summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authoralan <alan@raven.lizella.net>2010-02-04 13:27:23 -0500
committeralan <alan@raven.lizella.net>2010-02-04 13:27:23 -0500
commit8497c8982e711d8eb56c3823ef447bb2924275ed (patch)
tree0e73ff3d25c34db6c4d4e5d9b63148f6e66d3981
parent084de35d87cea07461288c8da2953a10b4da7017 (diff)
downloadslackbook-8497c8982e711d8eb56c3823ef447bb2924275ed.tar.xz
Added ssh to list of network tools. Network tool descriptions complete
through tcpdump.
-rw-r--r--chapter_15.xml230
1 files changed, 225 insertions, 5 deletions
diff --git a/chapter_15.xml b/chapter_15.xml
index c188c41..d5a05f9 100644
--- a/chapter_15.xml
+++ b/chapter_15.xml
@@ -5,17 +5,237 @@
<chapter>
<title>Basic Networking Commands</title>
+<para>
+So you've finally managed to setup your network connection, now what?
+How do you know that it's working? How do you know that you set it up
+correctly? And just what do you do now that it's setup? Well this
+chapter is for you.
+</para>
+
<section>
<title>Network Diagnostic Tools</title>
<para>
-Lorem ipsum dolor sit amet, consectetur adipisicing elit, sed do
-eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad
-minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip
-ex ea commodo consequat. Duis aute irure dolor in reprehenderit in
-voluptate velit esse cillum dolore eu fugiat nulla pariatur.
+Slackware Linux includes a great many networking tools for
+troubleshooting and diagnosing network connection troubles, or just for
+seeing what's out there on the network. Most of these tools are
+command-line tools, so you can run them from a virtual terminal or in a
+console window on your graphical desktop. A few of them even have
+graphical front-ends, but we're going to deal almost exclusively with
+command-line tools for now.
+</para>
+
+<section>
+<title>ping</title>
+
+<para>
+<application>ping</application>(8) is a handy tool for determining if a
+computer is operational on your network or on the Internet at large.
+You can think of as a type of sonar for computers. By using it, you
+send out a "ping" and listen for an echo to determine if another
+computer or network device is listening. By default,
+<application>ping</application> checks for the remote computer once per
+second indefinitely, but you can change the interval between checks and
+the total number of checks easily, just check the man page. You can
+terminate the application at any time with
+<keycap>CTRL</keycap>-<keycap>c</keycap>. When
+<application>ping</application> is finished, it displays a handy
+summary of its activity. <application>ping</application> is very useful
+for determining if a computer on your network or the Internet is
+available, but some systems block the packets
+<application>ping</application> sends, so sometimes a system may be
+functioning properly, but still not send replies.
+</para>
+
+
+<screen><prompt>darkstar:~# </prompt><userinput>ping -c 3 www.slackware.com</userinput>
+64 bytes from slackware.com (64.57.102.34): icmp_seq=1 ttl=47 time=87.1 ms
+64 bytes from slackware.com (64.57.102.34): icmp_seq=2 ttl=47 time=86.2 ms
+64 bytes from slackware.com (64.57.102.34): icmp_seq=3 ttl=47 time=86.7 ms
+
+--- slackware.com ping statistics ---
+3 packets transmitted, 3 received, 0% packet loss, time 2004ms
+rtt min/avg/max/mdev = 86.282/86.718/87.127/0.345 ms
+</screen>
+
+</section>
+
+<section>
+<title>traceroute</title>
+
+<para>
+<application>traceroute</application>(8) is a handy tool for determining
+what route your packets take to reach some other computer. It's mainly
+of use for determining which computers are "near" or "far" from you.
+This distance isn't strictly geographical, as your Internet Service
+Provider may route traffic from your computer in strange ways.
+<application>traceroute</application> shows you each router between
+your computer and any other machine you wish to connect to.
