13 Essential Linux Ops Tools Every Sysadmin Should Master
This guide introduces thirteen practical Linux operation tools—including Nethogs, IOZone, IOTop, IPtraf, IFTop, HTop, NMON, MultiTail, Fail2ban, Tmux, Agedu, NMap, and Httperf—detailing their purpose, installation commands, usage examples, and download sources to help administrators efficiently monitor and manage system resources.
1. View Process Bandwidth – Nethogs
Nethogs is a terminal‑based network traffic monitor that displays the bandwidth used by each process.
Download: http://sourceforge.net/projects/nethogs/files/nethogs/0.8/nethogs-0.8.0.tar.gz/download
[root@localhost ~]# yum -y install libpcap-devel ncurses-devel
[root@localhost ~]# tar zxvf nethogs-0.8.0.tar.gz
[root@localhost ~]# cd nethogs
[root@localhost nethogs]# make && make install
[root@localhost nethogs]# nethogs eth02. Disk Read Performance Test – IOZone
IOZone is a Linux filesystem performance testing tool that can benchmark read/write performance across different operating systems.
Download: http://www.iozone.org/src/current/
[root@localhost current]# tar xvf iozone3_420.tar
[root@localhost ~]# cd iozone3_420/src/current/
[root@localhost current]# make linux
[root@localhost current]# ./iozone -a -n 512m -g 16g -i 0 -i 1 -i 5 -f /mnt/iozone -Rb ./iozone.xls-a use full‑auto mode
-n set minimum file size (Kbytes) in auto mode
-g set maximum file size (Kbytes) in auto mode
-i select which test to run
-f specify the test file name (deleted after completion)
-R output results to Excel
-b write output to a specified file
3. Real‑Time Disk I/O Monitoring – IOTop
IOTop displays disk I/O usage in a top‑like interface.
[root@localhost ~]# yum -y install iotop4. Network Traffic Monitoring – IPtraf
IPtraf is a simple Linux network status analysis tool.
[root@localhost ~]# yum -y install iptraf5. Network Traffic Monitoring – IFTop
IFTop is a real‑time traffic monitor similar to top, but more visual than IPtraf.
Download: http://www.ex-parrot.com/~pdw/iftop/
[root@localhost ~]# tar zxvf iftop-0.17.tar.gz
[root@localhost ~]# cd iftop-0.17
[root@localhost iftop-0.17]# ./configure
[root@localhost iftop-0.17]# make && make install
[root@localhost iftop-0.17]# iftop
[root@localhost iftop-0.17]# iftop -i eth0 # specify interfaceTX – transmitted traffic
RX – received traffic
TOTAL – total traffic
Cumm – cumulative traffic since start
peak – traffic peak
rates – average traffic over 2s, 10s, 40s
6. Real‑Time Process Monitoring – HTop
HTop is an interactive process viewer for Linux that can replace the default top command.
rpm -ivh http://pkgs.repoforge.org/rpmforge-release/rpmforge-release-0.5.2-2.el6.rf.x86_64.rpm # install third‑party YUM repo
[root@localhost ~]# yum -y install htop7. System Resource Monitoring – NMON
NMON is a widely used monitoring and analysis tool for AIX and various Linux distributions.
Download: http://sourceforge.jp/projects/sfnet_nmon/releases/
[root@localhost ~]# chmod +x nmon_x86_64_rhel6
[root@localhost ~]# mv nmon_x86_64_rhel6 /usr/sbin/nmon
[root@localhost ~]# nmon8. Multi‑Log Monitoring – MultiTail
MultiTail opens multiple windows in the console to monitor several log files simultaneously, similar to the tail command.
rpm -ivh http://pkgs.repoforge.org/rpmforge-release/rpmforge-release-0.5.2-2.el6.rf.x86_64.rpm # install third‑party YUM repo
[root@localhost ~]# yum -y install multitail
[root@localhost ~]# multitail -e "fail" /var/log/secure # filter by keyword
[root@localhost ~]# multitail -l "ping baidu.com" # monitor command output
[root@localhost ~]# multitail -i /var/log/messages -i /var/log/secure # monitor multiple files9. SSH Brute‑Force Protection – Fail2ban
Fail2ban watches system logs, matches error patterns with regular expressions, and triggers firewall blocks to prevent brute‑force attacks.
