Networking Info

Old Linux

Admin 2008 -->

Home Debian Install + WIFI WIFI Install cont'd Debian Install Done! Cisco Soho97 Config LinuxCmds Firewalls AntiVirusInfo.html Shorewall Firewall Old Linux Admin Series Java RMI Asterisk_PBX_Info Databases - A Research Paper VPN PPTPD Info Aloha Packet Radio Transmission Apache2_Info.html BasicSecurityConcepts.html C_and_Java_Info.html CV.html Fetchmail_SSL_Info.html Hard_Drive_Info.html LVM2_Volume_Info.html MYSQL_Info.html Networking_Info.html Packet_Inspection_Info.html Security_Info_Wireshark_WIFI.html Snort_Info.html Subnet_Mask_Info.html Useful_One_Liners.html New DebianAdmin Site

Debian Linux Admin – Networking Info

NETCARD INFO - Get and Set Ethernet Card Info:

#ifconfig

#ifconfig eth0

#ifconfig eth0 192.168.0.1 netmask 255.255.255.0

To activate cards at boot, edit:

# vi /etc/network/interfaces

auto lo

iface lo inet loopback

# The primary network interface

auto eth0

iface eth0 inet dhcp

# 2ndary

auto eth1

iface eth1 inet dhcp

To stop| start | restart the networking daemon:

#/etc/init.d/networking restart

To bring up or down an iface

#ifup eth0

Knemo Desktop net monitor in KDE (config via Control Panel for taskbar network icons and info)

http://packages.debian.org/lenny/knemo

#apt-get install knemo

NETCARD BONDING – Increase network connection speeds by synchronising 2+ netcards. Uses a round-robin method of transfer and provides card failover. (Check your switch for Cisco etherport type functionality also to sync 2 or more 100Mb/s ports for a faster trunk or multicard optimisation.)

http://packages.debian.org/lenny/ifenslave-2.6

#apt-get install ifenslave-2.6

Load the module

#modprobe bonding

Edit:

# vi /etc/modprobe.d/arch/i386

alias bond0 bonding

options bonding mode=0 miimon=100

This next bit is clumsy to get a DHCP addr for bond0 because it is a virtual iface so requires both eth0 and eth1 to be up with an IP address each BEFORE bonding can occur, then it comes up itself BEFORE it can be given an IP address itself also via DHCP - but it works even though it complains about PIDs already existing etc.

Edit

# vi /etc/network/interfaces

and modify as follows:

# The primary network interface

auto eth0

iface eth0 inet dhcp

# 2ndary

auto eth1

iface eth1 inet dhcp

#eth 0 + 1

auto bond0

iface bond0 inet static

address 192.168.0.6

netmask 255.255.255.0

network 192.168.0.0

broadcast 192.168.0.255

gateway 192.168.0.254

up ifenslave bond0 eth0 eth1

up dhclient bond0

Check it is working as failover:

#apt-get install bwm-ng

http://packages.debian.org/lenny/bwm-ng

Ping another host and check both cards are bonded by unplugging each in turn while watching bwm in 2nd tty, and send a large file to see the increase in transfer rate with 2 cards running compared to 1.

See the processes settings in:

#less /proc/net/bonding/bond0

NETCAT – bi-directional network pipes

http://packages.debian.org/lenny/netcat-traditional

#apt-get install netcat

netcat as port scanner :

#netcat -v -w 1 localhost -z 1-3000

nc as an FTP receiver on port 1377, pc B, listening, pc A sending:

#nc -lp 1337 > /file.zip

#nc -w 1 192.168.0.1_of_pc_B 1337 < /file.zip

Using pv like cat to give visual progress sending a file, first set listening/receiving pc, (using localhost for test but IP address of host would be usual)

http://packages.debian.org/lenny/pv

#apt-get install pv

#netcat -l -p 1377 | pv > file.zip

#pv /bigfile.zip | netcat 127.0.0.1 1377

3.06GB 0:05:49 [9.63MB/s] [ <=> ]

Netcat Chat Server

Start listening to connections on some port like this:

#nc -lp 1337

(Then on another machine simply connect to that port:)

#nc x.x.x.x_pcB 1337

Now start typing on either machine. When you press enter, the line will immediately show up on the other machine.

This is very useful when editing docs that you have on both PCs that you want to cut and paste between.

