1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
|
<?xml version="1.0"?>
<!DOCTYPE chapter PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN"
"/usr/share/xml/docbook/xml-dtd-4.5/docbookx.dtd">
<chapter>
<title>Basic Networking Commands</title>
<para>
So you've finally managed to setup your network connection, now what?
How do you know that it's working? How do you know that you set it up
correctly? And just what do you do now that it's setup? Well this
chapter is for you.
</para>
<section>
<title>Network Diagnostic Tools</title>
<para>
Slackware Linux includes a great many networking tools for
troubleshooting and diagnosing network connection troubles, or just for
seeing what's out there on the network. Most of these tools are
command-line tools, so you can run them from a virtual terminal or in a
console window on your graphical desktop. A few of them even have
graphical front-ends, but we're going to deal almost exclusively with
command-line tools for now.
</para>
<section>
<title>ping</title>
<para>
<application>ping</application>(8) is a handy tool for determining if a
computer is operational on your network or on the Internet at large.
You can think of as a type of sonar for computers. By using it, you
send out a "ping" and listen for an echo to determine if another
computer or network device is listening. By default,
<application>ping</application> checks for the remote computer once per
second indefinitely, but you can change the interval between checks and
the total number of checks easily, just check the man page. You can
terminate the application at any time with
<keycap>CTRL</keycap>-<keycap>c</keycap>. When
<application>ping</application> is finished, it displays a handy
summary of its activity. <application>ping</application> is very useful
for determining if a computer on your network or the Internet is
available, but some systems block the packets
<application>ping</application> sends, so sometimes a system may be
functioning properly, but still not send replies.
</para>
<screen><prompt>darkstar:~# </prompt><userinput>ping -c 3 www.slackware.com</userinput>
64 bytes from slackware.com (64.57.102.34): icmp_seq=1 ttl=47 time=87.1 ms
64 bytes from slackware.com (64.57.102.34): icmp_seq=2 ttl=47 time=86.2 ms
64 bytes from slackware.com (64.57.102.34): icmp_seq=3 ttl=47 time=86.7 ms
--- slackware.com ping statistics ---
3 packets transmitted, 3 received, 0% packet loss, time 2004ms
rtt min/avg/max/mdev = 86.282/86.718/87.127/0.345 ms
</screen>
</section>
<section>
<title>traceroute</title>
<para>
<application>traceroute</application>(8) is a handy tool for determining
what route your packets take to reach some other computer. It's mainly
of use for determining which computers are "near" or "far" from you.
This distance isn't strictly geographical, as your Internet Service
Provider may route traffic from your computer in strange ways.
<application>traceroute</application> shows you each router between
your computer and any other machine you wish to connect to.
Unfortunately, many providers, firewalls, and routers will block
<application>traceroute</application> so you might not get a complete
picture when using it. Still, it remains a handy tool for network
troubleshooting.
</para>
<screen><prompt>darkstar:~# </prompt><userinput>traceroute www.slackware.com</userinput>
traceroute to slackware.com (64.57.102.34), 30 hops max, 46 byte
packets
1 gw.ctsmacon.com (192.168.1.254) 1.468 ms 2.045 ms 1.387 ms
2 10.0.0.1 (10.0.0.1) 7.642 ms 8.019 ms 6.006 ms
3 68.1.8.49 (68.1.8.49) 10.446 ms 9.739 ms 7.003 ms
4 68.1.8.69 (68.1.8.69) 11.564 ms 6.235 ms 7.971 ms
5 dalsbbrj01-ae0.r2.dl.cox.net (68.1.0.142) 43.859 ms 43.287 ms
44.125 ms
6 dpr1-ge-2-0-0.dallasequinix.savvis.net (204.70.204.146) 41.927 ms
58.247 ms 44.989 ms
7 cr2-tengige0-7-5-0.dallas.savvis.net (204.70.196.29) 42.577 ms
46.110 ms 43.977 ms
8 cr1-pos-0-3-3-0.losangeles.savvis.net (204.70.194.53) 78.070 ms
76.735 ms 76.145 ms
9 bpr1-ge-3-0-0.LosAngeles.savvis.net (204.70.192.222) 77.533 ms
108.328 ms 120.096 ms
10 wiltel-communications-group-inc.LosAngeles.savvis.net
(208.173.55.186) 79.607 ms 76.847 ms 75.998 ms
11 tg9-4.cr01.lsancarc.integra.net (209.63.113.57) 84.789 ms 85.436
ms 85.575 ms
12 tg13-1.cr01.sntdcabl.integra.net (209.63.113.106) 87.608 ms
84.278 ms 86.922 ms
13 tg13-4.cr02.sntdcabl.integra.net (209.63.113.134) 87.284 ms
85.924 ms 86.102 ms
14 tg13-1.cr02.rcrdcauu.integra.net (209.63.114.169) 85.578 ms
85.285 ms 84.148 ms
15 209.63.99.166 (209.63.99.166) 84.515 ms 85.424 ms 85.956 ms
16 208.186.199.158 (208.186.199.158) 86.557 ms 85.822 ms 86.072 ms
17 sac-main.cwo.com (209.210.78.20) 88.105 ms 87.467 ms 87.526 ms
18 slackware.com (64.57.102.34) 85.682 ms 86.322 ms 85.594 ms
</screen>
</section>
<section>
<title>telnet</title>
<para>
Once upon a time, <application>telnet</application>(1) was the greatest
thing since sliced bread. Basically, <application>telnet</application>
opens an unencrypted network connection between two computers and hands
control of the session to the user rather than some other application.
