Essential Linux Ops Tools: Install & Use Nethogs, IOZone, IOTop, and More

1. Nethogs – Process Bandwidth Monitor

Nethogs is a terminal‑based network traffic monitor that displays the bandwidth consumed by each running process.

yum -y install libpcap-devel ncurses-devel
tar zxvf nethogs-0.8.0.tar.gz
cd nethogs
make && make install
nethogs eth0

2. IOZone – Disk I/O Performance Test

IOZone benchmarks file system read/write performance across different operating systems.

tar xvf iozone3_420.tar
cd iozone3_420/src/current
make linux
./iozone -a -n 512m -g 16g -i 0 -i 1 -i 5 -f /mnt/iozone -Rb ./iozone.xls

-a : automatic mode

-n : minimum file size (KB)

-g : maximum file size (KB)

-i : select test

-f : output file (deleted after run)

-R : generate Excel output

-b : write output to a file

3. IOTop – Real‑Time Disk I/O Monitor

IOTop displays live disk I/O statistics in a top‑like interface.

yum -y install iotop

4. IPtraf – Simple Network Traffic Analyzer

IPtraf provides a text‑based view of network traffic statistics.

yum -y install iptraf

5. IFTop – Real‑Time Network Bandwidth Monitor

IFTop is a top‑like tool that shows per‑interface traffic usage, more visual than iptraf.

tar zxvf iftop-0.17.tar.gz
cd iftop-0.17
./configure
make && make install
iftop -i eth0

6. HTop – Interactive Process Viewer

HTop is an enhanced, interactive process viewer that can replace the default top command.

yum -y install htop

7. NMON – System Resource Monitor

NMON is a widely used monitoring and analysis tool for AIX and Linux.

chmod +x nmon_x86_64_rhel6
mv nmon_x86_64_rhel6 /usr/sbin/nmon
nmon

8. MultiTail – Simultaneous Log Monitoring

MultiTail opens multiple windows in the console to monitor several log files at once, similar to the tail command.

yum -y install multitail
multitail -e "fail" /var/log/secure   # filter by keyword
multitail -l "ping baidu.com"        # monitor command output
multitail -i /var/log/messages -i /var/log/secure

9. Fail2ban – SSH Brute‑Force Protection

Fail2ban watches log files, matches patterns, and automatically adds firewall rules to block offending IPs.

cd fail2ban-0.8.11
python setup.py install
# edit /etc/fail2ban/jail.conf (example for ssh)
ignoreip = 127.0.0.1/8
bantime = 600
findtime = 600
maxretry = 3
backend = auto
[ssh-iptables]
enabled = true
filter = sshd
action = iptables[name=SSH, port=ssh, protocol=tcp]
logpath = /var/log/secure
maxretry = 5
service fail2ban start
chkconfig --add fail2ban
chkconfig fail2ban on

10. Tmux – Terminal Session Persistence

Tmux is a powerful terminal multiplexer that keeps sessions alive across SSH disconnections.

# install via third‑party YUM repo
rpm -ivh http://pkgs.repoforge.org/rpmforge-release/rpmforge-release-0.5.2-2.el6.rf.x86_64.rpm

11. Agedu – Disk Space Usage Viewer

Agedu visualizes disk space consumption in a console interface.

tar zxvf agedu-r9723.tar.gz
cd agedu-r9723
./configure
make && make install
agedu -s /          # scan filesystem
agedu -w --address 192.168.0.10:80   # view via web
agedu -w --address 192.168.0.108080 --auth none

12. NMap – Network Scanning Tool

NMap is a comprehensive network discovery and security auditing suite.

tar jxvf nmap-6.40.tar.bz2
cd nmap-6.40
./configure
make && make install
nmap 192.168.0.10               # basic scan
nmap -O 192.168.0.10            # OS detection
nmap -A 192.168.0.10            # aggressive scan
nmap 192.168.0.0/24             # scan whole subnet

-sS TCP SYN scan

-sV version detection

13. Httperf – Web Stress Testing

Httperf generates high‑volume HTTP traffic to evaluate web server performance and stability.

tar zxvf httperf-0.9.0.tar.gz
cd httperf-0.9.0
./configure
make && make install
httperf --hog --server=192.168.0.202 \
        --uri=/index.html \
        --num-conns=10000 \
        --wsess=10,10,0.1

Parameter explanation:

--hog : generate as many connections as possible

--num-conns : total number of connections (e.g., 10000)

--wsess : simulate user sessions (10 sessions, 10 requests each, 0.1 s interval)