Networking

Networking

Resolve a domain to IP address(es)

dig +short www.example.com

# or
host www.example.com

Get DNS TXT record a of domain

dig -t txt www.example.com

# or
host -t txt www.example.com

Send a ping with a limited TTL to 10 (TTL: Time-To-Live, which is the maximum number of hops that a packet can travel across the Internet before it gets discarded.)

ping 8.8.8.8 -t 10

Print the route packets trace to network host

traceroute google.com

Check connection to host (e.g. check connection to port 80 and 22 of google.com)

nc -vw5 google.com 80
# Connection to google.com 80 port [tcp/http] succeeded!

nc -vw5 google.com 22
# nc: connect to google.com port 22 (tcp) timed out: Operation now in progress
# nc: connect to google.com port 22 (tcp) failed: Network is unreachable

Nc as a chat tool!

# From server A:
$ sudo nc -l 80
# then you can connect to the 80 port from another server (e.g. server B):
# e.g. telent <server A IP address> 80
# then type something in server B
# and you will see the result in server A!

Check which ports are listening for TCP connections from the network

#notice that some companies might not like you using nmap
nmap -sT -O localhost

# check port 0-65535
nmap  -p0-65535 localhost

Check if a host is up and scan for open ports, also skip host discovery.

#skips checking if the host is alive which may sometimes cause a false positive and stop the scan.
$ nmap google.com -Pn

# Example output:
# Starting Nmap 7.01 ( https://nmap.org ) at 2020-07-18 22:59 CST
# Nmap scan report for google.com (172.217.24.14)
# Host is up (0.013s latency).
# Other addresses for google.com (not scanned): 2404:6800:4008:802::200e
# rDNS record for 172.217.24.14: tsa01s07-in-f14.1e100.net
# Not shown: 998 filtered ports
# PORT    STATE SERVICE
# 80/tcp  open  http
# 443/tcp open  https
#
# Nmap done: 1 IP address (1 host up) scanned in 3.99 seconds

Scan for open ports and OS and version detection (e.g. scan the domain "scanme.nmap.org")

$ nmap -A -T4 scanme.nmap.org
# -A to enable OS and version detection, script scanning, and traceroute; -T4 for faster execution

Look up website information (e.g. name server), searches for an object in a RFC 3912 database.

whois google.com

Show the SSL certificate of a domain

openssl s_client -showcerts -connect www.example.com:443

Display IP address

ip a

Display route table

ip r

Display ARP cache (ARP cache displays the MAC addresses of device in the same network that you have connected to)

ip n

Add transient IP addres (reset after reboot) (e.g. add 192.168.140.3/24 to device eno16777736)

ip address add 192.168.140.3/24 dev eno16777736

Persisting network configuration changes

sudo vi /etc/sysconfig/network-scripts/ifcfg-enoxxx
# then edit the fields: BOOTPROT, DEVICE, IPADDR, NETMASK, GATEWAY, DNS1 etc

Refresh NetworkManager

sudo nmcli c reload

Restart all interfaces

sudo systemctl restart network.service

To view hostname, OS, kernal, architecture at the same time!

hostnamectl

Set hostname (set all transient, static, pretty hostname at once)

hostnamectl set-hostname "mynode"

Find out the web server (e.g Nginx or Apache) of a website

curl -I http://example.com/
# HTTP/1.1 200 OK
# Server: nginx
# Date: Thu, 02 Jan 2020 07:01:07 GMT
# Content-Type: text/html
# Content-Length: 1119
# Connection: keep-alive
# Vary: Accept-Encoding
# Last-Modified: Mon, 09 Sep 2019 10:37:49 GMT
# ETag: "xxxxxx"
# Accept-Ranges: bytes
# Vary: Accept-Encoding

Find out the http status code of a URL

curl -s -o /dev/null -w "%{http_code}" https://www.google.com

Unshorten a shortended URL

curl -s -o /dev/null -w "%{redirect_url}" https://bit.ly/34EFwWC

Perform network throughput tests

# server side:
$ sudo iperf -s -p 80

# client side:
iperf -c <server IP address> --parallel 2 -i 1 -t 2 -p 80

To block port 80 (HTTP server) using iptables.

sudo iptables -A INPUT -p tcp --dport 80 -j DROP

# only block connection from an IP address
sudo iptables –A INPUT –s <IP> -p tcp –dport 80 –j DROP