Networking
Testing Network Connectivity - use with caution/troubleshooting
Testing Network Connectivity: Using Netcat: Using Telnet: Using Nmap: Using MTR (My Traceroute): Testing network connectivity involves checking if a port is open on a host. You can use tools like Netcat, Telnet, MTR, and Nmap to verify port availability. Netcat is a versatile networking utility that can be used to read and write data across network connections. Telnet is a command-line tool that allows you to communicate with a remote host using the Telnet protocol. Nmap is a network scanning tool that can be used to discover hosts and services on a network. MTR combines the capabilities of traceroute and ping by continuously sending packets to a target host and reporting real-time delays and route paths, making it invaluable for diagnosing transient network issues and visualizing network performance.
ping host # Send ICMP echo requests to a host
ping -c 4 host # Send 4 ICMP echo requests to a host
traceroute host # Trace the route to a host
mtr host # Network diagnostic tool that combines ping and traceroute
# -z stands for zero-I/O mode (used for scanning), -v for verbose output
nc -zv 10.11.12.13 80 # Check if a specific port is open on a host
nc -zv example.com 2222 # Check if a specific port is open on a host
nc -zv 10.0.0.1 22-80 # Check if a range of ports is open on a host
telnet 192.168.1.1 5000 # Connect to a host on a specific port
telnet example.com 443 # Connect to a host on a specific port
nmap -p 80 example.com # Check if a port is open on a host
nmap -p 1-1000 10.11.12.13 # Check if a range of ports is open on a host
nmap -p 1-1000 -sT host # Perform a TCP connect scan on a range of ports
nmap -p 1-1000 -sU host # Perform a UDP scan on a range of ports
nmap -p 1-1000 -sS host # Perform a SYN scan on a range of ports, SYN scan is stealthier than a TCP connect scan
# Displays Host (IP address or hostname of each router or link along the path to the destination),
# Loss% (percentage of lost packets at each hop), Snt(# of packets sent to each hop), last (latency of last packet),
# Avg (avg latency of all packets sent to that hop), Best (the best/lowest latency observed for a packet to this hop)
# Wrst (worst/highest latency observed), StDev (Std deviation of the latencies, e.g. variability in response times)
# 1. Basic usage to run mtr to a specific host (e.g., google.com)
mtr google.com
# 2. Use mtr with the IP address instead of the domain name
mtr 8.8.8.8
# 3. Run mtr with report mode which provides a summary after a set number of pings
mtr --report google.com
# 4. Set the number of pings in report mode to 10
mtr --report --report-cycles 10 google.com
# 5. Use mtr in verbose mode to get more detailed output
mtr --verbose google.com
# 6. Display numeric IP addresses instead of hostnames
mtr --no-dns google.com
# 7. Specify the size of the probing packets (e.g., 1200 bytes)
mtr --packet-size 1200 google.com
# 8. Change the interval between pings to 2 seconds (default is 1 second)
mtr --interval 2 google.com
# 9. Use mtr to generate a split report showing both hostnames and IP addresses
mtr --split google.com
# 10. Show the TCP mode of mtr using a specific port (e.g., 80 for HTTP)
mtr --tcp --port 80 google.com
Using nslookup: Using dig: Advanced Usage: Other Examples: The Domain Name System (DNS) is a hierarchical decentralized naming system for computers, services, or other resources connected to the Internet or a private network. DNS translates domain names to IP addresses, allowing users to access websites and other resources using human-readable names. Tools like nslookup and dig can be used to perform DNS lookups and query DNS servers for information about domain names.
