Basic networking commands




















Most of our applications and services are running on Linux systems and are connected to various networks. Thus making it necessary to learn about the networking commands to monitor, configure and secure it. 
There are numerous networking commands at our disposal. Today we will have a look at a few basic and very helpful commands which will help us in checking the network configurations and status of our services.


1. ping

One of the most used command in the networking, ping basically lets you check if a host is alive. ping sends an ICMP echo request packet to the target host and waits for the host to reply.

By default ping runs in an infinite loop and can be controlled by appending '-c' flag to the command.
 root@root-MacBook-Pro ~ %ping google.com  
 PING google.com (216.58.196.174): 56 data bytes  
 64 bytes from 216.58.196.174: icmp_seq=0 ttl=53 time=43.825 ms  
 64 bytes from 216.58.196.174: icmp_seq=1 ttl=53 time=54.001 ms  
 64 bytes from 216.58.196.174: icmp_seq=2 ttl=53 time=58.563 ms  
 64 bytes from 216.58.196.174: icmp_seq=3 ttl=53 time=85.738 ms  
 64 bytes from 216.58.196.174: icmp_seq=4 ttl=53 time=53.526 ms  
 64 bytes from 216.58.196.174: icmp_seq=5 ttl=53 time=43.333 ms  
   
 # Use -c option to limit the response packets  
 root@root-MacBook-Pro ~ %ping -c 3 google.com  
 PING google.com (142.250.196.14): 56 data bytes  
 64 bytes from 142.250.196.14: icmp_seq=0 ttl=112 time=50.027 ms  
 64 bytes from 142.250.196.14: icmp_seq=1 ttl=112 time=47.794 ms  
 64 bytes from 142.250.196.14: icmp_seq=2 ttl=112 time=62.424 ms
 --- google.com ping statistics ---  
 3 packets transmitted, 3 packets received, 0.0% packet loss  
 round-trip min/avg/max/stddev = 47.794/53.415/62.424/6.435 ms  

2. nslookup

nslookup is another handy command for DNS related queries. It is used to query any domain name servers and resolving the IP addresses.
root@root-MacBook-Pro ~ %nslookup google.com  
 Server:          8.8.8.8  
 Address:     8.8.8.8#53  
   
 Non-authoritative answer:  
 Name:     google.com  
 Address: 142.250.205.238  

3. netstat

netstat refers to network statistics, provides all the details related to the interfaces of a host. It is used to examine network connections, routing tables and other network related statistics.

#Use '-i' to list all the interfaces of the system
 root@root-MacBook-Pro ~ % netstat -i  
 Name    Mtu  Network    Address      Ipkts Ierrs  Opkts Oerrs Coll  
 gif0* 1280 <Link#2>               0   0    0   0   0  
 stf0* 1280 <Link#3>               0   0    0   0   0  
 en0  1500 <Link#4>  f0:18:98:02:6e:f7  569910   0  380995   0   0  
 en0  1500 192.168.0/16 192.168.1.100   569910   -  380995   -   -  
 en1  1500 <Link#5>  82:35:33:25:54:01    0   0    0   0   0  
 en2  1500 <Link#6>  82:35:33:25:54:00    0   0    0   0   0  
 bridg 1500 <Link#8>  82:35:33:25:54:01    0   0    0   0   0  
# Use '-r' to see the routing table
 root@root-MacBook-Pro ~ % netstat -r  
 Routing tables  
 Internet:  
 Destination    Gateway      Flags    Netif Expire  
 default      192.168.1.1    UGScg     en0  
 127        localhost     UCS      lo0  
 localhost     localhost     UH       lo0  
 169.254      link#4       UCS      en0   !  
 192.168.0/16    link#4       UCS      en0   !  
 192.168.1.1/32   link#4       UCS      en0   !  
 192.168.1.1    c8:d7:79:cd:52:e2 UHLWIir    en0  1199  
 192.168.1.100/32  link#4       UCS      en0   !  
 224.0.0/4     link#4       UmCS      en0   !  
 224.0.0.251    1:0:5e:0:0:fb   UHmLWI     en0  
 239.255.255.250  1:0:5e:7f:ff:fa  UHmLWI     en0  
 255.255.255.255/32 link#4       UCS      en0   !  
   
