Linux is an indispensable tool and system in the field of cybersecurity. Many servers run on Linux and offer a wide range of possibilities for offensive security practitioners, network defenders, and systems administrators. This module covers the essentials for starting with the Linux operating system and terminal.
Computers are often connected to each other on a network. They send request to each other in the form of packets that travels from the host to the destination. Linux provides various commands from network configuration and troubleshooting.
INE Linux Fundamentals For Network
1. Ping(Packet Internet Groper) The ping command is used to ensure that a computer can communicate to a specified device over the network. The pings command sends Internet Control Message Protocol(ICMP) Echo Request messages in the form of packets to the destination computer and waits in order to get the response back. Once the packets are received by the destined computer, it starts sending the packets back. This command keeps executing until it si interrupted.
7. ifconfig ifconfig(Interface Configuration) is a utility in an operating system that is used to set or display the IP address and netmask of a network interface. It also provides commands to enable or disable an interface. Many UNIX-like operating systems initialize their network interfaces using ifconfig at boot time. ifconfig is also used to view the MTU(Maximum transmission unit).
Since Linux is an operating system, Linux has many uses. Linux is used to run all sorts of networks and devices. Knowing Linux is important for many technical jobs because a number of them are performed on machines that run Linux. Linux is also used as an operating system by people who are interested in free and open-source technology, and by Linux enthusiasts who prefer it over other operating systems.
In this article, we will review some of the most used command-line tools and utilities for network management in Linux, under different categories. We will explain some common usage examples, which will make network management much easier in Linux.
ifconfig is a command-line interface tool for network interface configuration and is also used to initialize interfaces at system boot time. Once a server is up and running, it can be used to assign an IP Address to an interface and enable or disable the interface on demand.
ethtool is a command-line utility for querying and modifying network interface controller parameters and device drivers. The example below shows the usage of ethtool and a command to view the parameters for the network interface.
ping (Packet INternet Groper) is a utility normally used for testing connectivity between two systems on a network (Local Area Network (LAN) or Wide Area Network (WAN)). It uses ICMP (Internet Control Message Protocol) to communicate to nodes on a network.
Traceroute is a command-line utility for tracing the full path from your local system to another network system. It prints a number of hops (router IPs) in that path you travel to reach the end server. It is an easy-to-use network troubleshooting utility after the ping command.
MTR is a modern command-line network diagnostic tool that combines the functionality of ping and traceroute into a single diagnostic tool. Its output is updated in real-time, by default until you exit the program by pressing q.
The route is a command-line utility for displaying or manipulating the IP routing table of a Linux system. It is mainly used to configure static routes to specific hosts or networks via an interface.
netstat is a command-line tool that displays useful information such as network connections, routing tables, interface statistics, and much more, concerning the Linux networking subsystem. It is useful for network troubleshooting and performance analysis.
Additionally, it is also a fundamental network service debugging tool used to check which programs are listening on what ports. For instance, the following command will show all TCP ports in listening mode and what programs are listening on them.
You can also use it as a simple TCP proxy, for network daemon testing, to check if remote ports are reachable, and much more. Furthermore, you can employ nc together with pv command to transfer files between two computers.
Nmap (Network Mapper) is a powerful and extremely versatile tool for Linux system/network administrators. It is used to gather information about a single host or explores networks an entire network. Nmap is also used to perform security scans, network audits and finding open ports on remote hosts and so much more.
You can also save data it has captured to a file for later inspection. It is used by system administrators and network engineers to monitor and inspect the packets for security and troubleshooting purposes.
bmon is a powerful, command line-based network monitoring and debugging utility for Unix-like systems, it captures networking-related statistics and prints them visually in a human-friendly format. It is a reliable and effective real-time bandwidth monitor and rate estimator.
You can share your thoughts about this guide via the comment form below. If we have missed any frequently used and important Linux networking tools/utilities or any useful related information, also let us know.
The courses in the Fundamentals category are designed to provide students with the background they need to succeed in this degree. Courses in this category cover the fundamental concepts of how the internet operates; how to develop network systems; and how to administer the machines (both physical and virtual) that deploy them. These fundamentals courses do not count towards any Computer Science degrees - PhD, MS or MSCPS.
The courses in the Core category begin to lay the foundation for exploring network engineering topics in depth. All aspects of network engineering from the management of network systems to the policies that govern traffic on the internet to the wireless systems that deliver information to devices on the edge are all covered.
Prior understanding of network engineering technologies, Python programming, and Linux system administration is strongly recommended. The required learning objectives can be obtained from courses such as:
The ping (Packet Internet Groper) command can be considered one of the most important commands while troubleshooting your network, as it is the most common way to check the connectivity between the host and the server.
The tcpdump is a packet sniffing and analyzing utility used to capture, analyze and filter network traffic. It can also be used as a security tool because it saves captured data in pcap file which can be accessed through Wireshark.
The nmap is a tool to explore and audit network security. It is often used by hackers and security enthusiasts as it allows you to get real-time info on the network, IPs connected to your network in a detailed manner, port scanning, and much more.
Gain career skills in Linux security, ethical hacking, and penetration testing, network defense & countermeasures, incident response & digital forensics, and cybersecurity programs & policies at Peloton College.
At any given time when using your PC which is connected to a router, you will be part of a network. Whether you are in an office environment or simply working from home, your computer will be in a network.
A computer network is defined as a group of 2 or more computers that are connected and can electronically communicate with each other. The computers are identified using their hostnames, IP, and mac addresses.
A simple home or office network is referred to as a LAN, short for Local Area Network. A LAN covers a small area such as a home, office, or restaurant network. In contrast, a WAN (Wide Area Network) spans a large geographical region. WAN is mostly used to connect various sites such as office buildings in different locations.
The hostname command displays the hostname of a Linux system. This is usually set or configured during the installation.It also is a name that is given to a computer that attached to the network that uniquely identifies over a network and thus allows it to be accessed without using its IP address. To check the hostname, run the command:
If the host name can be resolved, you can display the network address(es) (IP address) of the host name with the -i flag and the -I option establishes all configured network interfaces and shows all network addresses of the host.
The mtr (my traceoute) command combines the functionalities of the ping and traceroute command. with the mtr command, we can display a host of statistics including the host that each packet travels through, and response times for all the network hops. (read more here about mtr command)
With the ifconfig command, we can see a list of the network interfaces attached to the PC along with other statistics such as the IP addresses associated with each interface, subnet mask, and MTU to mention just a few.
Connecting your Linux computer to a network is pretty straightforward, except when it is not. In this article I discuss the main network configuration files for Red Hat-based Linux distributions, and take a look at the two network startup services: the venerable network startup, and the controversial NetworkManager.
Linux easily manages multiple network interface adapters. Laptops typically include both wired and wireless interfaces, and may also support WiMax interfaces for cellular networks. Linux desktop computers also support multiple network interfaces, and you can use your Linux computer as a multi-network client, or as a router for internal networks; such is the case with a couple of my own systems. 2ff7e9595c
Comments