Essential Linux Ops Tools: Monitoring, Performance, and Security Utilities

Nethogs – Process Bandwidth Monitoring

Nethogs is a terminal‑based network traffic monitor that displays bandwidth usage per process.

yum -y install libpcap-devel ncurses-devel
tar zxvf nethogs-0.8.0.tar.gz
cd nethogs
make && make install
nethogs eth0

IOZone – Disk Read/Write Performance Testing

IOZone is a Linux file‑system benchmark tool that measures read/write performance across different file sizes.

tar xvf iozone3_420.tar
cd iozone3_420/src/current/
make linux
./iozone -a -n 512m -g 16g -i 0 -i 1 -i 5 -f /mnt/iozone.xls

-a Run in full‑automatic mode

-n Set minimum file size (KB) for auto mode

-g Set maximum file size (KB) for auto mode

-i Select which test to run

-f Specify output file (deleted after completion)

-R Generate Excel output

-b Write output to a file

IOTop – Real‑Time Disk I/O Monitoring

IOTop displays real‑time disk I/O similar to the top command.

yum -y install iotop

IPtraf – Simple Network Traffic Analyzer

IPtraf provides a straightforward view of network statistics.

yum -y install iptraf

IFTop – Real‑Time Network Bandwidth Monitor

IFTop is a top‑like tool for monitoring network traffic, more visual than IPtraf.

tar zxvf iftop-0.17.tar.gz
cd iftop-0.17
./configure
make && make install
iftop -i eth0

TX – Transmit traffic

RX – Receive traffic

TOTAL – Total traffic

Cumm – Cumulative traffic since start

peak – Peak traffic

rates – Average traffic over 2s, 10s, 40s intervals

HTop – Interactive Process Viewer

HTop is an enhanced, interactive process viewer that can replace the default top command.

yum -y install htop

NMON – System Resource Monitoring

NMON is a widely used monitoring and analysis tool for AIX and Linux.

chmod +x nmon_x86_64_rhel6
mv nmon_x86_64_rhel6 /usr/sbin/nmon
nmon

MultiTail – Simultaneous Log Monitoring

MultiTail opens multiple windows in the console to monitor several log files at once, similar to the tail command.

yum -y install multitail
multitail -e "fail"/var/log/secure
multitail -l "ping baidu.com"
multitail -i /var/log/messages -i /var/log/secure

Fail2ban – SSH Brute‑Force Protection

Fail2ban monitors system logs, matches patterns, and blocks offending IPs via iptables.

cd fail2ban-0.8.11
python setup.py install
cp ./redhat-initd /etc/init.d/fail2ban
service fail2ban start
chkconfig --add fail2ban
chkconfig fail2ban on

Key configuration parameters (in jail.conf) include ignoreip, bantime, findtime, maxretry, and service‑specific sections such as [ssh-iptables] with enabled = true and action = iptables[name=SSH, port=ssh, protocol=tcp].

Tmux – Persistent Terminal Sessions

Tmux is a powerful terminal multiplexer that allows sessions to survive SSH disconnections.

yum -y install tmux

Agedu – Disk Space Visualization

Agedu provides a console‑based view of disk space usage.

tar zxvf agedu-r9723.tar.gz
cd agedu-r9723
./configure
make && make install
agedu -s /
agedu -w --address 192.168.0.10:80

NMap – Network Scanning and Discovery

NMap is a versatile network scanner for discovering hosts and services.

tar jxvf nmap-6.40.tar.bz2
cd nmap-6.40
./configure
make && make install
nmap 192.168.0.10
nmap -O 192.168.0.10
nmap -A 192.168.0.10
nmap 192.168.0.0/24

-sS TCP SYN scan

-sV Service/version detection

Httperf – Web Server Stress Testing

Httperf is a more powerful alternative to ab, capable of generating realistic load patterns.

tar zxvf httperf-0.9.0.tar.gz
cd httperf-0.9.0
./configure
make && make install
httperf --hog --server=192.168.0.202 --uri=/index.html \
       --num-conns=10000 --wsess=10,10,0.1

Parameters: --hog maximizes connection creation, --num-conns sets total connections, and --wsess defines session behavior (sessions, requests per session, think time).