Download: http://www.fail2ban.org/wiki/index.php/Downloads
[root@localhost ~]# cd fail2ban-0.8.11
[root@localhost fail2ban-0.8.11]# python setup.py install
[root@localhost fail2ban-0.8.11]# cd files/
[root@localhost files]# cp ./redhat-initd /etc/init.d/fail2ban
[root@localhost files]# service fail2ban start
[root@localhost files]# chkconfig --add fail2ban
[root@localhost files]# chkconfig fail2ban onNote: iptables must be configured; if iptables is restarted, fail2ban must be restarted because it relies on iptables to block attacks.
[root@localhost ~]# grep -v "^#" /etc/fail2ban/jail.conf | grep -v "^$"
[DEFAULT] ignoreip = 127.0.0.1/8
# ignore local IP
bantime = 600
findtime = 600
maxretry = 5
backend = auto
usedns = warn
[ssh-iptables]
enabled = true
filter = sshd
action = iptables[name=SSH, port=ssh, protocol=tcp]
logpath = /var/log/sshd.log10. Persistent Terminal Sessions – Tmux
Tmux is a powerful terminal multiplexer, more flexible and efficient than GNU Screen, ensuring that SSH disconnections do not interrupt running tasks.
rpm -ivh http://pkgs.repoforge.org/rpmforge-release/rpmforge-release-0.5.2-2.el6.rf.x86_64.rpm # install third‑party YUM repo11. Disk Space Visualization – Agedu
Agedu scans directories and presents disk usage in a visual, web‑based interface.
Download: http://www.chiark.greenend.org.uk/~sgtatham/agedu/
[root@localhost ~]# tar zxvf agedu-r9723.tar.gz
[root@localhost ~]# cd agedu-r9723
[root@localhost ~]# ./configure
[root@localhost ~]# make && make install
[root@localhost ~]# agedu -s /# # scan root filesystem
[root@localhost ~]# agedu -w --address 192.168.0.10:80 # view via web
[root@localhost ~]# agedu -w --address 192.168.0.108080 --auth none # disable auth12. Security Scanning – NMap
NMap is a network scanning and sniffing toolkit for Linux, used to discover open ports and services on remote hosts.
Download: http://nmap.org/download.html
[root@localhost ~]# tar jxvf nmap-6.40.tar.bz2
[root@localhost nmap-6.40]# ./configure
[root@localhost nmap-6.40]# make && make install
[root@localhost ~]# nmap 192.168.0.10 # basic info
[root@localhost ~]# nmap -O 192.168.0.10 # OS detection
[root@localhost ~]# nmap -A 192.168.0.10 # aggressive scan
[root@localhost ~]# nmap 192.168.0.0/24 # scan entire subnet
# -sS TCP SYN scan
# -sV service version detection13. Web Stress Testing – Httperf
Httperf is a powerful web performance testing tool that can determine the maximum load a web service can handle and uncover issues such as memory usage and stability; it supports scripted request patterns to simulate real traffic.
Download: http://code.google.com/p/httperf/downloads/list
[root@localhost ~]# tar zxvf httperf-0.9.0.tar.gz
[root@localhost ~]# cd httperf-0.9.0
[root@localhost httperf-0.9.0]# ./configure
[root@localhost httperf-0.9.0]# make && make install
[root@localhost ~]# httperf --hog --server=192.168.0.202 --uri=/index.html --num-conns=10000 --wsess=10,10,0.1Parameter explanation:
--hog: generate as many connections as possible
--num-conns: total number of connections (e.g., 10000)
--wsess: simulate user sessions; first number = sessions, second = requests per session, third = interval (seconds) between requests
Original source: http://suo.im/6wYSYy – Author: 对World说Hello
Signed-in readers can open the original source through BestHub's protected redirect.
This article has been distilled and summarized from source material, then republished for learning and reference. If you believe it infringes your rights, please contactand we will review it promptly.
MaGe Linux Operations
Founded in 2009, MaGe Education is a top Chinese high‑end IT training brand. Its graduates earn 12K+ RMB salaries, and the school has trained tens of thousands of students. It offers high‑pay courses in Linux cloud operations, Python full‑stack, automation, data analysis, AI, and Go high‑concurrency architecture. Thanks to quality courses and a solid reputation, it has talent partnerships with numerous internet firms.
How this landed with the community
Was this worth your time?
0 Comments
Thoughtful readers leave field notes, pushback, and hard-won operational detail here.