+Unfortunately, many providers, firewalls, and routers will block
+<application>traceroute</application> so you might not get a complete
+picture when using it. Still, it remains a handy tool for network
+troubleshooting.
+</para>
+
+<screen><prompt>darkstar:~# </prompt><userinput>traceroute www.slackware.com</userinput>
+traceroute to slackware.com (64.57.102.34), 30 hops max, 46 byte
+packets
+ 1 gw.ctsmacon.com (192.168.1.254) 1.468 ms 2.045 ms 1.387 ms
+ 2 10.0.0.1 (10.0.0.1) 7.642 ms 8.019 ms 6.006 ms
+ 3 68.1.8.49 (68.1.8.49) 10.446 ms 9.739 ms 7.003 ms
+ 4 68.1.8.69 (68.1.8.69) 11.564 ms 6.235 ms 7.971 ms
+ 5 dalsbbrj01-ae0.r2.dl.cox.net (68.1.0.142) 43.859 ms 43.287 ms
+44.125 ms
+ 6 dpr1-ge-2-0-0.dallasequinix.savvis.net (204.70.204.146) 41.927 ms
+58.247 ms 44.989 ms
+ 7 cr2-tengige0-7-5-0.dallas.savvis.net (204.70.196.29) 42.577 ms
+46.110 ms 43.977 ms
+ 8 cr1-pos-0-3-3-0.losangeles.savvis.net (204.70.194.53) 78.070 ms
+76.735 ms 76.145 ms
+ 9 bpr1-ge-3-0-0.LosAngeles.savvis.net (204.70.192.222) 77.533 ms
+108.328 ms 120.096 ms
+10 wiltel-communications-group-inc.LosAngeles.savvis.net
+(208.173.55.186) 79.607 ms 76.847 ms 75.998 ms
+11 tg9-4.cr01.lsancarc.integra.net (209.63.113.57) 84.789 ms 85.436
+ms 85.575 ms
+12 tg13-1.cr01.sntdcabl.integra.net (209.63.113.106) 87.608 ms
+84.278 ms 86.922 ms
+13 tg13-4.cr02.sntdcabl.integra.net (209.63.113.134) 87.284 ms
+85.924 ms 86.102 ms
+14 tg13-1.cr02.rcrdcauu.integra.net (209.63.114.169) 85.578 ms
+85.285 ms 84.148 ms
+15 209.63.99.166 (209.63.99.166) 84.515 ms 85.424 ms 85.956 ms
+16 208.186.199.158 (208.186.199.158) 86.557 ms 85.822 ms 86.072 ms
+17 sac-main.cwo.com (209.210.78.20) 88.105 ms 87.467 ms 87.526 ms
+18 slackware.com (64.57.102.34) 85.682 ms 86.322 ms 85.594 ms
+</screen>
+</section>
+
+<section>
+<title>telnet</title>
+
+<para>
+Once upon a time, <application>telnet</application>(1) was the greatest
+thing since sliced bread. Basically, <application>telnet</application>
+opens an unencrypted network connection between two computers and hands
+control of the session to the user rather than some other application.
+Using <application>telnet</application>, people could connect to shells
+on other computers and execute commands as if they were physically
+present. Due to its unencrypted nature this is no longer recommended;
+however, <application>telnet</application> is still used for this
+purpose by many devices.
</para>
+<para>
+Today, <application>telnet</application> is put to better use as a
+network diagnostic tool. Because it passes control of the session
+directly to the user, it can be used for a great variety of testing
+purposes. As long as you know what ASCII commands to send to the
+receiving computer, you can do any number of activies, such as read web
+pages or check your e-mail. Simply inform
+<application>telnet</application> what network port to use, and you're
+all set.
+</para>
+
+<screen><prompt>darkstar:~# </prompt><userinput>telnet www.slackware.com 80</userinput>
+Trying 64.57.102.34...
+Connected to www.slackware.com.
+Escape character is '^]'.
