Show the ethernet status<\/p>\n
Force 100Mbit Full duplex<\/p>\n Disable auto negotiation<\/p>\n Blink the ethernet led<\/p>\n Display all interfaces (similar to ifconfig)<\/p>\n Bring device up (or down). Same as “ifconfig eth0 up”<\/p>\n Display all IP addresses (similar to ifconfig)<\/p>\n Similar to arp -a<\/p>\n Ping on ethernet layer<\/p>\n uses tcp instead of icmp to trace throught firewalls (install via sudo apt-get install tcptraceroute)<\/p>\n The netstat command is very versatile and can provide a limited report when used with the -i switch. This is useful for systems where mii-tool or ethtool are not available. #results<\/p>\n Kernel Interface table An easy way to tell if a remote server is listening on a specific TCP port is to use the telnet command. By default, telnet will try to connect on TCP port 23, but you can specify other TCP ports by typing them in after the target IP address. HTTP uses TCP port 80, HTTPS uses port 443.<\/p>\n Here is an example of testing server 192.168.1.102 on the TCP port 22 reserved for SSH: curl: A good start is to use the curl command with the -I flag to view just the Web page’s header and HTTP status code. By not using the -I command you will see all the Web page’s HTML code displayed on the screen. Either method can provide a good idea of your server’s performance. wget: By not using recursion, and activating the timestamping feature (the -N switch), you view not only the HTML content of the Web site’s index page in your local directory, but also the download speed, file size and precise start and stop times for the download. This can be very helpful in providing a simple way to obtain snapshots of your server’s performance. [ < => ] 122,150 279.36K\/s<\/p>\n 23:07:22 (279.36 KB\/s) - `index.html' saved [122150] nmap:<\/p>\n You can use nmap to determine all the TCP\/IP ports on which a remote server is listening. It isn’t usually an important tool in the home environment, but it can be used in a corporate environment to detect vulnerabilities in your network, such as servers running unauthorized network applications. It is a favorite tool of malicious surfers and therefore should be used to test external as well as internal servers under your control.<\/p>\n Whenever you are in doubt, you can get a list of available nmap options by just entering the command without arguments at the command prompt. <\/p>\n -P0 \t Nmap first attempts to ping a host before scanning it. If the server is being protected from ping queries, then you can use this option to force it to scan anyway. Starting nmap V. 3.00 ( www.insecure.org\/nmap\/ ) Nmap run completed -- 1 IP address (1 host up) scanned in 8 seconds netcat: The netcat server can be easily created with the -l switch that signifies the program should listen, and not talk. The desired TCP port then follows. In this case the server is listening on TCP port 7777. The netcat client only needs to specify the server’s IP address followed by server’s the TCP listener port. Any text typed to the console screen of the client; will also be visible on the server’s console. If you want to transfer a file, you only need to use some simple command line redirection. In this case, the server will output all data it receives on port 7777 to a file called FC-6-i386-disc1.iso, and the client pipes the output of the cat command to the netcat client that points to our server. All Linux systems have a black hole file named \/dev\/null which automatically discards any data written to it. If you want to test file transfers without filling your disk storage, or having the server’s disk I\/O be a bottleneck, then use this as your output file instead. All Linux systems also have a have a continuous random data source located at \/dev\/random. Instead of using a file in your tests, you can use this instead for a data stream or infinite duration. Listening on open ports: IP Forward for routing<\/p>\n Check and then enable IP forward with:<\/p>\n Check IP forward 0=off, 1=on NAT Network Address Translation<\/p>\n to activate NAT Port forward 20022 to internal IP port ssh iptables -t nat -A PREROUTING -p tcp -d 78.31.70.238 --dport 993:995 -j DNAT --to 192.168.16.254:993-995 NOTE: You can delete a port forward with -D instead of -A.