nslookup example.com # Perform a DNS lookup for a domain
nslookup nslookup 192.168.1.1 # Perform a reverse DNS lookup for an IP address
nslookup example.com server # Perform a DNS lookup for a domain using a specific server
nslookup -type=mx example.com # Perform a DNS lookup for the MX records of a domain
nslookup -type=ns example.com # Perform a DNS lookup for the NS records of a domain
dig example.com # Perform a DNS lookup for a domain
dig -x 192.168.1.1 # Perform a reverse DNS lookup for an IP address
dig domain mx # Perform a DNS lookup for the MX records of a domain
dig domain ns # Perform a DNS lookup for the NS records of a domain
dig @server example.com # Perform a DNS lookup for a domain using a specific server
dig +trace example.com # Perform a DNS trace lookup for a domain
dig +short example.com # Perform a short DNS lookup for a domain
dig +noall +answer example.com # Perform a DNS lookup and display only the answer section
dig +noall +answer +comments example.com # Perform a DNS lookup and display only the answer section with comments
nslookup -type=txt example.com # Perform a DNS lookup for the TXT records of a domain
nslookup -type=soa example.com # Perform a DNS lookup for the SOA records of a domain
dig domain any # Perform a DNS lookup for all records of a domain
dig domain aaaa # Perform a DNS lookup for the AAAA records of a domain
Using curl: Using wget: Advanced Usage: Other Examples: Advanced POST Requests: HTTP requests are used to communicate with web servers and retrieve information from websites. Tools like curl and wget can be used to send HTTP requests and download files from URLs. Curl is a command-line tool that supports various request methods, headers, cookies, and authentication methods. Wget is a command-line tool that can download files from the web and supports resuming partial downloads, recursive downloads, and downloading prerequisites.
# -X specifies the request method, -d specifies the data to send, -H specifies the headers to include
# -b specifies the cookie to send, -c specifies the cookie to save,
# -u specifies the username and password for authentication,
# -I sends a HEAD request, -v enables verbose output, -k allows insecure SSL connections,
# -L follows redirects, -O saves the output to a file, -X POST -d 'data' sends a POST request with data,
# -X POST -H 'Content-Type: application/json' -d '{"key": "value"}' sends a POST request with JSON data
curl http://example.com:8080 # Send an HTTP GET request to a URL on a specific port
curl -X POST http://example.com:8080 # Send an HTTP POST request to a URL on a specific port
curl http://localhost:5000 # Send an HTTP GET request to a URL on a specific port
curl http://example.com # Send an HTTP GET request to a URL, for url, use http://example.com
curl -X POST http://example.com # Send an HTTP POST request to a URL
curl -X PUT http://example.com # Send an HTTP PUT request to a URL
curl -X DELETE http://example.com # Send an HTTP DELETE request to a URL
curl -I http://example.com # Send a HEAD request to a URL and display the headers
curl -v http://example.com # Send a request to a URL and display verbose output
curl -k https://example.com # Send a request to a URL with insecure SSL
curl -k https://localhost:5000 # Send an HTTPS GET request to a URL on a specific port
curl -L http://example.com # Follow redirects when sending a request to a URL
curl -O http://example.com/path/to/file.zip # Download a file from a URL
wget url # Download a file from a URL
wget -O output url # Download a file from a URL and save it as a specific name
wget -c url # Resume a partial download
wget -r url # Download a URL recursively
wget -p url # Download a URL and its prerequisites
curl -u username:password url # Send an authenticated request to a URL
curl -H 'Header: Value' url # Send a request with a custom header
curl -d 'data' url # Send a POST request with data
curl -F 'key=value' url # Send a POST request with form data
curl -b 'cookie' url # Send a request with a cookie
curl -s url | jq . # Send a request to a URL and format the JSON output using jq
curl -s url | python -m json.tool # Send a request to a URL and format the JSON output using Python
wget -qO- url | jq . # Download a file from a URL and format the JSON output using jq
wget -qO- url | python -m json.tool # Download a file from a URL and format the JSON output using Python
curl -X POST -d 'data' url # Send a POST request with data
curl -X POST -H 'Content-Type: application/json' -d '{"key": "value"}' url # Send a POST request with JSON data
wget --no-check-certificate url # Download a file from a URL without certificate validation
wget --user=username --password=password url # Download a file from a URL with authentication
Using OpenSSL: Using OpenSSL to Verify Certificates: Using OpenSSL to Generate Certificates: Using OpenSSL to Convert Certificates: Retrieve the public key/public certificate from a server: SSL certificates are used to secure communication between clients and servers over the internet. OpenSSL is a command-line tool that can be used to work with SSL certificates, generate new certificates, and convert certificates between different formats. You can use OpenSSL to connect to a host on a specific port, display certificate information, generate new certificates, and convert certificates between different formats. SSL/TLS is fundamental to secure communication over networks. Including troubleshooting steps helps ensure that security protocols are maintained properly. Problems with SSL/TLS configurations, such as expired certificates, mismatched domain names, and unsupported encryption algorithms, are common and can cause service interruptions or security vulnerabilities.
