linux networking commands. commands reviewed ifconfig dmesg netstat ping route tcpdump wireshark...

Click here to load reader

Post on 24-Dec-2015




3 download

Embed Size (px)


  • Slide 1
  • Linux Networking Commands
  • Slide 2
  • Commands Reviewed Ifconfig dmesg netstat ping route tcpdump wireshark traceroute nslookup arp dig
  • Slide 3
  • ifconfig ifconfig is used to assign an address to a network interface and/or configure network interface parameters. To determine if an interface has been recognized and configured on a system To initially assign an IP address to an interface to bring an interface up or down
  • Slide 4
  • View All Network Setting The ifconfig command with no arguments will display all the active interfaces details.
  • Slide 5
  • Display Information of All Network Interfaces ifconfig command with -a argument will display information of all active or inactive network interfaces on server.
  • Slide 6
  • ifconfig View Network Settings of Specific Interface Enable an Network Interface
  • Slide 7
  • ifconfig Assign a IP Address to Network Interface [root@tecmint ~]# ifconfig eth0 Assign a netmask to Network Interface [root@tecmint ~]# ifconfig eth0 netmask Assign a Broadcast to Network Interface [root@tecmint ~]# ifconfig eth0 broadcast Assign all in one command [root@tecmint ~]# ifconfig eth0 netmask broadcast Change the MAC address of Network Interface [root@tecmint ~]# ifconfig eth0 hw ether AA:BB:CC:DD:EE:FF
  • Slide 8
  • ifconfig Change MTU for an Network Interface [root@tecmint ~]# ifconfig eth0 mtu 1000 Enable and disablePromiscuous Mode [root@tecmint ~]# ifconfig eth0 promisc [root@tecmint ~]# ifconfig eth0 promisc Add or remove New Alias to Network Interface [root@tecmint ~]# ifconfig eth0:0 [root@tecmint ~]# ifconfig eth0:0 down Verify the newly created alias network interface address [root@tecmint ~]# ifconfig eth0:0 eth0:0 Link encap:Ethernet HWaddr 00:01:6C:99:14:68 inet addr: Bcast: Mask: UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 Interrupt:17
  • Slide 9
  • See if the device has been found - use dmesg The command 'dmesg', which is used to print kernel messages, is very useful in determining if a piece of hardware has been found, and if so, what the system is referring to it as. Examples: dmesg dmesg | grep -i eth0 dmesg | grep -i usb dmesg | grep -i Memory dmesg | grep -i bluetooth dmesg | grep -i tty dmesg c clear dmesg logs from boot time to till that time
  • Slide 10
  • ping Confirm that a remote host is online and responding. ping is intended for use in network testing, measurement, and management. It is unwise to use ping during normal operations or from automated scripts.
  • Slide 11
  • Decrease /Increase Ping Time Interval $ ping -i 5 IP # ping -i 0.1 IP Note: Only super user can specify interval less than 0.2 seconds. Check local interface $ ping 0 $ ping localhost $ ping Send n packets and stop: $ ping -c 5 Display the current version of ping program $ ping -V
  • Slide 12
  • Ping 5. Flood the network # ping -f localhost Audible ping: $ ping -a IP Change Ping Packet Size $ ping -s 100 localhost Specify path for ping to send the packet $ ping Record and print route of how ECHO_REQUEST sent and ECHO_REPLY received $ ping -R
  • Slide 13
  • Route command Display Existing Routes if the destination is within the network range, then the gateway is *, which is By default route command displays the host name in its output. We can request it to display the numerical IP address using -n option as shown below.
  • Slide 14
  • Adding a Default Gateway $ route add default gw List Kernels Routing Cache Information Reject Routing to a Particular Host or Network route add -host reject
  • Slide 15
  • traceroute traceroute attempts tracing by launching UDP probe packets with a small TTL (time to live), then listening for an ICMP "time exceeded" reply from a gateway. host is the destination hostname or the IP number of host to reach. packetsize is the packet size in bytes of the probe datagram. Default is 38 bytes. Note Traceroute has lost some of its effectiveness since most ISPs disallow it from running on their networks
  • Slide 16
  • netstat List out all connections $ netstat a List only TCP or UDP connections $ netstat at $ netstat au Disable reverse dns lookup for faster output: By default, the netstat command tries to find out the hostname of each ip address in the connection by doing a reverse dns lookup. This slows down the output. $ netstat -ant
  • Slide 17
  • netstat Print statistic $ netstat -s List out only listening connections $ netstat tnl Get process name/pid and user id $ sudo netstat nlpt Use the e option along with the p option to get the username too. $ sudo netstat -ltpe
  • Slide 18
  • netstat -nr [root@localhost root]# netstat -nr Kernel IP routing table Destination Gateway Genmask Flags MSS Window irtt Iface U 40 0 0 eth0 U 40 0 0 eth1 U 40 0 0 lo UG 40 0 0 eth1
  • Slide 19
  • nslookup Query Internet domain name servers. $ nslookup $ nslookup -query=mx nslookup -type=ns Query the SOA Record using -query=soa provides the authoritative information about the domain, the e-mail address of the domain admin, the domain serial number, etc $ nslookup -type=soa View available DNS records using -query=any $ nslookup -type=any Reverse DNS lookup $ nslookup
  • Slide 20
  • arp -a [root@localhost root]# arp -a ( at 00:04:5A:DB:A1:C5 [ether] on eth1 ( at 00:10:E0:04:61:84 [ether] on eth0 ( at 00:09:B7:13:AA:13 [ether] on eth1
  • Slide 21
  • dig - supercharged nslookup oroot@localhost root]# dig ; > DiG 9.1.3 > ;; global options: printcmd ;; Got answer: ;; ->>HEADER

View more