<\/p>\n DNS<\/p>\n On *nix the DNS entries are valid for all interfaces and are stored in \/etc\/resolv.conf. Check the system domain name with:<\/p>\n Same as dnsdomainname Forward queries<\/p>\n Dig is used to test the DNS settings. The router 192.168.1.254 answered and the response is the A entry. To test the local server The program host is also quite powerful.<\/p>\n Get the mail MX entry Reverse queries<\/p>\n Find the name belonging to an IP address (in-addr.arpa.). This can be done with dig, host and nslookup:<\/p>\n Single hosts can be configured in the file \/etc\/hosts instead of running named locally 64.233.187.99 google.com google<\/p>\n DHCP<\/p>\n The default ubuntu dhcp client is dhclient, however, i like dhcpcd a lot better, The lease with the full information is stored in: For dhclient:<\/p>\n The lease with the full information is stored in: Use interface \"eth0\" { Traffic analysis<\/p>\n Bmon http:\/\/people.suug.ch\/~tgr\/bmon\/ is a small console bandwidth monitor and can display the Sniff with tcpdump (tcpdump comes with ubuntu)<\/p>\n Buffered output Show the ethernet status ethtool eth0 Force 100Mbit Full duplex ethtool -s eth0 speed 100 duplex full Disable auto negotiation ethtool -s eth0 autoneg off Blink the ethernet led ethtool -p eth0 Display all interfaces (similar to ifconfig) ip link show Bring device up (or down). Same as “ifconfig eth0 up” ip link set eth0… <\/p>\n
\nethtool eth0
\n<\/code><\/p>\n
\nethtool -s eth0 speed 100 duplex full
\n<\/code><\/p>\n
\nethtool -s eth0 autoneg off
\n<\/code><\/p>\n
\nethtool -p eth0
\n<\/code><\/p>\n
\nip link show
\n<\/code><\/p>\n
\nip link set eth0 up
\n<\/code><\/p>\n
\nip addr show
\n<\/code><\/p>\n
\nip neigh show
\n<\/code><\/p>\n
\narping 192.168.16.254
\n<\/code><\/p>\n
\ntcptraceroute -f 5 cb.vu
\n<\/code><\/p>\n
\n
\nnetstat -i<\/p>\n
\nIface MTU Met RX-OK RX-ERR RX-DRP RX-OVR TX-OK TX-ERR TX-DRP TX-OVR Flg
\nlo 16436 0 451490 0 0 0 451490 0 0 0 LRU
\nvenet0 1500 0 154868 0 0 0 127296 0 0 0 BOPRU
\nvenet0:0 1500 0 - no statistics available - BOPRU
\nvenet0:1 1500 0 - no statistics available - BOPRU
\nvenet0:2 1500 0 - no statistics available - BOPRU
\nvenet0:3 1500 0 - no statistics available - BOPRU
\n<\/code><\/p>\n
\n
\ntelnet 192.168.1.102 22
\nTrying 192.168.1.102...
\nConnected to 192.168.1.102.
\nEscape character is '^]'.
\n<\/code><\/p>\n
\nThe curl utility acts like a text based Web browser in which you can select to see either the header or complete body of a Web page’s HTML code displayed on your screen.<\/p>\n
\n
\ncurl -I www.linuxhomenetworking.com
\n HTTP\/1.1 200 OK
\n Date: Tue, 19 Oct 2004 05:11:22 GMT
\n Server: Apache\/2.0.51 (Fedora)
\n Accept-Ranges: bytes
\n Vary: Accept-Encoding,User-Agent
\n Connection: close
\n Content-Type: text\/html; charset=UTF-8
\n<\/code><\/p>\n
\nYou can use wget to recursively download a Web site’s Web pages, including the entire directory structure of the Web site, to a local directory.<\/p>\n
\n
\nwget -N www.linuxhomenetworking.com
\n --23:07:22-- http:\/\/www.linuxhomenetworking.com\/
\n => `index.html'
\n Resolving www.linuxhomenetworking.com... done.
\n Connecting to www.linuxhomenetworking.com[65.115.71.34]:80... connected.
\n HTTP request sent, awaiting response... 200 OK
\n Length: unspecified [text\/html]
\n Last-modified header missing -- time-stamps turned off.
\n --23:07:22-- http:\/\/www.linuxhomenetworking.com\/
\n => `index.html'
\n Connecting to www.linuxhomenetworking.com[65.115.71.34]:80... connected.
