===== 7. The Old-boy Network =====
==== Setting up the network ====
* Usage: # list current network interface configs:
$ ifconfig
# manually set IP address:
# ifconfig wlan0 192.168.0.80
# ifconfig wlan0 192.168.0.80 netmask 255.255.252.0
# automatic configuration:
# dhclient eth0
# print list of network interfaces:
$ ifconfig | cut -c-10 | tr -d ' ' | tr -s '\n'
# spoof hardware address:
# ifconfig eth0 hw ether 00:1c:bf:87:25:d5
* We can edit /etc/resolv.conf to add server IP addresses: $ cat /etc/resolv.conf
nameserver 8.8.8.8
# echo nameserver IP_ADDRESS >> /etc/resolv.conf
# To retrieve an IP address we can use ping:
$ ping google.com
PING google.com (64.233.181.106) 56(84) bytes of data.
# To list all the Ip addresses we use:
$ host google.com
google.com has address 64.233.181.105
google.com has address 64.233.181.99
google.com has address 64.233.181.147
google.com has address 64.233.181.106
google.com has address 64.233.181.103
google.com has address 64.233.181.104
# or:
$ nslookup google.com
Server: 8.8.8.8
Address: 8.8.8.8#53
Non-authoritative answer:
Name: google.com
Address: 64.233.181.105
Name: google.com
Address: 64.233.181.99
Name: google.com
Address: 64.233.181.147
Name: google.com
Address: 64.233.181.106
Name: google.com
Address: 64.233.181.103
Name: google.com
Address: 64.233.181.104
Server: 8.8.8.8
# we can add symbolic names for a given IP:
# echo 192.168.0.9 backupserver >> /etc/hosts
# to display rout information:
$ route -n
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
192.168.0.0 0.0.0.0 255.255.252.0 U 2 0 0 wlan0
169.254.0.0 0.0.0.0 255.255.0.0 U 1000 0 0 wlan0
0.0.0.0 192.168.0.4 0.0.0.0 UG 0 0 0 wlan0
# setup a default gateway:
# route add default gw 192.168.0.1 wlan0
==== Let us ping! ====
* Ping provides the Round Trip Time (time needed to get to host and come back):--- google.com ping statistics ---
5 packets transmitted, 5 received, 0% packet loss, time 4000ms
rtt min/avg/max/mdev = 118.012/206.630/347.186/77.713 ms
* Limiting the number of packets to send: $ ping 192.168.0.1 -c 2
* Return status of ping command: $ ping domain -c2
if [ $? -eq 0 ];
then
echo Successful ;
else
echo Failure
fi
* Trace a packet route:$ traceroute google.com
traceroute to google.com (74.125.77.104), 30 hops max, 60 byte packets
1 gw-c6509.lxb.as5577.net (195.26.4.1) 0.313 ms 0.371 ms 0.457 ms
2 40g.lxb-fra.as5577.net (83.243.12.2) 4.684 ms 4.754 ms 4.823 ms
3 de-cix10.net.google.com (80.81.192.108) 5.312 ms 5.348 ms 5.327 ms
4 209.85.255.170 (209.85.255.170) 5.816 ms 5.791 ms 209.85.255.172
(209.85.255.172) 5.678 ms
5 209.85.250.140 (209.85.250.140) 10.126 ms 9.867 ms 10.754 ms
6 64.233.175.246 (64.233.175.246) 12.940 ms 72.14.233.114
(72.14.233.114) 13.736 ms 13.803 ms
7 72.14.239.199 (72.14.239.199) 14.618 ms 209.85.255.166
(209.85.255.166) 12.755 ms 209.85.255.143 (209.85.255.143) 13.803 ms
8 209.85.255.98 (209.85.255.98) 22.625 ms 209.85.255.110
(209.85.255.110) 14.122 ms
*
9 ew-in-f104.1e100.net (74.125.77.104) 13.061 ms 13.256 ms 13.484 ms
=> one could also use mtr instead to get real time data.
