical representation of the occupied disk space.
Analyzing network packets and troubleshooting network infrastructure is a rather time-consuming task that requires preparation. Wireshark is a free tool that makes learning and analyzing traffic easier with its many features. One look at this software will arouse interest and desire to install this utility for further review. On the pages of the project site will definitely appear materials dedicated to the program Wireshark- keep for updates.
Who doesn't know PuTTY? Perhaps this is one of the few programs that is used by all IT specialists. For those who are not yet familiar with it - here is a multiple description. PuTTY is a terminal emulator. If you need serial connection (COM), Telnet, SSH, TCP, Rlogin is the program for you.
AMANDA Network Backup is a data backup system that uses a basic (central) server and clients for different operating systems: Windows, Linux, Solaris, Mac OS X. At the same time, recording to disks, tapes and cloud storage is available. The principle of operation is well illustrated in the figure below:
nmap is a free utility designed for a variety of customizable scanning of IP networks with any number of objects, determining the state of the scanned network objects (ports and their corresponding services). The program was originally implemented for UNIX systems, but versions for many operating systems are now available.
PowerGUI - allows you to simplify the assembly of your own PowerShell scripts to simply select the necessary cmdlets that suit your task and drag them to the right places. Ideal for those who are new to PowerShell but have a basic understanding of the concepts. PowerGUI is an easy-to-use editor that is likely to improve your understanding of assembling more complex and advanced scripts, especially if you're best at absorbing information visually.
.
VirtualBox - lightweight and affordable virtualization for various operating systems (Windows, Linux, Max OS, etc.) Read more about this software.
ClamWin is a free antivirus for the Windows operating system (all editions). The possibilities include:
- Scheduled Scan Scheduler.
- Automatic update of the anti-virus database.
- Antivirus scanner.
- Integration into the Explorer context menu in Windows.
- Plugin for Microsoft Outlook.
- Ability to work from a flash drive or CD without the need for installation.
Of course, there are many antivirus programs, but this product is included in today's article due to open source code and availability.
This add-in allows you to conveniently manage virtual machines in the Microsoft Azure cloud.
Excellent fast multi-platform network scanner.
That's all. Leave in the comments the programs and services that you use in your work. Good luck!
Each system administrator sometimes has to service the computers of friends or make home visits. In this case, a proven set of utilities helps him. Our review will only talk about free ones that do not require installation and have become the de facto standard.
autoruns
This program became the hallmark of Mark Russinovich and Winternals Software (better known by the name of the site - Sysinternals.com), long ago absorbed by Microsoft. Now it is still developed by the author, but legally belongs to the technical department of Microsoft. The current version 13.3 was written in April 2015. With v.13.0, the program has not only become more convenient, it has received a number of new features, in particular advanced filtering tools, integration with other system utilities and online services.Autoruns displays the most comprehensive and most detailed list of autorun components, regardless of their type. The utility shows how to load all drivers, programs (including system ones) and their modules by registry keys. It even lists all Windows Explorer extensions, toolbars, auto-started services, and many other things that other similar programs usually elude.
Color-coding helps you quickly identify standard components that are digitally signed by Microsoft, suspicious files, and erroneous lines that refer to non-existent files in a list of hundreds of entries. To disable the ability to autorun any component, just uncheck the box next to it on the left.
Ghosts of autorun objects in Autoruns are highlighted in yellow
Some components are automatically loaded only when you log in with a specific account. In Autoruns, you can select the entries corresponding to each account and view them separately.
The command line mode also deserves attention. It is extremely convenient for exporting a list of startup items to a text file, creating advanced reports, and selective anti-virus scanning of all suspicious objects. Full help can be read on the site, but here I will give an example of a typical command:
Autorunsc -a blt -vrs -vt > C:\Autor.log
Here `autorunsc` is a program module that runs in command line mode. The `-a` option indicates that the objects to check are listed after it. There are three of them in the example: b - boot execute (that is, everything that is loaded after the system starts and before the user logs in); l - logon, specific user startup components and t - scheduled tasks. If you specify an asterisk (*) instead of the blt enumeration, then all startup objects will be checked.