Using <application>telnet</application>, people could connect to shells
on other computers and execute commands as if they were physically
present. Due to its unencrypted nature this is no longer recommended;
however, <application>telnet</application> is still used for this
purpose by many devices.
</para>
<para>
Today, <application>telnet</application> is put to better use as a
network diagnostic tool. Because it passes control of the session
directly to the user, it can be used for a great variety of testing
purposes. As long as you know what ASCII commands to send to the
receiving computer, you can do any number of activies, such as read web
pages or check your e-mail. Simply inform
<application>telnet</application> what network port to use, and you're
all set.
</para>
<screen><prompt>darkstar:~# </prompt><userinput>telnet www.slackware.com 80</userinput>
Trying 64.57.102.34...
Connected to www.slackware.com.
Escape character is '^]'.
<userinput>HEAD / HTTP/1.1
Host: www.slackware.com
</userinput>
HTTP/1.1 200 OK
Date: Thu, 04 Feb 2010 18:01:35 GMT
Server: Apache/1.3.27 (Unix) PHP/4.3.1
Last-Modified: Fri, 28 Aug 2009 01:30:27 GMT
ETag: "61dc2-5374-4a973333"
Accept-Ranges: bytes
Content-Length: 21364
Content-Type: text/html
</screen>
</section>
<section>
<title>ssh</title>
<para>
As we mentioned, <application>telnet</application> may be useful as a
diagnostic tool, but its unencrypted nature makes it a security concern
for shell access. Thankfully, there's the secure shell protocol. Nearly
every Linux, UNIX, and BSD distribution today makes use of OpenSSH, or
<application>ssh</application>(1) for short. It is one of the most
commonly used network tools today and makes use of the strongest
cryptographic techniques. <application>ssh</application> has many
features, configuration options, and neat hacks, enough to fill its own
book, so we'll only go into the basics here. Simply run
<application>ssh</application> with the user name and the host and
you'll be connected to it quickly and safely. If this is the first time
you are connecting to this computer, <application>ssh</application>
will ask you to confirm your desire, and make a local copy of the
encryption key to use. Should this key later change,
<application>ssh</application> will warn you and refuse to connect
because it is possible that some one is attempting to hijack the
connection using what is known as a man-in-the-middle attack.
</para>
<screen><prompt>darkstar:~# </prompt><userinput>ssh alan@slackware.com</userinput>
alan@slackware.com's password: <userinput>secret</userinput>
<prompt>alan@slackware.com:~$ </prompt>
</screen>
<para>
The user and hostname are in the same form used by e-mail addresses.
If you leave off the username part, <application>ssh</application> will
use your current username when establishing the connection.
</para>
</section>
<section>
<title>tcpdump</title>
<para>
So far all the tools we've looked at have focused on making connections
to other computers, but now we're going to look at the traffic itself.