==== Listing all the machines alive on a network ====
* Using ping: #!/bin/bash
#Filename: ping.sh
# Change base address 192.168.0 according to your network.
for ip in 192.168.0.{1..255} ;
do
ping $ip -c 2 &> /dev/null ;
if [ $? -eq 0 ];
then
echo $ip is alive
fi
done
* Using fping: $ fping -a 192.160.1/24 -g 2> /dev/null
192.168.0.1
192.168.0.90
# or :
$ fping -a 192.168.0.1 192.168.0.255 -g
# Parallel pings:
#!/bin/bash
#Filename: fast_ping.sh
# Change base address 192.168.0 according to your network.
for ip in 192.168.0.{1..255} ;
do
(
ping $ip -c2 &> /dev/null ;
if [ $? -eq 0 ];
then
echo $ip is alive
fi
)&
done
wait
==== Running commands on a remote host with SSH ====
* To run a command on a remote we use: $ ssh user@host 'COMMANDS'
# multiple commands:
$ ssh user@host "command1 ; command2 ; command3"
# ssh with compression:
$ ssh -C user@hostname COMMANDS
# Redirect stdin data to remote shell:
$ echo 'text' | ssh user@remote_host 'echo'
text
# or Redirect data from file as:
$ ssh user@remote_host 'echo' < file
# Running graphical commands:
ssh user@host "export DISPLAY=:0 ; command1; command2"
# or to get the display on the local computer (using ssh X11 forwarding)
ssh -X user@host "command1; command2"
==== Transferring files through the network ====
* Usage: # To connect to FTP server
$ lftp username@ftphost
# Using SCP to copy to remote:
$ scp filename user@remotehost:/home/path
# recursive copy with scp:
$ scp -r /home/slynux user@remotehost:/home/backups
==== Connecting to a wireless network ====
=> Recipe providing script for wireless connection with WEP key. See source directly.
==== Password-less auto-login with SSH ====
* Setup: # Create key on the machine that requires login to remote:
$ ssh-keygen -t rsa
# Append the key on the host:
$ ssh USER@REMOTE_HOST "cat >> ~/.ssh/authorized_keys" < ~/.ssh/id_rsa.pub
Password:
# We can use ssh-copy-id to register our public key instead:
ssh-copy-id USER@REMOTE_HOST
==== Port forwarding using SSH ====
* To forward port 8000 on the local machine to port 80 of www.kernel.org: ssh -L 8000:www.kernel.org:80 user@localhost
# here we just replace user with the actual user name.
* To forward port 8000 on a remote machine to port 80 of www.kernel.org: ssh -R 8000:www.kernel.org:80 user@REMOTE_MACHINE
# Here we replace the user and the remote machine name.
* Non-interactive port forward: ssh -fR 8000:www.kernel.org:80 user@localhost -N
# -f : fork to background before executing command
# -R : use login name on the remote
# -N : there is no command to execute.
* Reverse port forwarding: ssh -R 8000:localhost:80 user@REMOTE_MACHINE
==== Mounting a remote drive at a local mount point ====
* To mount a remote folder we use: # sshfs -o allow_other user@remotehost:/home/path /mnt/mountpoint
# umount /mnt/mountpoint
==== Network traffic and port analysis ====
* List all open ports with: $ lsof -i
COMMAND PID USER FD TYPE DEVICE SIZE/OFF NODE NAME
firefox-b 2261 slynux 78u IPv4 63729 0t0 TCP localhost:47797-
>localhost:42486 (ESTABLISHED)
firefox-b 2261 slynux 80u IPv4 68270 0t0 TCP slynux-laptop.
local:41204->192.168.0.2:3128 (CLOSE_WAIT)
firefox-b 2261 slynux 82u IPv4 68195 0t0 TCP slynux-laptop.
local:41197->192.168.0.2:3128 (ESTABLISHED)
ssh 3570 slynux 3u IPv6 30025 0t0 TCP localhost:39263-
>localhost:ssh (ESTABLISHED)
* To list open ports from current machine: $ lsof -i | grep ":[0-9]\+->" -o | grep "[0-9]\+" -o | sort | uniq
* List open ports with netstat: $ netstat -tnp
==== Creating arbitrary sockets ====
* Setup listening socket : # listen on port 1234 on local machine.
nc -l 1234
* Connect to socket using: nc HOST 1234
# HOST could be "localhost" or remote IP
* Then to send messages we jsut type them and press Enter.
* Quickly copy files over the network: # On receiving computer:
nc -l 1234 > destination_filename
# Then on sender computer:
nc HOST 1234 < source_filename
==== Sharing an Internet connection ====
=> How to use linux and iptables for sharing internet connection. See source document.
==== Basic firewall using iptables ====
* Block traffic to a specific address: # iptables -A OUTPUT -d 8.8.8.8 -j DROP
* Block traffic to a specific port: # iptables -A OUTPUT -p tcp -dport 21 -j DROP
* Clear the changes made to the iptables chains: # iptables --flush