The `-vrs` and `-vt` switches specify the mode of operation with the VirusTotal online service. The first set sends only those files that do not have a Microsoft digital signature and have not been previously verified. If at least one antivirus out of fifty considers the file to be malicious, a detailed report will open in a separate browser tab. The second set of keys is needed so that each time the tab with the user agreement on the use of the VirusTotal service does not open and you do not have to confirm agreement with it.
The Autorunsc report is usually obtained in tens and hundreds of kilobytes. It is inconvenient to read it on the screen, so in the example the output is redirected to a log file. This is a plain text format encoded in UCS-2 Little Endian. Here is an example of a record from it with one false positive:
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run Adobe ARM "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" Adobe Reader and Acrobat Manager Adobe Systems Incorporated 1.801.10.4720 c :\program files (x86)\common files\adobe\arm\1.0\adobearm.exe 11/20/2014 9:03 PM VT detection: 1/56 VT permalink: (link to VirusTotal report). 
Two unsigned drivers turned out to be clean, and there is a VT reaction to one signed driver
Process Explorer
The GUI version of Autoruns can work with another utility by the same author, Process Explorer (PE). If you start PE first, and then Autoruns, then in the menu of the latter there are additional items about viewing the properties of each active process from the autorun menu.In the PE settings, you can specify the desired way to display all active processes: a simple list sorted by name or CPU usage, or a tree-like list with dependencies. An option is also set there that allows you to check unknown files (determined by hash) in VirusTotal. If you turn it on, then after a while the result of the check will appear on the right. All objects that at least one antivirus swears at will be highlighted in red.
When you press
The test trojan does not look suspicious yet, and four antiviruses are already swearing at µTorrent
By right clicking on any process from the PE list, a context menu appears. It duplicates all the functions of the built-in task manager and adds a few new ones. In particular, with one click you can send the file corresponding to the suspicious process for analysis in VirusTotal, search for its description on the Internet, make a dump or suspend (suspend) execution. A paused process stops responding to any commands (including internal ones) and becomes easier to analyze. After you figured it out, you can send the “resume” command through Process Explorer. Of course, without urgent need, you should not do this with system processes and utilities that perform low-level operations. Flashing BIOS / UEFI, changing disk layout, partition alignment and other similar operations are best left uninterrupted.
Usually, the title of each window contains the name of the application that created it, but sometimes they remain unnamed. This is especially true for Trojans that mimic well-known programs or small dialog boxes with error codes. Process Explorer has a handy "find process by window" feature. It is enough to press this button on the top panel and, holding the left mouse button, move the cursor to the area of the strange window. The corresponding process will automatically be highlighted in the PE table.
Test Trojan suspended via Process Explorer
To take full advantage of Process Explorer, you will need to run it as an administrator and (in some cases) install Debugging Tools for Windows. They can be downloaded separately or downloaded as part of the Windows Driver Kit. The latest version of Process Explorer can be downloaded from the Microsoft website.
Unlocker
Without a doubt, Mark Russinovich is a real guru among the authors of system utilities for Windows, but his programs were created as universal tools. Sometimes it is worth using more highly specialized tools. Such as the creation of the French programmer Cedric Collomb. His tiny Unlocker utility can do only one thing: unlock a file system object occupied by some process in order to regain control over it. Although the latest version was released in 2013, the program still performs its functions better than all analogues. For example, it allows you to unload dynamic libraries from memory, delete the index.dat file, work with file names forbidden in Windows, and perform most actions without rebooting.
Some process is blocking the uninstallation of Safari
Unloker defines handles to running processes that are currently blocking access to the desired file or directory. This locking is required to avoid interference between applications in a multitasking environment. With the normal functioning of the OS and programs, it eliminates the accidental deletion of used files, but sometimes there are errors. As a result of one of them, the application may hang or remain in memory after the window is closed. The file system object can then remain locked long after it is no longer necessary.
Today, the list of active processes for an ordinary user starts from fifty, so you can search for zombies among them for a long time. Unlocker helps you immediately determine which process is blocking the modification or deletion of the selected file or directory. Even if it cannot figure it out due to Win32 API restrictions, it will offer to force the desired action: rename, move, or delete the object.
Unlocker did not find the reason for blocking, but can delete the recalcitrant file
Sometimes several programs can access the same directory at once, so several descriptors are defined among the processes blocking it at once. Unlocker has the ability to unblock all with one button.
