| **Useful Linux Network Commands** || ^ NETWORK COMMAND BASICS** | This category contains the most basic network commands available on Linux platform. | |**w** | Shows who is currently logged in and where they are logged in from. | |**who** | This also shows who is on the server in an shell. | |**netstat** | Shows all current network connections. | |**netstat -an** | Shows all connections to the server, the source and destination ips and ports. | |**netstat -rn** | Shows routing table for all ips bound to the server. | |**netstat -an | grep :80 | wc -l** | Show how many active connections there are to apache (httpd runs on port 80) | |**top** | Shows live system processes in a formatted table, memory information, uptime and other useful info. While in top, Shift + M to sort by memory usage or Shift + P to sort by CPU usage | |**top -u root** | Show processes running by user root only. | |**route -n** | Shows routing table for all ips bound to the server. | |**route add default gw****//my_computer****//** | Add a default gateway to _my_computer//| |**nslookup _yahoo.com_** | Query your default domain name server (DNS) for an Internet name (or IP number) host_to_find. | |**traceroute _yahoo.com_** | Have a look how you messages travel to yahoo.com | |**tracepath****//yahoo.com****//** | Performs a very similar function to traceroute. | |**ifconfig** | Display info on the network interfaces. | |**ifconfig -a** | Display into on all network interfaces on server, active or inactive.. | |**ifconfig eth0 down** | This will take eth0 (assuming the device exists) down, it won't be able to receive or send anything until you put the device back “up” again. | |**ifconfig eth0 up** | You guessed it. This would take eth0 up and available to receive or send packets. | |**/sbin/ifconfig eth0 192.168.10.12 netmask 255.255.255.0 broadcast 192.168.10.255** | Assign IP 192.168.10.12, netmask and broadcast address to interface eth0. | |**ifup eth0** | Will bring eth0 up if it is currently down. | |**ifdown eth0** | Will bring eth0 down if it is currently up. | |**ifcfg** | Use**ifcfg** to configure a particular interface. Simply type ifcfg to get help on using this script. | |**ifcfg eth0 del 192.168.0.1** | This command takes eth0 down and removes the assigned IP 192.168.0.1 | |**ifcfg eth0 add 192.168.0.2** | This command brings eth0 up and assigns the new IP 192.168.0.2 | |**ping** | Sends test packets to a specified server to check if it is responding properly | |**ping****//yahoo.com****//** | Sends echo requests to _yahoo.com//| |**mii-tool** | Checks what your duplex settings are. | |**arp** | Command mostly used for checking existing Ethernet connectivity and IP address | |**hostname** | Tells the user the host name of the computer they are logged into. | |**findsmb** | Used to list info about machines that respond to SMB name queries.****//findsmb****// with no argument would find all machines possible. You can also specify a particular subnet to localize search. | |**host****//yahoo.com****//** | Performs a simple lookup of an internet address using DNS. | |**dig****//yahoo.com****//** | The "domain information groper" tool. This example looks up information about _yahoo.com//such as IP. | |**dig -x _66.94.234.13_** | Looks up the address and returns the associated domain name.**dig** takes a huge number of options (at the point of being too many), refer to the manual page for more information. | |**whois** | Used to look up the contact information from the “whois” databases. Also reports IP address and name server of domain as well as creation and expiration dates.. | |**ftp** | File transfer protocol. Transfers files to another host (insecure) | |**rdesktop** | Display remote desktop on Linux Machine. You can use to connect to Windows. | ^ ADVANCED NETWORK TIPS** | All the remote network administration related tools and techniques available on Linux platform. | |**ssh** | Secure shell, an alternative but secure to telnet/rsh and all the non-secure methods of logging in to remote servers. All connections get encrypted. | |**ssh username@hostname** | Connect to a remote server by specifying your username and hostname you're logging into. | |**scp <from_server> <to_server>** | Secure copy. Allows you to copy files from one computer to another computer, use -r to copy recursively. | |**scp -r jose@remote1:/tmp greg@remote2:/tmp** | Do a recursive scp of /tmp on remote1 server logging in as jose to remote2 server /tmp logging in as greg. | |**scp remote:/home/me/junk/** .** | This will copy files on the remote machine in the directory “/home/me/junk/” to your local computer. | |**sftp** | Secure ftp, another part of the ssh package. This command is similar to ftp but uses an encrypted tunnel to connect to an ftp server and is therefore more secure than just plain ftp. | |**rsync** | An open source utility that provides fast incremental file transfer. Can be transferred via ssh. | |**rsync -av -e ssh remote@server:/home/dir /local/dir** | Rsync command used via ssh to login as default user on remote server to fetch /home/dir to local server and path /local/dir. | |**tcpdump** |