<application>tcpdump</application>(1) (which must be run as root)
allows us to few all or part of the network traffic originating or
received by our computer. <application>tcpdump</application> displays
the raw data packets in a variety of ways with all the network headers
intact. Don't be alarmed if you don't understand everything it
displays, <application>tcpdump</application> is a tool for professional
network engineers and system administrators. By default, it probes the
first network card it finds, but if you have multiple interfaces,
simply use the <arg>-i</arg> argument to specify which one you're
interested in. You can also limit the data displayed using expressions
and change the manner in which it is displayed, but that is best
explained by the man page and other reference material.
</para>
<screen><prompt>darkstar:~# </prompt><userinput>tcpdump -i wlan0</userinput>
tcpdump: verbose output suppressed, use -v or -vv for full protocol
decode
listening on wlan0, link-type EN10MB (Ethernet), capture size 96 bytes
13:22:28.221985 IP gw.ctsmacon.com.microsoft-ds > 192.168.1.198.59387:
Flags [P.], ack 838190560, win 3079, options [nop,nop,TS val 1382697489
ecr 339048583], length 164WARNING: Short packet. Try increasing the
snap length by 140
SMB PACKET: SMBtrans2 (REPLY)
13:22:28.222392 IP 192.168.1.198.59387 > gw.ctsmacon.com.microsoft-ds:
Flags [P.], ack 164, win 775, options [nop,nop,TS val 339048667 ecr
1382697489], length 134WARNING: Short packet. Try increasing the snap
length by 110
SMB PACKET: SMBtrans2 (REQUEST)
</screen>
</section>
<section>
<title>nmap</title>
<para>
Suppose you need to know what network services are running on a
machine, or multiple machines, or you wish to determine if multiple
machines are responsive? You could <application>ping</application>
each one individually, <application>telnet</application> to each port
you're interested in, and note every detail, but that's very tedious
and time consuming. A much easier alternative is to use a port scanner,
and <application>nmap</application>(1) is just the tool for the job.
<application>nmap</application> is capable of scanning TCP and UDP
ports, determining the operating system of a network device, probing
each located service to determine its specific type, and much much
more. Perhaps the simplist way to use <application>nmap</application>
is to "ping" multiple computers at once. You can use network address
notation (CIDR) or specify a range of addresses and
<application>nmap</application> will scan every one and return the
results to you when it's finished. You can even specify host names as
you like.
</para>
<para>
In order to "ping" hosts, you'll have to use the <arg>-sP</arg>
argument. The following command instructs
<application>nmap</application> to "ping" www.slackware.com and the 16
IP addresses starting at 72.168.24.0 and ending at 72.168.24.15.
</para>
<screen><prompt>darkstar:~# </prompt><userinput>nmap -sP www.slackware.com 72.168.24.0/28</userinput>
</screen>
<para>
Should you need to perform a port scan, <application>nmap</application>
has many options for doing just that. When run without any arguments,
<application>nmap</application> performs a standard TCP port scan on all
hosts specified. There are also options to make
<application>nmap</application> more or less aggressive with its
scanning to return results quicker or fool intrusion detection
services. For a full discussion, you should refer to the rather
exhaustive man page. The following three commands perform a regular
port scan, a SYN scan, and a "Christmas tree" scan.
</para>
<screen><prompt>darkstar:~# </prompt><userinput>nmap www.example.com</userinput>
<prompt>darkstar:~# </prompt><userinput>nmap -sS www.example.com</userinput>
<prompt>darkstar:~# </prompt><userinput>nmap -sX www.example.com</userinput>
</screen>
<para>
Be warned! Some Internet Service Providers frown heavily on port
scanning and may take measures to prevent you from doing it.
<application>nmap</application> and applications like it are best used
on your own systems for maintenance and security purposes, not as
general purpose Internet scanners.
</para>
</section>
</section>
<section>
<title>Web Browsers</title>
<para>
Lorem ipsum dolor sit amet, consectetur adipisicing elit, sed do
eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad
minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip
ex ea commodo consequat. Duis aute irure dolor in reprehenderit in
voluptate velit esse cillum dolore eu fugiat nulla pariatur.
</para>
</section>
<section>
<title>FTP Clients</title>
<para>
Lorem ipsum dolor sit amet, consectetur adipisicing elit, sed do
eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad
minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip
ex ea commodo consequat. Duis aute irure dolor in reprehenderit in
voluptate velit esse cillum dolore eu fugiat nulla pariatur.
</para>
</section>
<section>
<title>NNTP Clients</title>
</section>
<section>
<title>Remote Access</title>
</section>
</chapter>
|
