User Tools

Site Tools


network-and-communication

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
network-and-communication [2020/06/11 17:24]
Miroslav Bernát
network-and-communication [2020/06/25 12:22] (current)
Miroslav Bernát
Line 32: Line 32:
 | **ifstat** (<​device>​) | displays network traffic statistics – the size of received and transmitted data on all or specified network interfaces | | **ifstat** (<​device>​) | displays network traffic statistics – the size of received and transmitted data on all or specified network interfaces |
 | **iftop** | displays a network traffic in an interactive way – source and destination addresses, the size of transferred data and a total summary (the output changes according to the current state), **-i** <​device>​ specifies a particular interface (the first one by default), interactive option **n** prints IP addresses, **p** displays ports, **S** source port, **D** destination port, **N** service listening on the destination port, **q** quits the program | | **iftop** | displays a network traffic in an interactive way – source and destination addresses, the size of transferred data and a total summary (the output changes according to the current state), **-i** <​device>​ specifies a particular interface (the first one by default), interactive option **n** prints IP addresses, **p** displays ports, **S** source port, **D** destination port, **N** service listening on the destination port, **q** quits the program |
-| **netstat** / **ss** | prints a list of open sockets including port numbers, protocol types and IP addresses, **-a** all current connections,​ **-l** listening ports only, **-t** TCP ports only (used with option "​-a"​ or "​-l"​),​ **-u** UDP ports only (used with option "​-a"​ or "​-l"​),​ **-e** users and i-nodes, **-n** IP addresses, **-p** the PID and name of the program using a particular port, **-i** the table of network interfaces, **-r** the kernel routing table, **-s** summary statistics for each protocol\\ ''​$ ports="​echo discard systat daytime netstat chargen finger nntp"; echo="​7";​ discard="​9";​ systat="​11";​ daytime="​13";​ netstat="​15";​ chargen="​19";​ finger="​79";​ nntp="​119";​ for port in $ports; do open_ports=$(netstat -an | egrep ":​${!port}[ ]"); if %%[[ -n "​$open_ports"​ ]]%%; then echo "​${port} --> YES"; else echo "​${port} --> NO"; fi; done''​\\ (prints the names of particular processes and whether their standard ports are open or not) |+| **netstat** / **ss** | prints a list of open sockets including port numbers, protocol types and IP addresses, **-a** all current connections,​ **-l** listening ports only, **-t** TCP ports only (used with option "​-a"​ or "​-l"​),​ **-u** UDP ports only (used with option "​-a"​ or "​-l"​),​ **-e** users and i-nodes, **-n** IP addresses, **-p** the PID and name of the program using a particular port, **-i** the table of network interfaces, **-r** the kernel routing table, **-s** summary statistics for each protocol\\ ''​$ ports="​echo discard systat daytime netstat chargen finger nntp"; echo="​7";​ discard="​9";​ systat="​11";​ daytime="​13";​ netstat="​15";​ chargen="​19";​ finger="​79";​ nntp="​119";​ for port in $ports; do open_ports=$(netstat -an | awk '​NR>​2{print $4}' ​| egrep ":​${!port}[ ]"); if %%[[ -n "​$open_ports"​ ]]%%; then echo "​${port} --> YES"; else echo "​${port} --> NO"; fi; done''​\\ (prints the names of particular processes and whether their standard ports are open or not) |
 | **nmap** (<​scan>​ <​option>​) <​target>​ | explores ports availability of a remote host in order to identify running services and possibly the operating system type; the scan type can be **-sS** (TCP SYN scan – the most used scan, does not open a full TCP connection, sends a SYN packet and receives SYN/ACK – port is open, or RST – port is closed), **-sA** (TCP ACK scan, maps out firewall rulesets determining whether they are state or not and which ports are filtered), **-sU** (UDP scan), **-sP** (ping scan, checks a host's availability only and its MAC address in the local network); **-sV** prints a program used by the particular service, **-p** <​port>​ specifies the ports, **-O** identifies the OS, **-PN** does not send ping requests (useful when ping is not allowed by the firewall), **-D** <​IP_address>​ a „decoy“ scan to mystify the target, **-iL** <​file>​ reads the target from a file, **-v** detailed output\\ ''​$ nmap root.cz''​\\ ''​$ nmap -sP 10.0.0.0/​24''​\\ ''#​ nmap -sA -v 147.229.28.4''​\\ ''#​ nmap -sS -sV -v 147.229.28.4 > scan.txt''​\\ ''#​ nmap -sS -PN -p 1-65000 192.168.0.247''​\\ ''#​ nmap -sS -sU -iL server_list''​\\ ''#​ nmap -sS -O -D 192.168.0.1,​192.168.0.2 192.168.0.3''​\\ (TCP SYN port scan with OS detection of the target 192.168.0.3,​ pretended to be executed from previous IP addresses) | | **nmap** (<​scan>​ <​option>​) <​target>​ | explores ports availability of a remote host in order to identify running services and possibly the operating system type; the scan type can be **-sS** (TCP SYN scan – the most used scan, does not open a full TCP connection, sends a SYN packet and receives SYN/ACK – port is open, or RST – port is closed), **-sA** (TCP ACK scan, maps out firewall rulesets determining whether they are state or not and which ports are filtered), **-sU** (UDP scan), **-sP** (ping scan, checks a host's availability only and its MAC address in the local network); **-sV** prints a program used by the particular service, **-p** <​port>​ specifies the ports, **-O** identifies the OS, **-PN** does not send ping requests (useful when ping is not allowed by the firewall), **-D** <​IP_address>​ a „decoy“ scan to mystify the target, **-iL** <​file>​ reads the target from a file, **-v** detailed output\\ ''​$ nmap root.cz''​\\ ''​$ nmap -sP 10.0.0.0/​24''​\\ ''#​ nmap -sA -v 147.229.28.4''​\\ ''#​ nmap -sS -sV -v 147.229.28.4 > scan.txt''​\\ ''#​ nmap -sS -PN -p 1-65000 192.168.0.247''​\\ ''#​ nmap -sS -sU -iL server_list''​\\ ''#​ nmap -sS -O -D 192.168.0.1,​192.168.0.2 192.168.0.3''​\\ (TCP SYN port scan with OS detection of the target 192.168.0.3,​ pretended to be executed from previous IP addresses) |
 | **service iptables start** / **stop** / **status** | starts / stops the firewall or prints its settings | | **service iptables start** / **stop** / **status** | starts / stops the firewall or prints its settings |