7. The Old-boy Network
Setting up the network
- Usage:
# list current network interface configs: $ ifconfig # manually set IP address: # ifconfig wlan0 192.168.0.80 # ifconfig wlan0 192.168.0.80 netmask 255.255.252.0 # automatic configuration: # dhclient eth0 # print list of network interfaces: $ ifconfig | cut -c-10 | tr -d ' ' | tr -s '\n' # spoof hardware address: # ifconfig eth0 hw ether 00:1c:bf:87:25:d5
- We can edit /etc/resolv.conf to add server IP addresses:
$ cat /etc/resolv.conf nameserver 8.8.8.8 # echo nameserver IP_ADDRESS >> /etc/resolv.conf # To retrieve an IP address we can use ping: $ ping google.com PING google.com (64.233.181.106) 56(84) bytes of data. # To list all the Ip addresses we use: $ host google.com google.com has address 64.233.181.105 google.com has address 64.233.181.99 google.com has address 64.233.181.147 google.com has address 64.233.181.106 google.com has address 64.233.181.103 google.com has address 64.233.181.104 # or: $ nslookup google.com Server: 8.8.8.8 Address: 8.8.8.8#53 Non-authoritative answer: Name: google.com Address: 64.233.181.105 Name: google.com Address: 64.233.181.99 Name: google.com Address: 64.233.181.147 Name: google.com Address: 64.233.181.106 Name: google.com Address: 64.233.181.103 Name: google.com Address: 64.233.181.104 Server: 8.8.8.8 # we can add symbolic names for a given IP: # echo 192.168.0.9 backupserver >> /etc/hosts # to display rout information: $ route -n Kernel IP routing table Destination Gateway Genmask Flags Metric Ref Use Iface 192.168.0.0 0.0.0.0 255.255.252.0 U 2 0 0 wlan0 169.254.0.0 0.0.0.0 255.255.0.0 U 1000 0 0 wlan0 0.0.0.0 192.168.0.4 0.0.0.0 UG 0 0 0 wlan0 # setup a default gateway: # route add default gw 192.168.0.1 wlan0
Let us ping!
- Ping provides the Round Trip Time (time needed to get to host and come back):
--- google.com ping statistics --- 5 packets transmitted, 5 received, 0% packet loss, time 4000ms rtt min/avg/max/mdev = 118.012/206.630/347.186/77.713 ms
- Limiting the number of packets to send:
$ ping 192.168.0.1 -c 2
- Return status of ping command:
$ ping domain -c2 if [ $? -eq 0 ]; then echo Successful ; else echo Failure fi
- Trace a packet route:
$ traceroute google.com traceroute to google.com (74.125.77.104), 30 hops max, 60 byte packets 1 gw-c6509.lxb.as5577.net (195.26.4.1) 0.313 ms 0.371 ms 0.457 ms 2 40g.lxb-fra.as5577.net (83.243.12.2) 4.684 ms 4.754 ms 4.823 ms 3 de-cix10.net.google.com (80.81.192.108) 5.312 ms 5.348 ms 5.327 ms 4 209.85.255.170 (209.85.255.170) 5.816 ms 5.791 ms 209.85.255.172 (209.85.255.172) 5.678 ms 5 209.85.250.140 (209.85.250.140) 10.126 ms 9.867 ms 10.754 ms 6 64.233.175.246 (64.233.175.246) 12.940 ms 72.14.233.114 (72.14.233.114) 13.736 ms 13.803 ms 7 72.14.239.199 (72.14.239.199) 14.618 ms 209.85.255.166 (209.85.255.166) 12.755 ms 209.85.255.143 (209.85.255.143) 13.803 ms 8 209.85.255.98 (209.85.255.98) 22.625 ms 209.85.255.110 (209.85.255.110) 14.122 ms * 9 ew-in-f104.1e100.net (74.125.77.104) 13.061 ms 13.256 ms 13.484 ms => one could also use mtr instead to get real time data.
