Essential Linux Ops Tools: Monitoring, Performance, and Security Utilities

1. Nethogs – Process Bandwidth Monitoring

Nethogs is a terminal‑based network traffic monitor that shows bandwidth usage per process.

[root@localhost ~]# yum -y install libpcap-devel ncurses-devel
[root@localhost ~]# tar zxvf nethogs-0.8.0.tar.gz
[root@localhost ~]# cd nethogs
[root@localhost nethogs]# make && make install
[root@localhost nethogs]# nethogs eth0

2. IOZone – Filesystem Performance Testing

IOZone tests read/write performance of file systems across different operating systems.

[root@localhost current]# tar xvf iozone3_420.tar
[root@localhost ~]# cd iozone3_420/src/current/
[root@localhost current]# make linux
[root@localhost current]# ./iozone -a -n 512m -g 16g -i 0 -i 1 -i 5 -f /mnt/iozone -Rb ./iozone.xls

-a enables automatic mode -n sets the minimum file size (KB) for auto mode -g sets the maximum file size (KB) for auto mode -i selects which test to run -f names the test file (deleted after run) -R outputs results in Excel format -b writes output to a specified file

3. IOTop – Real‑Time Disk I/O Monitoring

IOTop displays per‑process disk I/O similar to the top command.

[root@localhost ~]# yum -y install iotop

4. IPtraf – Simple Network Traffic Analyzer

IPtraf provides a straightforward view of network statistics on Linux.

[root@localhost ~]# yum -y install iptraf

5. iftop – Real‑Time Network Bandwidth Monitor

iftop shows live traffic per connection, offering a more visual alternative to IPtraf.

[root@localhost ~]# tar zxvf iftop-0.17.tar.gz
[root@localhost ~]# cd iftop-0.17
[root@localhost iftop-0.17]# ./configure
[root@localhost iftop-0.17]# make && make install
[root@localhost iftop-0.17]# iftop -i eth0

TX – transmitted traffic

RX – received traffic

TOTAL – total traffic

Cumm – cumulative traffic since start

peak – traffic peak

rates – average over 2s, 10s, 40s intervals

6. HTop – Interactive Process Viewer

HTop is an enhanced, interactive process viewer that can replace the default top command.

[root@localhost ~]# yum -y install htop

7. NMON – System Resource Monitoring

NMON (Nigel's performance Monitor) is widely used on AIX and Linux for performance analysis.

[root@localhost ~]# chmod +x nmon_x86_64_rhel6
[root@localhost ~]# mv nmon_x86_64_rhel6 /usr/sbin/nmon
[root@localhost ~]# nmon

8. MultiTail – Simultaneous Log Monitoring

MultiTail opens multiple windows in the console to monitor several log files at once, similar to the tail command.

[root@localhost ~]# yum -y install multitail
[root@localhost ~]# multitail -e "fail" /var/log/secure   # filter by keyword
[root@localhost ~]# multitail -l "ping baidu.com"          # monitor command output
[root@localhost ~]# multitail -i /var/log/messages -i /var/log/secure

9. Fail2ban – SSH Brute‑Force Protection

Fail2ban watches system logs, matches patterns, and automatically adds firewall rules to block offending IPs.

[root@localhost ~]# cd fail2ban-0.8.11
[root@localhost fail2ban-0.8.11]# python setup.py install
[root@localhost fail2ban-0.8.11]# cp ./redhat-initd /etc/init.d/fail2ban
[root@localhost ~]# service fail2ban start
[root@localhost ~]# chkconfig --add fail2ban
[root@localhost ~]# chkconfig fail2ban on
# Example configuration snippet
ignoreip = 127.0.0.1/8
bantime = 600
findtime = 600
maxretry = 3
backend = auto
[ssh-iptables]
enabled = true
filter = sshd
action = iptables[name=SSH, port=ssh, protocol=tcp]
logpath = /var/log/sshd.log
maxretry = 5

[root@localhost ~]# touch /var/log/sshd.log
[root@localhost ~]# service fail2ban restart
[root@localhost ~]# fail2ban-client status
[root@localhost ~]# iptables -L

10. Tmux – Terminal Multiplexer

Tmux allows multiple terminal sessions to be managed within a single window, preserving long‑running tasks across SSH disconnections.

# Install third‑party YUM repo then:
# yum -y install tmux

11. Agedu – Disk Space Usage Visualization

Agedu scans directories and presents disk usage in a navigable graphical interface.

[root@localhost ~]# tar zxvf agedu-r9723.tar.gz
[root@localhost ~]# cd agedu-r9723
[root@localhost ~]# ./configure
[root@localhost ~]# make && make install
[root@localhost ~]# agedu -s /
[root@localhost ~]# agedu -w --address 192.168.0.10:80

12. NMap – Network Scanning and Enumeration

NMap is a powerful network discovery and security auditing tool.

[root@localhost ~]# tar jxvf nmap-6.40.tar.bz2
[root@localhost nmap-6.40]# ./configure
[root@localhost nmap-6.40]# make && make install
[root@localhost ~]# nmap 192.168.0.10            # basic scan
[root@localhost ~]# nmap -O 192.168.0.10       # OS detection
[root@localhost ~]# nmap -A 192.168.0.10       # aggressive scan
[root@localhost ~]# nmap 192.168.0.0/24       # scan entire subnet

-sS TCP SYN scan

-sV service/version detection

13. Httperf – Web Server Stress Testing

Httperf generates high‑volume HTTP traffic to evaluate web server capacity and stability, offering more control than the classic ab tool.

[root@localhost ~]# tar zxvf httperf-0.9.0.tar.gz
[root@localhost ~]# cd httperf-0.9.0
[root@localhost httperf-0.9.0]# ./configure
[root@localhost httperf-0.9.0]# make && make install
[root@localhost ~]# httperf --hog --server=192.168.0.202 --uri=/index.html --num-conns=10000 --wsess=10,10,0.1

--hog: generate as many connections as possible

--num-conns: total number of connections (e.g., 10000)

--wsess: simulate web sessions (10 sessions, 10 requests each, 0.1 s interval)