Essential Linux Ops Tools: Nethogs, IOZone, IOTop, Fail2ban and More

This article presents a curated list of Linux operation tools that are valuable for system administrators.

1. Nethogs – Process‑level bandwidth monitoring

Nethogs displays real‑time network usage per process. Install dependencies and the tool:

# yum -y install libpcap-devel ncurses-devel
# tar zxvf nethogs-0.8.0.tar.gz
# cd nethogs
# make && make install
# nethogs eth0

2. IOZone – Filesystem read/write performance testing

IOZone evaluates file I/O performance across different operating systems. Installation steps:

# tar xvf iozone3_420.tar
# cd iozone3_420/src/current/
# make linux
# ./iozone -a -n 512m -g 16g -i 0 -i 1 -i 5 -f /mnt/iozone -Rb ./iozone.xls

Key options:

-a: automatic mode

-n: minimum file size (KB)

-g: maximum file size (KB)

-i: select test type

-f: output file (deleted after run)

-R: generate Excel report

-b: write output to a file

3. IOTop – Real‑time disk I/O monitoring

Install and run:

# yum -y install iotop
# iotop

4. IPtraf – Simple network traffic analysis

Install and launch:

# yum -y install iptraf
# iptraf

5. IFTop – Interactive network bandwidth monitor (more visual than IPtraf)

Installation and usage:

# tar zxvf iftop-0.17.tar.gz
# cd iftop-0.17
# ./configure
# make && make install
# iftop -i eth0

Typical columns: TX (sent), RX (received), TOTAL, Cumm (cumulative), peak, rates (2 s/10 s/40 s averages).

6. HTop – Enhanced interactive process viewer

Install via YUM:

# yum -y install htop

7. NMON – Comprehensive system resource monitor (AIX/Linux)

Download, make executable and run:

# chmod +x nmon_x86_64_rhel6
# mv nmon_x86_64_rhel6 /usr/sbin/nmon
# nmon

8. MultiTail – Simultaneous monitoring of multiple log files

Install and use examples:

# yum -y install multitail
# multitail -e "fail" /var/log/secure
# multitail -l "ping baidu.com"
# multitail -i /var/log/messages -i /var/log/secure

9. Fail2ban – SSH brute‑force protection

Fail2ban watches log files and bans offending IPs via iptables. Basic installation and configuration:

# cd fail2ban-0.8.11
# python setup.py install
# cp ./redhat-initd /etc/init.d/fail2ban
# service fail2ban start
# chkconfig --add fail2ban
# chkconfig fail2ban on
# echo "ignoreip = 127.0.0.1/8" >> /etc/fail2ban/jail.conf
# echo "bantime = 600" >> /etc/fail2ban/jail.conf
# echo "findtime = 600" >> /etc/fail2ban/jail.conf
# echo "maxretry = 3" >> /etc/fail2ban/jail.conf
# echo "enabled = true" >> /etc/fail2ban/jail.conf
# touch /var/log/sshd.log
# service fail2ban restart
# fail2ban-client status

Ensure iptables is active because Fail2ban manipulates its rules.

10. Tmux – Terminal multiplexing for persistent sessions

Install and start:

# yum -y install tmux
# tmux

11. Agedu – Disk‑space usage visualization

Installation and usage:

# tar zxvf agedu-r9723.tar.gz
# cd agedu-r9723
# ./configure
# make && make install
# agedu -s /   # scan filesystem
# agedu -w --address 192.168.0.10:80   # view via web

12. NMap – Network discovery and security scanning

Install and common scans:

# tar jxvf nmap-6.40.tar.bz2
# ./configure
# make && make install
# nmap 192.168.0.10               # basic host scan
# nmap -O 192.168.0.10            # OS detection
# nmap -A 192.168.0.10            # aggressive scan (versions, scripts)
# nmap 192.168.0.0/24             # scan entire subnet

Typical options: -sS (TCP SYN scan), -sV (service version detection).

Overall, the guide equips Linux administrators with command‑line tools for monitoring processes, network traffic, disk I/O, log files, and security, along with concrete installation commands and usage examples.