Essential Linux Ops Tools: From Nethogs to Fail2ban with Installation Guides
This article presents a curated collection of practical Linux operation tools—including Nethogs, IOZone, IOTop, IPtraf, IFTop, HTop, NMON, MultiTail, Fail2ban, Tmux, Agedu, NMap, and Httperf—along with download links, installation commands, usage tips, and illustrative screenshots to help system administrators enhance monitoring, performance testing, and security.
This article introduces several useful Linux operation tools to assist system administrators.
1. View Process Bandwidth Usage – Nethogs
Nethogs is a terminal‑based network traffic monitor that shows bandwidth consumption per process.
Download: http://sourceforge.net/projects/nethogs/files/nethogs/0.8/nethogs-0.8.0.tar.gz/download
<ol><li><code>[root@localhost ~]# yum -y install libpcap-devel ncurses-devel</code></li><li><code>[root@localhost ~]# tar zxvf nethogs-0.8.0.tar.gz</code></li><li><code>[root@localhost ~]# cd nethogs</code></li><li><code>[root@localhost nethogs]# make && make install</code></li><li><code>[root@localhost nethogs]# nethogs eth0</code></li></ol>2. Disk Read Performance Test – IOZone
IOZone tests file system read/write performance across different operating systems.
Download: http://www.iozone.org/src/current/
<ol><li><code>[root@localhost current]# tar xvf iozone3_420.tar</code></li><li><code>[root@localhost ~]# cd iozone3_420/src/current/</code></li><li><code>[root@localhost current]# make linux</code></li><li><code>[root@localhost current]# ./iozone -a -n 512m -g 16g -i 0 -i 1 -i 5 -f /mnt/iozone -Rb ./iozone.xls</code></li></ol>-a use automatic mode
-n set minimum file size (KB)
-g set maximum file size (KB)
-i select test
-f specify test file (deleted after)
-R output Excel to stdout
-b output to a file
3. Real‑Time Disk IO Monitoring – IOTop
IOTop displays disk I/O usage similar to the top command.
<ol><li><code>[root@localhost ~]# yum -y install iotop</code></li></ol>4. Network Traffic Monitoring – IPtraf
IPtraf is a simple network analysis tool for Linux.
<ol><li><code>[root@localhost ~]# yum -y install iptraf</code></li></ol>5. Network Traffic Monitoring – IFTop
iftop is a real‑time traffic monitor similar to top, more visual than iptraf.
Download: http://www.ex-parrot.com/~pdw/iftop/
<ol><li><code>[root@localhost ~]# tar zxvf iftop-0.17.tar.gz</code></li><li><code>[root@localhost ~]# cd iftop-0.17</code></li><li><code>[root@localhost iftop-0.17]# ./configure</code></li><li><code>[root@localhost iftop-0.17]# make && make install</code></li><li><code>[root@localhost iftop-0.17]# iftop -i eth0</code></li></ol>TX: transmitted traffic
RX: received traffic
TOTAL: total traffic
Cumm: cumulative traffic since start
peak: traffic peak
rates: average over 2s, 10s, 40s
6. Real‑Time Process Monitoring – HTop
HTop is an interactive process viewer that can replace the default top command.
<ol><li><code>[root@localhost ~]# yum -y install htop</code></li></ol>7. System Resource Monitoring – NMON
NMON is a widely used monitoring and analysis tool for AIX and various Linux distributions.
Download: http://sourceforge.jp/projects/sfnet_nmon/releases/
<ol><li><code>[root@localhost ~]# chmod +x nmon_x86_64_rhel6</code></li><li><code>[root@localhost ~]# mv nmon_x86_64_rhel6 /usr/sbin/nmon</code></li><li><code>[root@localhost ~]# nmon</code></li></ol>8. Multi‑Log Monitoring – MultiTail
MultiTail opens multiple windows in the console to monitor several log files simultaneously, similar to the tail command.
<ol><li><code>[root@localhost ~]# yum -y install multitail</code></li><li><code>[root@localhost ~]# multitail -e "fail" /var/log/secure</code></li><li><code>[root@localhost ~]# multitail -l "ping baidu.com"</code></li><li><code>[root@localhost ~]# multitail -i /var/log/messages -i /var/log/secure</code></li></ol>9. SSH Brute‑Force Protection – Fail2ban
Fail2ban monitors system logs, matches error patterns, and blocks offending IPs via firewall rules.
