Most of our applications and services are running on Linux systems and are connected to various networks. Thus making it necessary to learn about the networking commands to monitor, configure and secure it.
There are numerous networking commands at our disposal. Today we will have a look at a few basic and very helpful commands which will help us in checking the network configurations and status of our services.
1. ping
One of the most used command in the networking, ping basically lets you check if a host is alive. ping sends an ICMP echo request packet to the target host and waits for the host to reply.
By default ping runs in an infinite loop and can be controlled by appending '-c' flag to the command.
root@root-MacBook-Pro ~ %ping google.com
PING google.com (216.58.196.174): 56 data bytes
64 bytes from 216.58.196.174: icmp_seq=0 ttl=53 time=43.825 ms
64 bytes from 216.58.196.174: icmp_seq=1 ttl=53 time=54.001 ms
64 bytes from 216.58.196.174: icmp_seq=2 ttl=53 time=58.563 ms
64 bytes from 216.58.196.174: icmp_seq=3 ttl=53 time=85.738 ms
64 bytes from 216.58.196.174: icmp_seq=4 ttl=53 time=53.526 ms
64 bytes from 216.58.196.174: icmp_seq=5 ttl=53 time=43.333 ms
# Use -c option to limit the response packets
root@root-MacBook-Pro ~ %ping -c 3 google.com
PING google.com (142.250.196.14): 56 data bytes
64 bytes from 142.250.196.14: icmp_seq=0 ttl=112 time=50.027 ms
64 bytes from 142.250.196.14: icmp_seq=1 ttl=112 time=47.794 ms
64 bytes from 142.250.196.14: icmp_seq=2 ttl=112 time=62.424 ms
--- google.com ping statistics ---
3 packets transmitted, 3 packets received, 0.0% packet loss
round-trip min/avg/max/stddev = 47.794/53.415/62.424/6.435 ms 2. nslookup
nslookup is another handy command for DNS related queries. It is used to query any domain name servers and resolving the IP addresses.
root@root-MacBook-Pro ~ %nslookup google.com
Server: 8.8.8.8
Address: 8.8.8.8#53
Non-authoritative answer:
Name: google.com
Address: 142.250.205.238 3. netstat
netstat refers to network statistics, provides all the details related to the interfaces of a host. It is used to examine network connections, routing tables and other network related statistics.
#Use '-i' to list all the interfaces of the system
root@root-MacBook-Pro ~ % netstat -i
Name Mtu Network Address Ipkts Ierrs Opkts Oerrs Coll
gif0* 1280 <Link#2> 0 0 0 0 0
stf0* 1280 <Link#3> 0 0 0 0 0
en0 1500 <Link#4> f0:18:98:02:6e:f7 569910 0 380995 0 0
en0 1500 192.168.0/16 192.168.1.100 569910 - 380995 - -
en1 1500 <Link#5> 82:35:33:25:54:01 0 0 0 0 0
en2 1500 <Link#6> 82:35:33:25:54:00 0 0 0 0 0
bridg 1500 <Link#8> 82:35:33:25:54:01 0 0 0 0 0 # Use '-r' to see the routing table
root@root-MacBook-Pro ~ % netstat -r
Routing tables
Internet:
Destination Gateway Flags Netif Expire
default 192.168.1.1 UGScg en0
127 localhost UCS lo0
localhost localhost UH lo0
169.254 link#4 UCS en0 !
192.168.0/16 link#4 UCS en0 !
192.168.1.1/32 link#4 UCS en0 !
192.168.1.1 c8:d7:79:cd:52:e2 UHLWIir en0 1199
192.168.1.100/32 link#4 UCS en0 !
224.0.0/4 link#4 UmCS en0 !
224.0.0.251 1:0:5e:0:0:fb UHmLWI en0
239.255.255.250 1:0:5e:7f:ff:fa UHmLWI en0
255.255.255.255/32 link#4 UCS en0 !
Internet6:
Destination Gateway Flags Netif Expire
default fe80::%utun0 UGcIg utun0
default fe80::%utun1 UGcIg utun1
localhost localhost UHL lo0 Similarly '-a' flag to show listening and non-listening sockets
4. nmap
nmap - Network Mapper is an open-source network scanning tool for port scanning, service fingerprinting, and identifying operation system versions. While it is popularly known as a network mapping and port scanning tool, it comes with the Nmap Scripting Engine (NSE) that can help in the detection of misconfiguration issues and security vulnerabilities.
# By default nmap scans 1000 most common ports and checks for response
root@root-MacBook-Pro ~ % sudo nmap localhost
Starting Nmap 7.92 ( https://nmap.org ) at 2021-12-05 19:13 IST
Nmap scan report for localhost (127.0.0.1)
Host is up (0.000019s latency).
Other addresses for localhost (not scanned): ::1
Not shown: 999 closed tcp ports (reset)
PORT STATE SERVICE
5900/tcp open vnc
Nmap done: 1 IP address (1 host up) scanned in 0.09 seconds
# Scan an entire subnet
sudo nmap -sT 171.15.1.0/24
nmap can also be used for scanning vulnerabilities, find more info here: nmap for vulnerabilities
5. traceroute
traceroute command is another handy command in troubleshooting the network, traceroute as the name suggests gives you the route taken by the ICMP packet took from the source machine to a destination host.
It displays all the hops that the packet took to reach its destination.
root@root-MacBook-Pro ~ % sudo traceroute google.com
traceroute to google.com (142.250.182.46), 64 hops max, 52 byte packets
1 192.168.1.1 (192.168.1.1) 27.267 ms 2.656 ms 2.405 ms
2 * * *
3 10.72.203.227 (10.72.203.227) 45.261 ms
10.72.203.243 (10.72.203.243) 62.792 ms
10.72.203.227 (10.72.203.227) 77.597 ms
4 192.168.65.250 (192.168.65.250) 54.691 ms 52.680 ms
192.168.65.248 (192.168.65.248) 50.992 ms
5 192.168.65.249 (192.168.65.249) 53.310 ms
192.168.65.247 (192.168.65.247) 43.902 ms 53.839 ms
6 172.26.74.21 (172.26.74.21) 53.331 ms 76.775 ms 44.530 ms
7 172.26.77.243 (172.26.77.243) 56.049 ms 63.229 ms 47.981 ms
8 192.168.65.144 (192.168.65.144) 50.479 ms
192.168.65.138 (192.168.65.138) 50.350 ms 53.185 ms
9 192.168.65.141 (192.168.65.141) 51.993 ms
192.168.65.145 (192.168.65.145) 53.018 ms
192.168.65.139 (192.168.65.139) 52.516 ms
10 172.31.2.63 (172.31.2.63) 67.680 ms
172.31.2.65 (172.31.2.65) 59.682 ms
172.31.2.63 (172.31.2.63) 57.209 ms
11 74.125.50.202 (74.125.50.202) 63.187 ms
72.14.217.254 (72.14.217.254) 57.937 ms
72.14.217.58 (72.14.217.58) 57.722 ms
12 74.125.242.129 (74.125.242.129) 63.744 ms * 89.488 ms
13 142.251.55.230 (142.251.55.230) 47.393 ms
142.251.55.216 (142.251.55.216) 61.700 ms
142.250.228.82 (142.250.228.82) 47.742 ms
14 108.170.253.121 (108.170.253.121) 59.194 ms
maa05s19-in-f14.1e100.net (142.250.182.46) 58.032 ms
These are just few commands, you can also check other commands viz ip, ifconfig, dig etc..
0 Comments