Since version 1.9.0 64-bit versions of Windows are supported. The utility can be integrated into the Explorer context menu or run in graphical mode as a portable application. You can also install Unlocker Assistant. It will hang in the tray and automatically invoke Unlocker whenever the user tries to manipulate a locked file. Running with the `-h` option will print help about command line mode. The utility is available in forty languages, although there is nothing special to translate in it - everything is already intuitive.
AVZ
Looking at the list of features of the AVZ utility, I would like to call it analytical, not anti-virus. The tiny program of Oleg Zaitsev has a lot of irreplaceable functions that make the daily tasks of the administrator and the life of an advanced user easier. It will help you perform a system scan, restore misconfigured OS built-in components to their defaults, detect any changes since the last audit, find potential security issues, remove Trojans from SPI Winsock and restore Internet connectivity, detect strange program behavior and detect rootkits of the level kernels.
AVZ contains many system analysis tools
Known malware is best removed using other antivirus scanners. AVZ will come in handy to fight unknown evil, find holes through which it can leak, and eliminate the consequences of infection. In most cases, AVZ allows you to do without reinstalling the OS even after a severe virus attack.
You can use AVZ as a portable application, but the full functionality of the utility will only be revealed if you install AVZPM, its own kernel-mode driver. It monitors all modules, drivers, and active applications, making it easy to detect masquerading processes and any spoofing technologies.
AVZGuard is another kernel mode driver that can be activated from the AVZ menu. It restricts the access of active processes by suppressing anti-virus activity on the infected computer. This approach allows you to run any application (including another antivirus) from the AVZ window in protected mode.
One of the cunning anti-malware technologies is the method of blocking its files and recreating elements removed by the antivirus at the next OS boot. Manually, it is partially bypassed using Unlocker, but AVZ has its own technology - Boot Cleaner. This is another kernel-mode driver that enhances Windows' built-in delayed deletion on restart feature. It loads earlier, logs the results of its work, and can delete registry entries as well as files.
The AVZ antivirus scanner itself also has a lot of know-how. It is able to check alternative NTFS streams and speed up the check by excluding from it files identified as safe by the Microsoft catalog or its own database. All threats can be searched by certain types - for example, immediately exclude the HackTool category. There are separate modules for searching for keyloggers, ports opened by Trojan horses, and behavioral analysis. AVZ allows you to copy suspicious and deleted files to separate folders for their subsequent detailed study.
Creation of a detailed study protocol in AVZ
The requirement to send reports to AVZ and its System Research module has become standard practice in many forums of virologists, where they turn to for help in solving non-trivial problems.
Of course, an experienced administrator's first aid kit can include more than a dozen programs, but these four utilities will be enough to solve most of the tasks. The rest you can easily find in the collections at the links indicated in the article.
WARNING!
Using system utilities requires understanding the logic of their work and the structure of the OS itself. Read the help before making changes to the registry and interfering with active processes.
Subscribe to Hacker
A suitcase of tools is what distinguishes an experienced specialist from a beginner. And in matters related to the administration of Linux, such a suitcase is perhaps the most important thing.
sysadmin programs
In this article, we will not talk about things like Nagios, Puppet, Webmin, or sophisticated Apache log analyzers - you should know about all this anyway. Instead, we'll talk about small utilities that can make your life as a system administrator a lot easier.
tmux
Let's start with the basics of the basics. As we all know, the main Linux administration tool is the SSH client, either from the OpenSSH bundle or standalone like PuTTY or even an Android app. An SSH client allows you to open a remote command line session and work seamlessly with a machine that is thousands of miles away. The only problem is that this is one session and it does not remember the state.
Tmux solves the problem. This is a terminal multiplexer that allows you to open multiple terminals within a single SSH session with the ability to close the connection while saving state.
It works like this. You connect to a remote machine using SSH, then install tmux on it and run it. A tmux console appears on the screen with a status bar at the bottom and one currently running terminal. You can work with it just like you normally would, plus you have the ability to open new terminals with Ctrl+b c and switch between them with Ctrl+b 0..9 or Ctrl+b p (previous), Ctrl+b n (next ).
When you're done, press Ctrl+b d to disconnect from tmux and disconnect from the server. The next time you connect, you run the command
and see all previously opened terminals, applications running in them, command history, and so on. Everything is exactly the same as when disconnecting from tmux. Moreover, it doesn't matter what machine you logged in from the second time, the tmux session will be completely restored.