\n HTTP request sent, awaiting response... 200 OK
\n Length: unspecified [text\/html]<\/p>\n
\n<\/code><\/p>\n
\n-T \tDefines the timing between the packets set during a port scan. Some firewalls can detect the arrival of too many non-standard packets within a predetermined time frame. This option can be used to send them from 60 seconds apart with a value of “5” also known as insane mode to 0.3 seconds with a value of “0” in paranoid mode.
\n-O \tThis will try to detect the operating system of the remote server based on known responses to various types of packets.
\n-p \tLists the TCP\/IP port range to scan.
\n-s \tDefines a variety of scan methods that use either packets that comply with the TCP\/IP standard or are in violation of it.
\n
\nnmap -sT -T 5 -p 1-5000 192.168.1.153<\/p>\n
\n Interesting ports on whoknows.my-site-int.com (192.168.1.153):
\n (The 4981 ports scanned but not shown below are in state: closed)
\n Port State Service
\n 21\/tcp open ftp
\n 25\/tcp open smtp
\n 139\/tcp open netbios-ssn
\n 199\/tcp open smux
\n 2105\/tcp open eklogin
\n 2301\/tcp open compaqdiag
\n 3300\/tcp open unknown<\/p>\n
\n<\/code><\/p>\n
\nMost Linux distributions contain the netcat or nc packages which can be used to create a TCP socket over which you can transfer data. The syntax can also vary between distributions so you should refer to your system’s man pages if you have any questions.<\/p>\n
\n
\n [root@smallfry tmp]# nc -l 7777
\n<\/code><\/p>\n
\n
\n [root@bigboy ~]# nc 192.168.2.50 7777
\n<\/code><\/p>\n
\n
\n [root@bigboy ~]# nc 192.168.2.50 7777
\n This is a test of the NetCat program!
\n [root@bigboy ~]#
\n<\/code><\/p>\n
\n
\n [root@smallfry tmp]# nc -l 7777
\n This is a test of the NetCat program!
\n [root@smallfry tmp]#
\n<\/code><\/p>\n
\n
\n [root@smallfry tmp]# nc -l 7777 > FC-6-i386-disc1.iso
\n <\/code>
\n
\n [root@bigboy ~]# cat \/tmp\/FC-6-i386-disc1.iso | nc 192.168.2.50 7777
\n<\/code><\/p>\n
\n
\n [root@smallfry tmp]# nc -l 7777 > \/dev\/null
\n<\/code><\/p>\n
\n
\n [root@bigboy ~]# cat \/dev\/random | nc 192.168.2.50 7777
\n<\/code><\/p>\n
\n
\nnetstat -an | grep LISTEN
\n<\/code>
\n lists all Internet connections
\n
\nlsof -i
\n<\/code>
\ndisplays list of open sockets (use apt-get install procinfo)
\n
\nsocklist
\n<\/code>
\nas does the socklist command
\n
\nnetstat -anp --udp --tcp | grep LISTEN
\n<\/code>
\n List active connections to\/from system
\n
\nnetstat -tup
\n<\/code>
\n List listening ports from system
\n
\nnetstat -tupl
\n<\/code>
\nFor status
\n
\niptables -L -n -v
\n<\/code>
\n Open everything
\n
\niptables -P INPUT ACCEPT
\n<\/code>
\n
\niptables -P FORWARD ACCEPT
\n<\/code>
\n
\niptables -P OUTPUT ACCEPT
\n<\/code>
\n Zero the packet and byte counters in all chains
\n
\niptables -Z
\n<\/code>
\n Flush all chains
\n
\niptables -F
\n<\/code>
\n Delete all chains
\n
\niptables -X
\n<\/code><\/p>\n
\n
\nnano -w \/proc\/sys\/net\/ipv4\/ip_forward
\n<\/code>
\n
\necho 1 > \/proc\/sys\/net\/ipv4\/ip_forward
\n<\/code>
\n or edit \/etc\/sysctl.conf with:<\/p>\n
\nnet.ipv4.ip_forward = 1
\n<\/code><\/p>\n
\n
\niptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
\n<\/code><\/p>\n
\n
\niptables -t nat -A PREROUTING -p tcp -d 78.31.70.238 --dport 20022 -j DNAT --to 192.168.16.44:22
\n<\/code>
\n Port forward of range 993-995
\n<\/p>\n
\n<\/code>
\n
\nip route flush cache
\n<\/code>
\n Check NAT status
\n
\niptables -L -t nat
\n<\/code><\/p>\n
\nThe domain to which the host belongs is also stored in this file. A minimal configuration is:<\/p>\n
\nnameserver 78.31.70.238
\nsearch mydomain.net intern.lab
\ndomain mydomain.net
\n<\/code><\/p>\n
\n
\nhostname -d
\n<\/code><\/p>\n
\nSee from which server the client receives the answer (simplified answer).