 Internet6:  
 Destination    Gateway      Flags     Netif Expire  
 default      fe80::%utun0    UGcIg     utun0  
 default      fe80::%utun1    UGcIg     utun1  
 localhost     localhost     UHL       lo0  
Similarly '-a' flag to show listening and non-listening sockets

4. nmap

nmap - Network Mapper is an open-source network scanning tool for port scanning, service fingerprinting, and identifying operation system versions. While it is popularly known as a network mapping and port scanning tool, it comes with the Nmap Scripting Engine (NSE) that can help in the detection of misconfiguration issues and security vulnerabilities.

# By default nmap scans 1000 most common ports and checks for response
 root@root-MacBook-Pro ~ % sudo nmap localhost  
 Starting Nmap 7.92 ( https://nmap.org ) at 2021-12-05 19:13 IST  
 Nmap scan report for localhost (127.0.0.1)  
 Host is up (0.000019s latency).  
 Other addresses for localhost (not scanned): ::1  
 Not shown: 999 closed tcp ports (reset)  
 PORT   STATE SERVICE  
 5900/tcp open vnc  
 Nmap done: 1 IP address (1 host up) scanned in 0.09 seconds  
# Scan an entire subnet
 sudo nmap -sT 171.15.1.0/24  
nmap can also be used for scanning vulnerabilities, find more info here: nmap for vulnerabilities 

5. traceroute

traceroute command is another handy command in troubleshooting the network, traceroute as the name suggests gives you the route taken by the ICMP packet took from the source machine to a destination host. 
It displays all the hops that the packet took to reach its destination.
 root@root-MacBook-Pro ~ % sudo traceroute google.com  
 traceroute to google.com (142.250.182.46), 64 hops max, 52 byte packets  
  1 192.168.1.1 (192.168.1.1) 27.267 ms 2.656 ms 2.405 ms  
  2 * * *  
  3 10.72.203.227 (10.72.203.227) 45.261 ms  
   10.72.203.243 (10.72.203.243) 62.792 ms  
   10.72.203.227 (10.72.203.227) 77.597 ms  
  4 192.168.65.250 (192.168.65.250) 54.691 ms 52.680 ms  
   192.168.65.248 (192.168.65.248) 50.992 ms  
  5 192.168.65.249 (192.168.65.249) 53.310 ms  
   192.168.65.247 (192.168.65.247) 43.902 ms 53.839 ms  
  6 172.26.74.21 (172.26.74.21) 53.331 ms 76.775 ms 44.530 ms  
  7 172.26.77.243 (172.26.77.243) 56.049 ms 63.229 ms 47.981 ms  
  8 192.168.65.144 (192.168.65.144) 50.479 ms  
   192.168.65.138 (192.168.65.138) 50.350 ms 53.185 ms  
  9 192.168.65.141 (192.168.65.141) 51.993 ms  
   192.168.65.145 (192.168.65.145) 53.018 ms  
   192.168.65.139 (192.168.65.139) 52.516 ms  
 10 172.31.2.63 (172.31.2.63) 67.680 ms  
   172.31.2.65 (172.31.2.65) 59.682 ms  
   172.31.2.63 (172.31.2.63) 57.209 ms  
 11 74.125.50.202 (74.125.50.202) 63.187 ms  
   72.14.217.254 (72.14.217.254) 57.937 ms  
   72.14.217.58 (72.14.217.58) 57.722 ms  
 12 74.125.242.129 (74.125.242.129) 63.744 ms * 89.488 ms  
 13 142.251.55.230 (142.251.55.230) 47.393 ms  
   142.251.55.216 (142.251.55.216) 61.700 ms  
   142.250.228.82 (142.250.228.82) 47.742 ms  
 14 108.170.253.121 (108.170.253.121) 59.194 ms  
   maa05s19-in-f14.1e100.net (142.250.182.46) 58.032 ms  
    
These are just few commands, you can also check other commands viz ip, ifconfig, dig etc.. 



Post a Comment

0 Comments