Tmuxinator
Allows not only to open terminal windows in full screen. He knows how to divide the screen vertically (Ctrl + b%) and horizontally (Ctrl + b "). This can also be used to create something like a "monitoring screen": for example, you can run tmux on a remote machine with three windows open, one of which will have an htop monitor, the other will have a tail utility that displays the latest messages from the desired log, and in another one - the df utility, which shows the fullness of file systems.
At first glance, such a monitor seems very convenient, but what if you need to close it and start tmux with normal full-screen windows, and then reopen the monitor? This can be done with several different tmux sessions. But this is also not ideal, because on another server you will have to configure the same windows configuration again.
Makes the problem easier. It allows you to describe the desired layout of windows and applications launched in them in the configuration file. This config can then be used to quickly start a tmux session anywhere at any time.
First, let's create a new config:
$ tmuxinator new NAME
Tmuxinator will open the default text editor defined in the EDITOR variable. At the end of the config there will be lines describing the window layout. To get the layout from the example above, remove them and add the following lines:
windows:
-editor:
layout: tiled
panes:
- sudo tail -f /var/log/vsftpd.log
- watch df -h
-htop
This config describes a tmux layout with a single window divided into three panes: latest vsftpd log messages, file system full, and htop. It remains only to start the session:
$ tmuxinator start NAME
System administrator tools. Tmuxinator
All configs are stored in the ~/.tmuxinator directory, so they are easy to move between machines.
watch
You may have noticed that in the tmuxinator config I used watch df -h instead of df -h. This is important, because immediately after the partition table is displayed on the screen, df exits, and we need to constantly monitor the disk status. This is exactly what the watch utility allows you to do. It reruns the df -h command every two seconds so the information on the screen is always up to date.
Watch can be used to monitor almost anything: the state of the machine (watch uptime), the contents of files (watch cat file) and directories (watch ls -l directory), you can run your own scripts under watch control. With the -n NUMBER option you can change the restart interval of the command, and with the -d flag you can make watch highlight changes in the output.
multitail
Another command from the tmuxinator config worth mentioning is sudo tail -f /var/log/vsftpd.log. This command prints the last ten lines of the vsftpd log and waits for new ones. Any admin should be familiar with tail, as well as its counterpart in systemd-based distributions:
$ journalctl -f -u vsftpd
This is the same basic knowledge as the ability to navigate through directories. But tail has a more interesting alternative called MultiTail. In fact, this is the same tail, but in a multi-window version. It allows you to display several logs at once, splitting the screen horizontally:
$ sudo multitail /var/log/vsftpd.log /var/log/nginx/access.log
With systemd and its journald, everything is again more complicated:
$ multitail -l "journalctl -f -u vsftpd" -l "journalctl -f -u nginx"
Even more difficult:
$ multitail -l "journalctl -f -u vsftpd | tr -cd "[:space:][:print:]"" -l "journalctl -f -u nginx | tr -cd "[:space:][:print :]" "
Such a perversion is needed to remove special characters from the logs that systemd uses to highlight lines.
System administrator tools. multitail MultiSSH
Let's get back to SSH. Sometimes the same command has to be executed on several machines. This can be done, among other things, using the standard features of the shell:
for host in 192.168.0.1 192.168.0.2; do
ssh $host "uname -a"
done
Or use a special tool, such as mssh:
$ gem install mssh
$ mssh --hostlist 127.0.0.1,127.0.0.2 "uname -a
Lsof
Another very important tool for any system administrator is lsof (LiSt Open Files). This utility allows you to find out which process / application has opened certain files. Run with no arguments, it lists all open files and processes. Flags can make this list more specific. For example, to find out which processes are using the files of a specified directory:
$ sudo lsof +D /var/log/
This feature can be very useful when trying to unmount a file system but getting a Device or Resource Busy error. In this case, it is enough to kill the processes that have opened files in the specified FS, and you can unmount it without any problems. By applying the -t flag, this can be done in one pass:
# kill -9 lsof -t +D /home
# mount /home
The output can also be filtered using the name of the desired application or user. For example, the following command will show all files opened by processes whose names start with ssh:
And this one will show all the files opened by the user vasya:
Lsof can also be used to list all network connections:
The listing can be limited to a specific port:
Or get a list of all open ports:
$ lsof -iTCP -sTCP:LISTEN
sysadmin tools. Lsof tcpdump
Any administrator has to solve the problems of network services. And sometimes in this case you can’t do without, which will clearly show how the data exchange proceeds and what can go wrong in this process. It is considered the standard among Linux sniffers, but the choice does not end there. Almost every Linux distribution comes with the tcpdump console sniffer by default, which can be used to quickly sort things out.