openssl s_client -connect host:port # Connect to a host on a specific port
openssl s_client -connect host:port -showcerts # Connect to a host on a specific port and display certificates
openssl s_client -connect host:port -servername example.com # Connect to a host on a specific port with SNI
openssl s_client -connect host:port -servername example.com -showcerts # Connect to a host on a specific port with SNI and display certificates
openssl x509 -in certificate.crt -text # Display information about a certificate
openssl x509 -in certificate.crt -noout -text # Display information about a certificate without the header and footer
openssl x509 -in certificate.crt -noout -issuer # Display the issuer of a certificate
openssl x509 -in certificate.crt -noout -subject # Display the subject of a certificate
openssl x509 -in certificate.crt -noout -dates # Display the validity dates of a certificate
openssl x509 -in certificate.crt -noout -enddate # Display the expiration date of a certificate
openssl x509 -in certificate.crt -noout -text | grep DNS # Display the DNS names in the certificate
openssl req -new -newkey rsa:2048 -nodes -keyout key.pem -out csr.pem # Generate a new private key and CSR
openssl req -x509 -newkey rsa:2048 -keyout key.pem -out cert.pem -days 365 # Generate a self-signed certificate
openssl genrsa -out key.pem 2048 # Generate a new RSA private key
openssl req -new -key key.pem -out csr.pem # Generate a CSR using an existing private key
openssl x509 -req -in csr.pem -signkey key.pem -out cert.pem # Sign a CSR with an existing private key
openssl x509 -in certificate.crt -out certificate.pem # Convert a certificate from CRT to PEM format
openssl x509 -in certificate.pem -out certificate.crt # Convert a certificate from PEM to CRT format
openssl x509 -in certificate.pem -out certificate.der -outform DER # Convert a certificate from PEM to DER format
# echo -n will suppress the newline character at the end of the output, sed will extract the certificate between the BEGIN and END lines
echo -n | openssl s_client -connect example.com:443 2>/dev/null | sed -n '/-----BEGIN CERTIFICATE-----/,/-----END CERTIFICATE-----/p' > example.com.crt
# Or, in Chrome, click on the padlock icon in the address bar, then click on "Certificate (Valid)" to view the
# certificate details. Click on the "Details" tab and then "Copy to File" or "Export" to save the certificate.
Network Configuration
Checking Network Interfaces: Checking Routing Tables: Checking DNS Configuration: Checking Network Statistics: Checking Listening Ports: Netstat Examples: Configuring Network Interfaces: Networking commands can be used to check network interfaces, routing tables, DNS configuration, and network statistics. Commands like ifconfig, ip, and netstat can provide information about network interfaces, IP addresses, routing tables, and network statistics. Understanding these commands can help troubleshoot network connectivity issues and configure network settings.
ifconfig # Display network interface configuration
ip addr show # Display IP address information
ip link show # Display link layer information
route # Display routing table
ip route show # Display IP routing table
netstat -r # Display routing table
ss -tulwn # List all listening TCP and UDP ports
netstat -tuln # List all listening TCP and UDP ports
lsof -i -P -n | grep LISTEN # List all listening ports
netstat -a # Display all listening and non-listening sockets
netstat -l # Display all listening sockets
netstat -t # Display all TCP connections
netstat -u # Display all UDP connections
netstat -n # Display numerical addresses instead of resolving hostnames
netstat -p # Display the PID and name of the program to which each socket belongs
netstat -c # Display continuously updated information
netstat -i # Display a table of network interfaces and their statistics
netstat -r # Display the kernel routing table
netstat -s # Display network statistics
netstat -tuln # Display all listening TCP and UDP ports
netstat -tulnp # Display all listening TCP and UDP ports with the PID and name of the program
ifconfig interface ip_address netmask mask # Configure a network interface with an IP address and netmask
ip addr add ip_address/mask dev interface # Configure a network interface with an IP address and netmask
ip addr del ip_address/mask dev interface # Remove an IP address from a network interface
ip link set interface up # Bring a network interface up
ip link set interface down # Bring a network interface down
Using iptables: Using firewalld: UFW (Uncomplicated Firewall): Using iptables for Port Forwarding: Using firewalld for Port Forwarding: Firewalls are used to control incoming and outgoing network traffic based on a set of security rules. Tools like iptables, firewalld, and UFW can be used to configure and manage firewall rules on Linux systems. Iptables is a command-line utility that allows system administrators to configure the IP packet filter rules of the Linux kernel firewall. Firewalld is a dynamic firewall manager that provides a way to configure firewall rules in a more user-friendly way. UFW (Uncomplicated Firewall) is a front-end for iptables that simplifies the process of configuring a firewall.