Listing all the machines alive on a network
- Using ping:
#!/bin/bash #Filename: ping.sh # Change base address 192.168.0 according to your network. for ip in 192.168.0.{1..255} ; do ping $ip -c 2 &> /dev/null ; if [ $? -eq 0 ]; then echo $ip is alive fi done
- Using fping:
$ fping -a 192.160.1/24 -g 2> /dev/null 192.168.0.1 192.168.0.90 # or : $ fping -a 192.168.0.1 192.168.0.255 -g # Parallel pings: #!/bin/bash #Filename: fast_ping.sh # Change base address 192.168.0 according to your network. for ip in 192.168.0.{1..255} ; do ( ping $ip -c2 &> /dev/null ; if [ $? -eq 0 ]; then echo $ip is alive fi )& done wait
Running commands on a remote host with SSH
- To run a command on a remote we use:
$ ssh user@host 'COMMANDS' # multiple commands: $ ssh user@host "command1 ; command2 ; command3" # ssh with compression: $ ssh -C user@hostname COMMANDS # Redirect stdin data to remote shell: $ echo 'text' | ssh user@remote_host 'echo' text # or Redirect data from file as: $ ssh user@remote_host 'echo' < file # Running graphical commands: ssh user@host "export DISPLAY=:0 ; command1; command2" # or to get the display on the local computer (using ssh X11 forwarding) ssh -X user@host "command1; command2"
Transferring files through the network
- Usage:
# To connect to FTP server $ lftp username@ftphost # Using SCP to copy to remote: $ scp filename user@remotehost:/home/path # recursive copy with scp: $ scp -r /home/slynux user@remotehost:/home/backups
Connecting to a wireless network
⇒ Recipe providing script for wireless connection with WEP key. See source directly.
Password-less auto-login with SSH
- Setup:
# Create key on the machine that requires login to remote: $ ssh-keygen -t rsa # Append the key on the host: $ ssh USER@REMOTE_HOST "cat >> ~/.ssh/authorized_keys" < ~/.ssh/id_rsa.pub Password: # We can use ssh-copy-id to register our public key instead: ssh-copy-id USER@REMOTE_HOST
Port forwarding using SSH
- To forward port 8000 on the local machine to port 80 of www.kernel.org:
ssh -L 8000:www.kernel.org:80 user@localhost # here we just replace user with the actual user name.
- To forward port 8000 on a remote machine to port 80 of www.kernel.org:
ssh -R 8000:www.kernel.org:80 user@REMOTE_MACHINE # Here we replace the user and the remote machine name.
- Non-interactive port forward:
ssh -fR 8000:www.kernel.org:80 user@localhost -N # -f : fork to background before executing command # -R : use login name on the remote # -N : there is no command to execute.
- Reverse port forwarding:
ssh -R 8000:localhost:80 user@REMOTE_MACHINE
Mounting a remote drive at a local mount point
- To mount a remote folder we use:
# sshfs -o allow_other user@remotehost:/home/path /mnt/mountpoint # umount /mnt/mountpoint
Network traffic and port analysis
- List all open ports with:
$ lsof -i COMMAND PID USER FD TYPE DEVICE SIZE/OFF NODE NAME firefox-b 2261 slynux 78u IPv4 63729 0t0 TCP localhost:47797- >localhost:42486 (ESTABLISHED) firefox-b 2261 slynux 80u IPv4 68270 0t0 TCP slynux-laptop. local:41204->192.168.0.2:3128 (CLOSE_WAIT) firefox-b 2261 slynux 82u IPv4 68195 0t0 TCP slynux-laptop. local:41197->192.168.0.2:3128 (ESTABLISHED) ssh 3570 slynux 3u IPv6 30025 0t0 TCP localhost:39263- >localhost:ssh (ESTABLISHED)
- To list open ports from current machine:
$ lsof -i | grep ":[0-9]\+->" -o | grep "[0-9]\+" -o | sort | uniq
- List open ports with netstat:
$ netstat -tnp
Creating arbitrary sockets
- Setup listening socket :
# listen on port 1234 on local machine. nc -l 1234
- Connect to socket using:
nc HOST 1234 # HOST could be "localhost" or remote IP
- Then to send messages we jsut type them and press Enter.
- Quickly copy files over the network:
# On receiving computer: nc -l 1234 > destination_filename # Then on sender computer: nc HOST 1234 < source_filename
Sharing an Internet connection
⇒ How to use linux and iptables for sharing internet connection. See source document.
Basic firewall using iptables
- Block traffic to a specific address:
# iptables -A OUTPUT -d 8.8.8.8 -j DROP
- Block traffic to a specific port:
# iptables -A OUTPUT -p tcp -dport 21 -j DROP
- Clear the changes made to the iptables chains:
# iptables --flush