Run with no arguments, tcpdump without further ado starts listing to the console a list of all packets sent and received on all interfaces of the machine. With the -i option, you can select the desired interface:
$ sudo tcpdump -i wlp3s0
To limit the scope of tcpdump to only a specific machine and port, you can use the following construct:
$ sudo tcpdump -i wlp3s0 host 192.168.31.1 and port 53
You can also make tcpdump output not only information about packets, but also their contents:
$ sudo tcpdump -i wlp3s0 -X host 192.168.0.1 and port 80
If encryption is used, this does not make any sense, but using tcpdump you can analyze data transmitted using the HTTP and SMTP protocols.
Another interesting feature of tcpdump is filtering packets based on the content of specific bits or bytes in protocol headers. For this, the following format is used: proto, where proto is the protocol, expr is the offset in bytes from the beginning of the packet header, and size is an optional field indicating the length of the data in question (default is 1 byte). For example, to filter only packets with the SYN flag (TCP handshake initiation) set, you would use the following entry:
$ sudo tcpdump "tcp==2"
The tcpdump reporting format is a standard, almost all modern sniffers understand it. Therefore, tcpdump can be used to generate a dump on a remote machine, and then send it to the local one and analyze it using the same Wireshark:
$ ssh tcpdump -w - "port !22" | wireshark -k -i -
sysadmin tools. tcpdump ngrep
Tcpdump is good for its versatility and variety of possibilities, but it is not so easy and convenient to use it to search for specific data inside transmitted packets. This task is much better handled by ngrep, which is designed to display network packets that match a given mask.
For example, to find the parameters passed by the GET and POST methods within an HTTP session, you can use the following command:
$ sudo ngrep -l -q -d eth0 "^GET |^POST " tcp and port 80
And this is how you can analyze SMTP traffic on all network interfaces:
$ sudo ngrep -i "rcpt to|mail from" tcp port smtp
VnStat
There are a lot of traffic accounting and statistics accumulation systems. Often they are built right into the remote server management system and allow you to analyze costs using visual graphs. But if you're using the console and all you want is a quick interface statistic, then the best tool is vnStat.
VnStat is able to accumulate statistics on a continuous basis, saving data between reboots, and using it is as simple as shelling pears. First, install the package and start the vnstat service:
$ sudo systemctl start vnstat
$ sudo vnstat -u
From that moment it will start collecting statistics. To view it, just run the following command (replace wlp3s0 with the name of the desired network interface):
$ vnstat -i wlp3s0
Statistics can be specified, for example, display hourly statistics with a graph:
$ vnstat -h wlp3s0
Statistics by day or month:
$ vnstat -d wlp3s0
$ vnstat -m wlp3s0
Using the -t flag, you can get information about the ten days with the highest traffic consumption:
$ vnstat -t wlp3s0
To monitor the current activity on a network interface, vnStat can be run in live mode:
$ vnstat -l -i wlp3s0
In this case, it will show the data transfer rate at the current moment, and after completion of the work it will display statistics for the entire time of live monitoring.
System Administrator Utilities. VnStat iptraf-ng
Iptraf-ng is another handy network interface monitoring tool. Like vnStat, it allows you to get detailed statistics on the use of the channel, but the most useful feature is real-time traffic monitoring.
System Administrator Utilities. iptraf-ng Iptraf visually shows which hosts are currently communicating with, the number of transmitted packets and their volume, as well as flags and ICMP messages. To access this information, select the IP traffic monitor menu item on the main screen.
NetHogs
VnStat and iptraf are handy when it comes to getting data for the entire interface as a whole. But what if you need to know which specific applications are currently communicating with remote hosts?
