6. networking - mishraxharshit/harshitxmishra.github.io GitHub Wiki
Phase 6 — Networking
Previous: [Phase 5 — Processes and Services](Phase-5-Processes-and-Services) | Next: [Phase 7 — Storage and Filesystems](Phase-7-Storage-and-Filesystems)
6.1 Network Interfaces and IP Addresses
# Show all network interfaces and their IP addresses
ip addr show
ip a # shorthand
# Output for a typical machine:
# 1: lo: <LOOPBACK,UP> mtu 65536
# link/loopback 00:00:00:00:00:00
# inet 127.0.0.1/8 scope host lo
# 2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500
# link/ether 52:54:00:ab:cd:ef
# inet 192.168.1.50/24 brd 192.168.1.255 scope global eth0
# lo = loopback interface (127.0.0.1, connects the machine to itself)
# eth0 = first ethernet interface
# /24 = subnet mask (means first 24 bits are network, last 8 are host)
# Show routing table (how packets leave the machine)
ip route show
# default via 192.168.1.1 dev eth0 proto dhcp
# 192.168.1.0/24 dev eth0 proto kernel scope link
# Configure a static IP (temporary, lost on reboot)
sudo ip addr add 192.168.1.100/24 dev eth0
sudo ip route add default via 192.168.1.1
# For permanent configuration, use your distro's network manager
# Ubuntu: edit /etc/netplan/*.yaml or use NetworkManager
6.2 Testing Connectivity
# ping: test if a host is reachable (uses ICMP)
ping google.com
ping -c 4 8.8.8.8 # send exactly 4 packets then stop
ping -i 0.2 192.168.1.1 # send faster (every 0.2 seconds)
# traceroute: show the path packets take
traceroute google.com
tracepath google.com # similar, no root required
# DNS lookups
host google.com # simple DNS lookup
nslookup google.com # interactive DNS lookup
dig google.com # detailed DNS information
dig google.com MX # look up mail server records
dig @8.8.8.8 google.com # query a specific DNS server
# Test if a port is open on a remote host
nc -zv 192.168.1.100 80 # test if port 80 is open
nc -zv 192.168.1.100 22 # test if SSH port is open
telnet 192.168.1.100 25 # older way to test port connectivity
# curl: make HTTP requests, test web servers
curl http://example.com
curl -I http://example.com # headers only
curl -v https://api.example.com # verbose: show full request and response
curl -o output.html http://example.com # save response to file
curl -X POST -d "data=value" http://api.example.com
6.3 Ports and Active Connections
# ss: socket statistics (modern replacement for netstat)
ss -tlnp # TCP listening ports with process names
# -t TCP, -l listening, -n numeric (no DNS lookup), -p show process
# Output example:
# Netid State Recv-Q Send-Q Local Address:Port Process
# tcp LISTEN 0 128 0.0.0.0:22 users:(("sshd",pid=1234))
# tcp LISTEN 0 511 0.0.0.0:80 users:(("nginx",pid=5678))
ss -tlnp | grep :80 # which process is using port 80?
ss -tnp # all established TCP connections
# lsof: list open files (including network connections)
sudo lsof -i :80 # what is using port 80?
sudo lsof -i :22 # what is using port 22?
sudo lsof -i -P # all network connections, numeric ports
6.4 SSH — Secure Shell
SSH encrypts all communication between client and server.
# Basic connection
ssh [email protected]
ssh [email protected]
ssh -p 2222 [email protected] # non-standard port
# Run a single command without interactive shell
ssh [email protected] "df -h"
ssh [email protected] "ps aux | grep nginx"
# Copy files securely
scp notes.txt [email protected]:/home/alice/ # copy to server
scp [email protected]:/var/log/app.log /tmp/ # copy from server
scp -r projects/ [email protected]:/home/alice/ # copy directory
# rsync: efficient sync (only transfers changed data)
rsync -avz projects/ [email protected]:/home/alice/projects/
# -a archive (preserves permissions, timestamps), -v verbose, -z compress
# SSH tunnelling: forward a remote port to your local machine
ssh -L 8080:localhost:80 [email protected]
# Now http://localhost:8080 on your machine connects to port 80 on the server
# Useful for accessing services behind firewalls
# SSH config file: save connection shortcuts
nano ~/.ssh/config
Host myserver
HostName 192.168.1.100
User alice
Port 22
IdentityFile ~/.ssh/id_ed25519
Host work
HostName work.example.com
User alice
ProxyJump bastion.example.com
# After saving the config file, connect with just:
ssh myserver
ssh work
6.5 Firewall with ufw
ufw (Uncomplicated Firewall) is a front-end for iptables on Ubuntu.
# Check status
sudo ufw status verbose
# Enable the firewall (make sure to allow SSH first!)
sudo ufw allow ssh # allow SSH before enabling
sudo ufw enable
# Allow specific services
sudo ufw allow http # port 80
sudo ufw allow https # port 443
sudo ufw allow 8080/tcp # custom port
sudo ufw allow from 192.168.1.0/24 # allow all from local network
# Deny specific ports
sudo ufw deny 23 # block telnet
# Delete a rule
sudo ufw delete allow http
sudo ufw delete allow 8080/tcp
# Reset all rules
sudo ufw reset
Phase 6 Exercises
Exercise 1: Use ip addr show to find your machine's IP address and subnet mask. Use ip route show to find your default gateway.
Exercise 2: Use ping -c 4 to test connectivity to 8.8.8.8 and google.com. What does the difference in round-trip time tell you?
Exercise 3: Use ss -tlnp to list all listening TCP ports. Identify at least three services and what they do.
Exercise 4: Use dig google.com and note the IP addresses returned. Use dig google.com MX to find the mail servers for google.com.
Previous: [Phase 5 — Processes and Services](Phase-5-Processes-and-Services) | Next: [Phase 7 — Storage and Filesystems](Phase-7-Storage-and-Filesystems)