+<userinput>HEAD / HTTP/1.1
+Host: www.slackware.com
+</userinput>
+HTTP/1.1 200 OK
+Date: Thu, 04 Feb 2010 18:01:35 GMT
+Server: Apache/1.3.27 (Unix) PHP/4.3.1
+Last-Modified: Fri, 28 Aug 2009 01:30:27 GMT
+ETag: "61dc2-5374-4a973333"
+Accept-Ranges: bytes
+Content-Length: 21364
+Content-Type: text/html
+</screen>
+
+</section>
+
+<section>
+<title>ssh</title>
+
+<para>
+As we mentioned, <application>telnet</application> may be useful as a
+diagnostic tool, but its unencrypted nature makes it a security concern
+for shell access. Thankfully, there's the secure shell protocol. Nearly
+every Linux, UNIX, and BSD distribution today makes use of OpenSSH, or
+<application>ssh</application>(1) for short. It is one of the most
+commonly used network tools today and makes use of the strongest
+cryptographic techniques. <application>ssh</application> has many
+features, configuration options, and neat hacks, enough to fill its own
+book, so we'll only go into the basics here. Simply run
+<application>ssh</application> with the user name and the host and
+you'll be connected to it quickly and safely. If this is the first time
+you are connecting to this computer, <application>ssh</application>
+will ask you to confirm your desire, and make a local copy of the
+encryption key to use. Should this key later change,
+<application>ssh</application> will warn you and refuse to connect
+because it is possible that some one is attempting to hijack the
+connection using what is known as a man-in-the-middle attack.
+</para>
+
+<screen><prompt>darkstar:~# </prompt><userinput>ssh alan@slackware.com</userinput>
+alan@slackware.com's password: <userinput>secret</userinput>
+<prompt>alan@slackware.com:~$ </prompt>
+</screen>
+
+<para>
+The user and hostname are in the same form used by e-mail addresses.
+If you leave off the username part, <application>ssh</application> will
+use your current username when establishing the connection.
+</para>
+
+</section>
+
+<section>
+<title>tcpdump</title>
+
+<para>
+So far all the tools we've looked at have focused on making connections
+to other computers, but now we're going to look at the traffic itself.
+<application>tcpdump</application>(1) (which must be run as root)
+allows us to few all or part of the network traffic originating or
+received by our computer. <application>tcpdump</application> displays
+the raw data packets in a variety of ways with all the network headers
+intact. Don't be alarmed if you don't understand everything it
+displays, <application>tcpdump</application> is a tool for professional
+network engineers and system administrators. By default, it probes the
+first network card it finds, but if you have multiple interfaces,
+simply use the <arg>-i</arg> argument to specify which one you're
+interested in. You can also limit the data displayed using expressions
+and change the manner in which it is displayed, but that is best
+explained by the man page and other reference material.
+</para>
+
+<screen><prompt>darkstar:~# </prompt><userinput>tcpdump -i wlan0</userinput>
+tcpdump: verbose output suppressed, use -v or -vv for full protocol
+decode
+listening on wlan0, link-type EN10MB (Ethernet), capture size 96 bytes
+13:22:28.221985 IP gw.ctsmacon.com.microsoft-ds > 192.168.1.198.59387:
+Flags [P.], ack 838190560, win 3079, options [nop,nop,TS val 1382697489
+ecr 339048583], length 164WARNING: Short packet. Try increasing the
+snap length by 140
+SMB PACKET: SMBtrans2 (REPLY)
+
+13:22:28.222392 IP 192.168.1.198.59387 > gw.ctsmacon.com.microsoft-ds:
+Flags [P.], ack 164, win 775, options [nop,nop,TS val 339048667 ecr
+1382697489], length 134WARNING: Short packet. Try increasing the snap
+length by 110
+SMB PACKET: SMBtrans2 (REQUEST)
+</screen>
+
+</section>
+
+<section>
+<title>nmap</title>
+
+</section>
+
</section>
<section>