iptables -L # List all firewall rules
iptables -A INPUT -s ip_address -j DROP # Block incoming traffic from a specific IP address
iptables -A INPUT -p tcp --dport port -j DROP # Block incoming traffic on a specific port
iptables -A INPUT -s ip_address -p tcp --dport port -j DROP # Block incoming traffic from a specific IP address on a specific port
iptables -A INPUT -s ip_address -p tcp --dport port -j ACCEPT # Allow incoming traffic from a specific IP address on a specific port
iptables -A INPUT -s ip_address -p tcp --dport port -j REJECT # Reject incoming traffic from a specific IP address on a specific port
iptables -A INPUT -s ip_address -p tcp --dport port -j LOG # Log incoming traffic from a specific IP address on a specific port
iptables -A INPUT -s ip_address -p tcp --dport port -j REJECT --reject-with tcp-reset # Reject incoming traffic from a specific IP address on a specific port with a TCP reset
firewall-cmd --list-all # List all firewall rules
firewall-cmd --zone=public --add-port=port/tcp --permanent # Allow incoming traffic on a specific port
firewall-cmd --zone=public --remove-port=port/tcp --permanent # Remove incoming traffic on a specific port
firewall-cmd --zone=public --add-rich-rule='rule family="ipv4" source address="ip_address" port port protocol="tcp" reject' --permanent # Block incoming traffic from a specific IP address on a specific port
firewall-cmd --reload # Reload firewall rules
ufw status # Display the status of UFW
ufw enable # Enable UFW
ufw disable # Disable UFW
ufw allow port # Allow incoming traffic on a specific port
ufw deny port # Deny incoming traffic on a specific port
ufw allow from ip_address to any port port # Allow incoming traffic from a specific IP address on a specific port
ufw deny from ip_address to any port port # Deny incoming traffic from a specific IP address on a specific port
iptables -t nat -A PREROUTING -p tcp --dport port -j DNAT --to-destination internal_ip:port # Forward incoming traffic on a specific port to an internal IP address and port
iptables -t nat -A POSTROUTING -s internal_ip -j SNAT --to-source external_ip # Change the source IP address of outgoing traffic to an external IP address
Using iftop: Using nload: Using iptraf: Using vnstat: Using tcpdump: Other Examples: Other Tools: Network monitoring tools can be used to monitor network traffic, bandwidth usage, and network statistics. Tools like iftop, nload, iptraf, vnstat, and tcpdump can provide real-time and historical data about network activity. Monitoring network traffic can help identify performance issues, security threats, and abnormal behavior on the network.
iftop # Display bandwidth usage on an interface
iftop -i interface # Display bandwidth usage on a specific interface
nload # Display network traffic in real-time
nload -u K # Display network traffic in kilobytes
nload -u M # Display network traffic in megabytes
iptraf # Display network statistics
iptraf -i interface # Display network statistics for a specific interface
vnstat # Display network traffic statistics
vnstat -i interface # Display network traffic statistics for a specific interface
tcpdump -i interface # Capture and display network packets on an interface
tcpdump -i interface -c count # Capture and display a specific number of network packets on an interface
tcpdump -i interface -w output.pcap # Capture and save network packets to a file
tcpdump -r input.pcap # Read and display network packets from a file
tcpdump -i interface host ip_address # Capture and display network packets from a specific IP address
tcpdump -i interface port port # Capture and display network packets on a specific port
tcpdump -i interface src ip_address # Capture and display network packets with a specific source IP address
tcpdump -i interface dst ip_address # Capture and display network packets with a specific destination IP address