The NetHogs utility will help with this. This is a kind of analogue of the top/htop utility for network monitoring. You install the utility, and then run it by specifying the desired network interface:
$ sudo nethogs wlp3s0
A list of applications that most frequently communicate with remote machines appears on the screen.
Iotop
Since we are talking about analogues of top, we cannot fail to mention iotop. This utility allows you to see which processes are performing disk read/write operations. It is better to run it with the --only flag, otherwise, in addition to those processes that are performing I / O at the moment, it will also show some of the other processes that can sleep:
$ sudo iotop --only
System Administrator Utilities. Iotop Nmon
It's time to put everything together. Nmon combines the capabilities of many of the utilities discussed and allows you to get real-time statistics on the use of the processor, memory, I / O, kernel work, and other data.
System Administrator Utilities. Nmon Nmon is a console application with a pseudo-graphical interface. It works like this: you run nmon as root, and then add the information you need to the screen. For example, to add information about the processor load to the screen, press c, RAM full - m, I / O - d, network - n, processes - t, file systems - j. This way you can create your own monitor configuration that will display only what you need.
One line
In this article, I tried to bypass the tools that you should already be familiar with. But if you still don’t know about them, here is a short list of what may come in handy:
- top/htop - process monitor, shows those who use the most CPU;
- scp - utility for copying files from and to a remote machine via SSH;
- Nmap - a port scanner that allows you to conduct a quick surface penetration test (we already had a detailed article about it);
- netcat is a network Swiss knife that allows you to manually connect to servers that work with plain text protocols: HTTP, SMTP;
- dd is a utility for block copying data, you can dump a file system from it;
- mc - console two-pane file manager.
Instead of a conclusion
Here it should be said once again that this is only the tip of the iceberg, that each admin has his own tools, be sure to add the flexibility of Linux, and so on and so forth. But this article only describes a set of good tools that will make your life easier.
Free programs for Windows administration. Software for system administrators.
PC Hunter - computer management (processes, registry, autostart...
A powerful, portable tool that gives you a detailed look at how your Windows operating system works. It is aimed at helping experts detect and remove malware, although any PC user can find useful information in it.
Windows Service Master - working with Windows services
Displays all services on the system, shows selected service information (including service name, display name, service status, startup type, account, description, binary), and allows you to stop/start or delete the selected service.
Process Monitor - analyze and optimize Windows startup,
Today I will tell you about a program with which you can analyze the activity of the registry and network file system, processes and threads, as well as enable logging of the operating system startup (logging, that is, enable the creation of a special file by the program, which will record the full progress of the system boot ) and subsequently identify the cause of the long system boot.
CMDTools - convenient management of network commands
Graphical shell for network commands ipconfig, ping, tracert, pathping, route, arp, netstat, nbtstat. You no longer need to keep these commands in your head, the program will remind you of further actions. The built-in scheduler allows you to create tasks in seconds to run console programs and regular Windows applications.
SysRestore - save system state
A free program for creating system snapshots to undo unwanted actions performed by the user or viruses. Using the application, you can save the state of the system and at any time return Windows to a previously saved state.
Restore Point Creator - Save/Restore Win...
The program allows you to easily create system restore points and, if necessary, restore to a working state if your system does not boot or any functions that cannot be returned have disappeared. Able to work on a schedule, create restore points on specified days and hours.
RollBack Rx Home - system snapshot or restore point W...
A free program, the purpose of which is to create system snapshots, which, if necessary, can be used to roll back and restore Windows, in case of incorrect shutdown of its work or in case of a virus infection. The free version has some functional limitations.
DiskSpaceControl - free disk space monitor
A simple program for monitoring free space on hard disk partitions and promptly notifying the user about it.
Informing the user about the results of the check in a pop-up window. Informing the user about the results of the check by E-mail.
Dism++ - Windows settings management and optimization
The program offers a fairly rich functionality that allows you to clean the system of debris, fine-tune the Windows system. Also, it copes with the removal of critical drivers, allows you to set a lot of parameters for fine-tuning the system, can disable or remove certain Windows components, and much more.
Right Click Enhancer - customize the Windows context menu
A program with which any user will have full control over the right mouse button. Allows you to delete unnecessary and add the menu items you need, shortcuts to programs, files and folders, your own submenus, edit the “Send” and “Create” menu items, as well as add other tasks and functions.