diff options
author | alan <alan@raven.lizella.net> | 2010-02-04 13:27:23 -0500 |
---|---|---|
committer | alan <alan@raven.lizella.net> | 2010-02-04 13:27:23 -0500 |
commit | 8497c8982e711d8eb56c3823ef447bb2924275ed (patch) | |
tree | 0e73ff3d25c34db6c4d4e5d9b63148f6e66d3981 | |
parent | 084de35d87cea07461288c8da2953a10b4da7017 (diff) | |
download | slackbook-8497c8982e711d8eb56c3823ef447bb2924275ed.tar.xz |
Added ssh to list of network tools. Network tool descriptions complete
through tcpdump.
-rw-r--r-- | chapter_15.xml | 230 |
1 files changed, 225 insertions, 5 deletions
diff --git a/chapter_15.xml b/chapter_15.xml index c188c41..d5a05f9 100644 --- a/chapter_15.xml +++ b/chapter_15.xml @@ -5,17 +5,237 @@ <chapter> <title>Basic Networking Commands</title> +<para> +So you've finally managed to setup your network connection, now what? +How do you know that it's working? How do you know that you set it up +correctly? And just what do you do now that it's setup? Well this +chapter is for you. +</para> + <section> <title>Network Diagnostic Tools</title> <para> -Lorem ipsum dolor sit amet, consectetur adipisicing elit, sed do -eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad -minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip -ex ea commodo consequat. Duis aute irure dolor in reprehenderit in -voluptate velit esse cillum dolore eu fugiat nulla pariatur. +Slackware Linux includes a great many networking tools for +troubleshooting and diagnosing network connection troubles, or just for +seeing what's out there on the network. Most of these tools are +command-line tools, so you can run them from a virtual terminal or in a +console window on your graphical desktop. A few of them even have +graphical front-ends, but we're going to deal almost exclusively with +command-line tools for now. +</para> + +<section> +<title>ping</title> + +<para> +<application>ping</application>(8) is a handy tool for determining if a +computer is operational on your network or on the Internet at large. +You can think of as a type of sonar for computers. By using it, you +send out a "ping" and listen for an echo to determine if another +computer or network device is listening. By default, +<application>ping</application> checks for the remote computer once per +second indefinitely, but you can change the interval between checks and +the total number of checks easily, just check the man page. You can +terminate the application at any time with +<keycap>CTRL</keycap>-<keycap>c</keycap>. When +<application>ping</application> is finished, it displays a handy +summary of its activity. <application>ping</application> is very useful +for determining if a computer on your network or the Internet is +available, but some systems block the packets +<application>ping</application> sends, so sometimes a system may be +functioning properly, but still not send replies. +</para> + + +<screen><prompt>darkstar:~# </prompt><userinput>ping -c 3 www.slackware.com</userinput> +64 bytes from slackware.com (64.57.102.34): icmp_seq=1 ttl=47 time=87.1 ms +64 bytes from slackware.com (64.57.102.34): icmp_seq=2 ttl=47 time=86.2 ms +64 bytes from slackware.com (64.57.102.34): icmp_seq=3 ttl=47 time=86.7 ms + +--- slackware.com ping statistics --- +3 packets transmitted, 3 received, 0% packet loss, time 2004ms +rtt min/avg/max/mdev = 86.282/86.718/87.127/0.345 ms +</screen> + +</section> + +<section> +<title>traceroute</title> + +<para> +<application>traceroute</application>(8) is a handy tool for determining +what route your packets take to reach some other computer. It's mainly +of use for determining which computers are "near" or "far" from you. +This distance isn't strictly geographical, as your Internet Service +Provider may route traffic from your computer in strange ways. +<application>traceroute</application> shows you each router between +your computer and any other machine you wish to connect to. +Unfortunately, many providers, firewalls, and routers will block +<application>traceroute</application> so you might not get a complete +picture when using it. Still, it remains a handy tool for network +troubleshooting. +</para> + +<screen><prompt>darkstar:~# </prompt><userinput>traceroute www.slackware.com</userinput> +traceroute to slackware.com (64.57.102.34), 30 hops max, 46 byte +packets + 1 gw.ctsmacon.com (192.168.1.254) 1.468 ms 2.045 ms 1.387 ms + 2 10.0.0.1 (10.0.0.1) 7.642 ms 8.019 ms 6.006 ms + 3 68.1.8.49 (68.1.8.49) 10.446 ms 9.739 ms 7.003 ms + 4 68.1.8.69 (68.1.8.69) 11.564 ms 6.235 ms 7.971 ms + 5 dalsbbrj01-ae0.r2.dl.cox.net (68.1.0.142) 43.859 ms 43.287 ms +44.125 ms + 6 dpr1-ge-2-0-0.dallasequinix.savvis.net (204.70.204.146) 41.927 ms +58.247 ms 44.989 ms + 7 cr2-tengige0-7-5-0.dallas.savvis.net (204.70.196.29) 42.577 ms +46.110 ms 43.977 ms + 8 cr1-pos-0-3-3-0.losangeles.savvis.net (204.70.194.53) 78.070 ms +76.735 ms 76.145 ms + 9 bpr1-ge-3-0-0.LosAngeles.savvis.net (204.70.192.222) 77.533 ms +108.328 ms 120.096 ms +10 wiltel-communications-group-inc.LosAngeles.savvis.net +(208.173.55.186) 79.607 ms 76.847 ms 75.998 ms +11 tg9-4.cr01.lsancarc.integra.net (209.63.113.57) 84.789 ms 85.436 +ms 85.575 ms +12 tg13-1.cr01.sntdcabl.integra.net (209.63.113.106) 87.608 ms +84.278 ms 86.922 ms +13 tg13-4.cr02.sntdcabl.integra.net (209.63.113.134) 87.284 ms +85.924 ms 86.102 ms +14 tg13-1.cr02.rcrdcauu.integra.net (209.63.114.169) 85.578 ms +85.285 ms 84.148 ms +15 209.63.99.166 (209.63.99.166) 84.515 ms 85.424 ms 85.956 ms +16 208.186.199.158 (208.186.199.158) 86.557 ms 85.822 ms 86.072 ms +17 sac-main.cwo.com (209.210.78.20) 88.105 ms 87.467 ms 87.526 ms +18 slackware.com (64.57.102.34) 85.682 ms 86.322 ms 85.594 ms +</screen> +</section> + +<section> +<title>telnet</title> + +<para> +Once upon a time, <application>telnet</application>(1) was the greatest +thing since sliced bread. Basically, <application>telnet</application> +opens an unencrypted network connection between two computers and hands +control of the session to the user rather than some other application. +Using <application>telnet</application>, people could connect to shells +on other computers and execute commands as if they were physically +present. Due to its unencrypted nature this is no longer recommended; +however, <application>telnet</application> is still used for this +purpose by many devices. </para> +<para> +Today, <application>telnet</application> is put to better use as a +network diagnostic tool. Because it passes control of the session +directly to the user, it can be used for a great variety of testing +purposes. As long as you know what ASCII commands to send to the +receiving computer, you can do any number of activies, such as read web +pages or check your e-mail. Simply inform +<application>telnet</application> what network port to use, and you're +all set. +</para> + +<screen><prompt>darkstar:~# </prompt><userinput>telnet www.slackware.com 80</userinput> +Trying 64.57.102.34... +Connected to www.slackware.com. +Escape character is '^]'. +<userinput>HEAD / HTTP/1.1 +Host: www.slackware.com +</userinput> +HTTP/1.1 200 OK +Date: Thu, 04 Feb 2010 18:01:35 GMT +Server: Apache/1.3.27 (Unix) PHP/4.3.1 +Last-Modified: Fri, 28 Aug 2009 01:30:27 GMT +ETag: "61dc2-5374-4a973333" +Accept-Ranges: bytes +Content-Length: 21364 +Content-Type: text/html +</screen> + +</section> + +<section> +<title>ssh</title> + +<para> +As we mentioned, <application>telnet</application> may be useful as a +diagnostic tool, but its unencrypted nature makes it a security concern +for shell access. Thankfully, there's the secure shell protocol. Nearly +every Linux, UNIX, and BSD distribution today makes use of OpenSSH, or +<application>ssh</application>(1) for short. It is one of the most +commonly used network tools today and makes use of the strongest +cryptographic techniques. <application>ssh</application> has many +features, configuration options, and neat hacks, enough to fill its own +book, so we'll only go into the basics here. Simply run +<application>ssh</application> with the user name and the host and +you'll be connected to it quickly and safely. If this is the first time +you are connecting to this computer, <application>ssh</application> +will ask you to confirm your desire, and make a local copy of the +encryption key to use. Should this key later change, +<application>ssh</application> will warn you and refuse to connect +because it is possible that some one is attempting to hijack the +connection using what is known as a man-in-the-middle attack. +</para> + +<screen><prompt>darkstar:~# </prompt><userinput>ssh alan@slackware.com</userinput> +alan@slackware.com's password: <userinput>secret</userinput> +<prompt>alan@slackware.com:~$ </prompt> +</screen> + +<para> +The user and hostname are in the same form used by e-mail addresses. +If you leave off the username part, <application>ssh</application> will +use your current username when establishing the connection. +</para> + +</section> + +<section> +<title>tcpdump</title> + +<para> +So far all the tools we've looked at have focused on making connections +to other computers, but now we're going to look at the traffic itself. +<application>tcpdump</application>(1) (which must be run as root) +allows us to few all or part of the network traffic originating or +received by our computer. <application>tcpdump</application> displays +the raw data packets in a variety of ways with all the network headers +intact. Don't be alarmed if you don't understand everything it +displays, <application>tcpdump</application> is a tool for professional +network engineers and system administrators. By default, it probes the +first network card it finds, but if you have multiple interfaces, +simply use the <arg>-i</arg> argument to specify which one you're +interested in. You can also limit the data displayed using expressions +and change the manner in which it is displayed, but that is best +explained by the man page and other reference material. +</para> + +<screen><prompt>darkstar:~# </prompt><userinput>tcpdump -i wlan0</userinput> +tcpdump: verbose output suppressed, use -v or -vv for full protocol +decode +listening on wlan0, link-type EN10MB (Ethernet), capture size 96 bytes +13:22:28.221985 IP gw.ctsmacon.com.microsoft-ds > 192.168.1.198.59387: +Flags [P.], ack 838190560, win 3079, options [nop,nop,TS val 1382697489 +ecr 339048583], length 164WARNING: Short packet. Try increasing the +snap length by 140 +SMB PACKET: SMBtrans2 (REPLY) + +13:22:28.222392 IP 192.168.1.198.59387 > gw.ctsmacon.com.microsoft-ds: +Flags [P.], ack 164, win 775, options [nop,nop,TS val 339048667 ecr +1382697489], length 134WARNING: Short packet. Try increasing the snap +length by 110 +SMB PACKET: SMBtrans2 (REQUEST) +</screen> + +</section> + +<section> +<title>nmap</title> + +</section> + </section> <section> |