\nin this example, we use google.com
\n
\ndig google.com
\ngoogle.com.267INA64.233.187.99
\n;; SERVER: 192.168.1.25453(192.168.1.254)
\n<\/code><\/p>\n
\nAny entry can be queried and the DNS server can be selected with @:<\/p>\n
\n
\ndig @127.0.0.1 NS sun.com
\n<\/code>
\n Query an external server
\n
\ndig @204.97.212.10 NS MX heise.de
\n<\/code>
\n Get the full zone (zone transfer)
\n
\ndig AXFR @ns1.xname.org cb.vu
\n<\/code><\/p>\n
\n
\nhost -t MX google.com
\n<\/code>
\n Get the NS record over a TCP connection
\n
\nhost -t NS -T google.com
\n<\/code>
\n Get everything
\n
\nhost -a google.com
\n<\/code><\/p>\n
\ndig -x 78.31.70.238
\n<\/code>
\n
\nhost 78.31.70.238
\n<\/code>
\n
\nnslookup 78.31.70.238
\n<\/code><\/p>\n
\nto resolve the hostname queries. The format is simple, for example:<\/p>\n
\nand that is what i will use in my examples
\n
\napt-get install dhcpcd to install it.
\n<\/code>
\n Trigger a renew (does not always work)
\n
\ndhcpcd -n eth0
\n<\/code>
\n release and shutdown
\n
\ndhcpcd -k eth0
\n<\/code><\/p>\n
\n
\n\/var\/lib\/dhcpcd\/dhcpcd-eth0.info
\n<\/code><\/p>\n
\ndhclient eth0
\n<\/code><\/p>\n
\n
\n\/var\/db\/dhclient.leases.eth0<\/p>\n
\n<\/code>
\n\/etc\/dhclient.conf
\n<\/code>
\nto prepend options or force different options:<\/p>\n
\nnano -w \/etc\/dhclient.conf<\/p>\n
\nprepend domain-name-servers 127.0.0.1;
\ndefault domain-name \"google.com\";
\nsupersede domain-name \"google.com\";
\n}
\n<\/code><\/p>\n
\nflow on different interfaces. You can install it on ubuntu with apt-get install bmon<\/p>\n
\ntcpdump -nl -i eth0 not port ssh and src \\(192.168.16.121 or 192.168.16.54\\)
\n<\/code>
\n select to\/from a single IP
\n
\ntcpdump -n -i eth0 net 192.168.16.121
\n<\/code>
\n select traffic to\/from a network
\n<\/code>
\ntcpdump -n -i eth0 net 192.168.16.0\/24<\/p>\n
\n
\ntcpdump -l > dump && tail -f dump
\n<\/code>
\n Write traffic headers in binary file
\n
\ntcpdump -i eth0 -w traffic.eth0
\n<\/code>
\n Write traffic + payload in binary file
\n
\ntcpdump -i eth0 -s 0 -w traffic.eth0
\n<\/code>
\n Read from file (also for ethereal
\n
\ntcpdump -r traffic.eth0
\n<\/code>
\n The two classic commands
\n
\ntcpdump port 80
\n<\/code>
\n Check if pop or imap is secure
\n
\ntcpdump host google.com
\n<\/code>
\n
\ntcpdump -i eth0 -X port \\(110 or 143\\)
\n<\/code>
\n Only catch pings
\n
\ntcpdump -n -i eth0 icmp
\n<\/code>
\n -s 0 for full packet -A for ASCII
\n
\ntcpdump -i eth0 -s 0 -A port 80 | grep GET
\n<\/code><\/p>\n","protected":false},"excerpt":{"rendered":"