Netcat Telnet Server

Netcat can also be used to set up a telnet server in a matter of seconds. You can specify the shell (or for that matter any executable) you want netcat to run at a successful connection, with the -e parameter:

As before for the chat server but add -e “cmd”

#nc -lp 1337 -e /bin/bash

The -e runs opens a local shell in this case for the remote host on connection, or shows the date and time when connected. Command switches can't be parsed normally though eg wc -l etc.

#nc -lp 1337 -e /bin/date

On windows you can use:

nc.exe -lp 1337 -e cmd.exe (to run netcat on Vista, run cmd as Admin, cd to netcat dir, and add to anti-virus exceptions at pop up box. Run >nc.exe -lp 1337 etc )

Then on a client machine simply connect to port 1337 and you will get full access to the shell, with the permissions of the user who ran nc.exe on the Win server.

Cloning Hard Drive Partitions Over the Network (umounted partition requiired to write from, remember, as dd writes from devices ONLY, but writes TO files also.

dd if=/dev/sda | netcat 192.168.0.1 9000

netcat -l -p 9000 | dd of=/dev/sda

See the Hard Drive Info page for more details.

SOCAT – read the man page, what more can this thing do??

Fetch a whole webpage.html after 2 way pipe is open and “GET /” entered) http://packages.debian.org/lenny/socat

#apt-get install socat

# socat – TCP:www.6530b:www,crnl

GET / [Enter]

This displays all the source code of a sites index page for perusal:

....<font face="tahoma">Linux</font>

</table>

<p>Welcome to 6530b</p>....

Nmap – THE Network Port Scanner

Read the man page!

#man nmap

www.insecure.org

Check your firewall security by scanning your external interface compared to what is running on localhost, and what services a running (that should not be?) on all your devices wuth this great app.

#apt-get install nmap

A generic scan of the PC (Windows disallows self scanning for the Win32 release):

# nmap 127.0.0.1

Find and scan other active hosts on the LAN:

# nmap 192.168.0.1-254

Scan a port or port range

# nmap 127.0.0.1 -p 1-100

Starting Nmap 4.62 ( http://nmap.org ) at 2010-07-24 09:43 BST

Interesting ports on localhost (127.0.0.1):

Not shown: 97 closed ports

PORT STATE SERVICE

22/tcp open ssh

25/tcp open smtp

80/tcp open http

UDP scan a host

# nmap -sU 127.0.0.1

Interesting ports on localhost (127.0.0.1):

Not shown: 1480 closed ports

PORT STATE SERVICE

68/udp open|filtered dhcpc

111/udp open|filtered rpcbind

137/udp open|filtered netbios-ns

138/udp open|filtered netbios-dgm

517/udp open talk

518/udp open ntalk

701/udp open|filtered unknown

5353/udp open|filtered zeroconf

TCP scan a host

#nmap -sT 127.0.0.1

Interesting ports on localhost (127.0.0.1):

Not shown: 1703 closed ports

PORT STATE SERVICE

22/tcp open ssh

25/tcp open smtp

80/tcp open http

110/tcp open pop3

111/tcp open rpcbind

139/tcp open netbios-ssn

143/tcp open imap

445/tcp open microsoft-ds

884/tcp open unknown

993/tcp open imaps

10000/tcp open snet-sensor-mgmt

19150/tcp open gkrellm

WIFI Card setup for WPA security using wpa_supplicant and/or wpa_gui

WiFi can be problematic at best, and you may need to use a Windows driver wrapped with ndiswrapper if your device has no Linux driver available for it.

http://packages.debian.org/lenny/wpasupplicant

http://packages.debian.org/lenny/wpagui

http://packages.debian.org/lenny/wireless-tools

# apt-get install wpasupplicant wpagui

# wpa_passphrase essid-name wpa-password > /etc/wpa_supplicant/wpa_supplicant.conf

to create a basic wpa conf file, then to connect to the AP, cross you fingers and run:

#wpa_supplicant -Dwext -iwlan0 -c/etc/wpa_supplicant/wpa_supplicant.conf

where -D is the standard linux wireless extensions driver, wext; -i is the name of wifi card (wlan0, ath0 etc.); and -c is the conf file.) May need to add other parameters added to the to get the wpa_supplicant.conf file for the card to work, and use the iwconf tools from the wirelesstools package to scan and configure channels for the netcard name (eth1, wlan0 etc.)

# iw (TAB)

iwconfig iwevent iwgetid iwlist iwpriv iwspy

# iwlist

Usage: iwlist [interface] scanning [essid NNN] [last]

[interface] frequency

[interface] channel....

Steve 2008-2022