Download: http://www.fail2ban.org/wiki/index.php/Downloads
<ol><li><code>[root@localhost ~]# cd fail2ban-0.8.11</code></li><li><code>[root@localhost fail2ban-0.8.11]# python setup.py install</code></li><li><code>[root@localhost fail2ban-0.8.11]# cd files/</code></li><li><code>[root@localhost files]# cp ./redhat-initd /etc/init.d/fail2ban</code></li><li><code>[root@localhost files]# service fail2ban start</code></li><li><code>[root@localhost files]# chkconfig --add fail2ban</code></li><li><code>[root@localhost files]# chkconfig fail2ban on</code></li></ol>Key configuration snippets:
ignoreip = 127.0.0.1/8
bantime = 600
findtime = 600
maxretry = 3
backend = auto
[ssh-iptables]
enabled = true
filter = sshd
action = iptables[name=SSH, port=ssh, protocol=tcp]
logpath = /var/log/sshd.log
maxretry = 510. Persistent Terminal Sessions – Tmux
Tmux is a powerful terminal multiplexer, more flexible and efficient than GNU Screen, ensuring SSH sessions stay alive.
11. Disk Space Visualization – Agedu
Download: http://www.chiark.greenend.org.uk/~sgtatham/agedu/
<ol><li><code>[root@localhost ~]# tar zxvf agedu-r9723.tar.gz</code></li><li><code>[root@localhost ~]# cd agedu-r9723</code></li><li><code>[root@localhost ~]# ./configure</code></li><li><code>[root@localhost ~]# make && make install</code></li><li><code>[root@localhost ~]# agedu -s /</code></li><li><code>[root@localhost ~]# agedu -w --address 192.168.0.10:80</code></li></ol>12. Security Scanning – NMap
NMap is a network scanning and sniffing toolkit for discovering open ports and services.
Download: http://nmap.org/download.html
<ol><li><code>[root@localhost ~]# tar jxvf nmap-6.40.tar.bz2</code></li><li><code>[root@localhost nmap-6.40]# ./configure</code></li><li><code>[root@localhost nmap-6.40]# make && make install</code></li><li><code>[root@localhost ~]# nmap 192.168.0.10</code></li><li><code>[root@localhost ~]# nmap -O 192.168.0.10</code></li><li><code>[root@localhost ~]# nmap -A 192.168.0.10</code></li><li><code>[root@localhost ~]# nmap 192.168.0.0/24</code></li></ol>-sS TCP SYN scan
-sV version detection
13. Web Stress Testing – Httperf
Httperf is more powerful than ab, capable of measuring maximum service capacity and identifying issues such as memory usage and stability.
Download: http://code.google.com/p/httperf/downloads/list
<ol><li><code>[root@localhost ~]# tar zxvf httperf-0.9.0.tar.gz</code></li><li><code>[root@localhost ~]# cd httperf-0.9.0</code></li><li><code>[root@localhost httperf-0.9.0]# ./configure</code></li><li><code>[root@localhost httperf-0.9.0]# make && make install</code></li><li><code>[root@localhost ~]# httperf --hog --server=192.168.0.202 --uri=/index.html --num-conns=10000 --wsess=10,10,0.1</code></li></ol>Parameter explanations:
--hog: generate as many connections as possible
--num-conns: total number of connections (e.g., 10000)
--wsess: simulate user sessions (first number = sessions, second = requests per session, third = interval in seconds)
Signed-in readers can open the original source through BestHub's protected redirect.
This article has been distilled and summarized from source material, then republished for learning and reference. If you believe it infringes your rights, please contactand we will review it promptly.
MaGe Linux Operations
Founded in 2009, MaGe Education is a top Chinese high‑end IT training brand. Its graduates earn 12K+ RMB salaries, and the school has trained tens of thousands of students. It offers high‑pay courses in Linux cloud operations, Python full‑stack, automation, data analysis, AI, and Go high‑concurrency architecture. Thanks to quality courses and a solid reputation, it has talent partnerships with numerous internet firms.
How this landed with the community
Was this worth your time?
0 Comments
Thoughtful readers leave field notes, pushback, and hard-won operational detail here.