Add to collection(s) Add to saved
  1. Engineering & Technology
  2. Computer Science
  3. Computer Networks

174Command linux - Kent State University

advertisement 
Salah Alamri
04/02/2015
Information Security
Homework 1
Q: Find and describe the Linux/Unix commands that allow network spying
and information gathering. These include netstat, ifconfig, ping, traceroute,
but there are others.
Command
1. Netstat
2. Ifconfig
3. Ping
4. Traceroute
5. Route
6. Tcpdump
7. Ifup
8. Ifcfg
9. Dig
10.Findsmb
11.Nmap
Description
Displays contents of /proc/net files. It works with the Linux Network
Subsystem, it will tell you what the statuses of ports are i.e. Open, closed,
waiting, masquerade connection. It will also display various other things.
This command is used to configure network interfaces, or to display their
current configuration.
In addition to activating and deactivating interfaces with the “up” and
“down” settings, this command is necessary for setting an interface's
address information if you don't have the ifcfg script.
The ping command (named after the sound of an active sonar system)
sends echo requests to the host you specify on the command line, and
lists the responses received their round trip time.
Traceroute will show the route of a packet. It attempts to list the series of
hosts through which your packets travel on their way to a given
destination.
Also have a look at xtraceroute (one of several graphical equivalents of
this program).
The route command is the tool used to display or modify the
routing table.
This is a sniffer, a program that captures packets off a
network interface and interprets them for you. It understands all
basic internet protocols, and can be used to save entire packets for later
inspection.
Use ifup device-name to bring an interface up by following a script
(which will contain your default networking settings). Simply
type ifup and you will get help on using the script.
Use ifcfg to configure a particular interface. Simply type ifcfg to get
help on using this script.
Dig (domain information groper) query DNS related information like A
Record, CNAME, and MX Record etc.
Findsmb is used to list info about machines that respond to SMB name
queries (for example windows based machines sharing their hard disk's).
Nmap is a very advanced network tool used to query machines (local or
remote) as to whether they are up and what ports are open on these
machines.
12.Ifdown
13.Hostname
Use ifdown device-name to bring an interface down using a script (which
will contain your default network settings). Simply type ifdown and you
will get help on using the script.
Tells the user the host name of the computer they are logged into. Note:
may be called host.
14.Tracepath
Tracepath performs a very similar function to traceroute the main
difference is that tracepath doesn't take complicated options.
15.Nslookup
16.Host
Nslookup command also uses to find out DNS related query.
Host command to find name to IP or IP to name in IPv4 or IPv6 and also
query DNS records.
ARP (Address Resolution Protocol) is useful to view / add the contents of
the kernel’s ARP tables.
Ethtool is a replacement of mii-tool. It is to view, setting speed and
duplex of your Network Interface Card (NIC).
Iwconfig command in Linux is use to configure a wireless network
interface. You can see and set the basic Wi-Fi details like SSID channel
and encryption.
Type system-config-network in command prompt to configure network
setting and you will get nice Graphical User Interface (GUI) which may
also use to configure IP Address, Gateway, DNS etc.
17.Arp
18.Ethtool
19.Iwconfig
20.GUI tool systemconfig-network
21.Telnet
22.Nload
23.Iftop
24.Iptraf
25.Nethogs
26.Bmon
27.Slurm
28.Tcptrack
29.Vnstat
Someone once stated that telnet was the coolest thing he had ever seen on
computers.
Nload is a command line tool that allows users to monitor the incoming
and outgoing traffic separately.
Iftop measures the data flowing through individual socket connections,
and it works in a manner that is different from Nload.
Iptraf is an interactive and colorful IP Lan monitor. It shows individual
connections and the amount of data flowing between the hosts.
Nethogs is a small 'net top' tool that shows the bandwidth used by
individual processes and sorts the list putting the most intensive processes
on top. In the event of a sudden bandwidth spike, quickly open nethogs
and find the process responsible.
Bmon (Bandwidth Monitor) is a tool similar to nload that shows the
traffic load over all the network interfaces on the system.
Slurm is 'yet' another network load monitor that shows device statistics
along with an ascii graph. It supports 3 different styles of graphs each of
which can be activated using the c, s and l keys.
Tcptrack is similar to iftop, and uses the pcap library to capture packets
and calculate various statistics like the bandwidth used in each
connection.
Vnstat is bit different from most of the other tools. It actually runs a
background service/daemon and keeps recording the size of data transfer
all the time.
30.Bwm-ng
31.Cbm
32.Speedometer
33.Pktstat
34.Netwatch
35.Trafshow
36.Netload
37.Ifstat
38.Dstat
39.Collectl
Bwm-ng (Bandwidth Monitor Next Generation) is another very simple
real time network load monitor that reports a summary of the speed at
which data is being transferred in and out of all available network
interfaces on the system.
A tiny little simple bandwidth monitor that displays the traffic volume
through network interfaces. No further options, just the traffic stats are
display and updated in real-time.
Another small and simple tool that just draws out good-looking graphs of
incoming and outgoing traffic through a given interface.
Pktstat displays all the active connections in real time, and the speed at
which data is being transferred through them. It also displays the type of
the connection, i.e. tcp or udp and also details about http requests if
involved.
Netwatch is part of the netdiag collection of tools, and it too displays the
connections between local host and other remote hosts, and the speed at
which data is transferring on each connection.
Like netwatch and pktstat, trafshow reports the current active connections;
their protocol and the data transfer speed on each connection. It can filter
out connections using pcap type filters.
The netload command just displays a small report on the current traffic
load, and the total number of bytes transferred since the program start. No
more features are there. Its part of the netdiag.
The ifstat reports the network bandwidth in a batch style mode. The
output is in a format that is easy to log and parse using other programs or
utilities.
Dstat is a versatile tool (written in python) that can monitor different
system statistics and report them in a batch style mode or log the data to a
csv or similar file.
Collectl reports system statistics in a style that is similar to dstat, and like
dstat it is gathers statistics about various different system resources like
cpu, memory, network etc.
Reverence
1. http://tldp.org/LDP/GNU-Linux-Tools-Summary/html/c8319.htm
2. http://www.tecmint.com/linux-network-configuration-and-troubleshootingcommands/
3. http://www.slackbook.org/html/basic-network-commands.html
4. http://www.binarytides.com/linux-commands-monitor-network/
5. http://javarevisited.blogspot.com/2010/10/basic-networking-commandsin-linuxunix.html
6. http://www.computerhope.com/unix/overview.htm
Related documents
Homework #8
Homework #8
NATIONAL PARKS PROJECT – SCRIPT GUIDANCE
NATIONAL PARKS PROJECT – SCRIPT GUIDANCE
Addenda #2
Addenda #2
Script Writing Assignment
Script Writing Assignment
Blocking and Annotation
Blocking and Annotation
Step 4 Worksheet
Step 4 Worksheet
Perform pre-sales activities to facilitate sales presentation 4.09
Perform pre-sales activities to facilitate sales presentation 4.09
Eaton NetWatch Product Focus
Eaton NetWatch Product Focus
Download
advertisement