Print all the network traffic going through the network. Do a 'man tcpdump' to learn more. | |**tcpdump -v** | Display the verbose output | |**tcpdump -D** | Display network interfaces available for the capture | |**tcpdump -n** | Display numerical addresses rather than symbolic (DNS) addresses | |**tcpdump -i eth0** | Capture the traffic of eth0 interface | |**tcpdump udp** | Capture the UDP traffic | |**tcpdump -w capture.log** | Send the capture output in a file instead of directly on the screen | |**tcpdump -r capture.log** | Read a capture file | |**tcpdump port http** | Capture the TCP port 80 traffic | |**tcpdump -i eth0 host 66.94.234.13** | Listen to all traffic on interface eth0 going to 66.94.234.13. This troubleshooting technique can determine why a web connection is not reaching yahoo.com (66.94.234.13). | |**tcpdump host www.yahoo.com** | Display the packets having "www.openmaniak.com" as their source or destination address | |**tcpdump src 192.168.1.2 and dst 192.168.1.3 and port ftp** | Display the FTP packets coming from 192.168.1.2 to 192.168.1.3 | |**nmap** | A very advanced network tool used to query machines (local or remote) as to whether they are up and what ports are open on these machines. Download it from _insecure.org//and for additional documentation. | |**nmap _host_name_** | This would query _host_name//and report what ports it keeps open. | |**nc** | Netcat. A networking utility which reads and writes data across network connections, using the TCP/IP protocol. | |**wget** | (GNU Web get) used to download files from the World Wide Web. To archive a single web-site.
\ -m or --mirror --> To archive a single website.
\ -nc --> no clobber option to stop wget from overwriting a file if you already have it.
\ -c or --continue --> Continue a file that was unfinished by wget or another program.
\ Wget has a large list of options. Please check the manual pages for more details. | |**wget !http://blog.lxpages.com/ultimate_linux.html** | This would simply get ultimate_linux.html from blog.lxpages.com website. | |**curl** | Another remote downloader similar to wget. This remote downloader is designed to work without user interaction and supports a variety of protocols, can upload/download and has a large number of tricks/work-arounds for various things. It can access dictionary servers (dict), ldap servers, ftp, http, gopher, see the manual page for full details. | |**curl -M** | To access the full manual. There are too many options and variations for examples. Please refer to manual for in depth examples and techniques. | |**curl -u username:password -T index.html !ftp://ftp.mywebsite.com** | This uploads index.html to ftp.mywebsite.com | ^ Apache Shell Commands** | Some of the basic and helpful apache commands. | |**httpd -v** | Outputs the build date and version of the Apache server. | |**httpd -l** | Lists compiled in Apache modules | |**httpd status** | Only works if mod_status is enabled and shows a page of active connections | |**service httpd restart** | Restarted Apache web server | |**ab -n 100 -c 5 !http://blog.lxpages.com/linux_network.html** | Apache benchmark. Great tool for load testing your site. -n 100 will send 100 # of requests to blog.lxpages.com in order to benchmark
-c 5 is # of concurrency. | ^ NETWORK CONFIGURATION FILES** | All the network related configuration files on a Linux platform. | |**/etc** | This directory contains most of the basic Linux system-configuration Files. | |**/etc/sysconfig** | Contains important system configuration files that are created and maintained by various services (including iptables, samba, and most networking services). | |**/etc/sysconfig/network** | Network configuration file used by the system during the boot process. | |**/etc/sysconfig/network-scripts** | Configuration files that are run during boot process related to setting up of your network. | |**/etc/xinetd.d** | Contains a set of files, each of which defines a network service that the xinetd daemon listens for on a particular port. | |**/etc/syslogd.conf** | The configuration file for the syslogd daemon. syslogd is the daemon that takes care of logging (writing to disk) messages coming from other programs to the system. | |**/etc/resolv.conf** | Host name resolver configuration file. This configures Linux so that it knows which DNS server will be resolving domain names into IP addresses. | |**/etc/hosts** | Locally resolve node names to IP addresses. This informs Linux of local systems on the network which are not handled by the DNS server. | |**/etc/nsswitch.conf** | System Databases and Name Service Switch configuration file. Looks up /etc/hosts first, if host not found then it would query DNS server as defined by /etc/resolv.conf | |**/var** | Contains variable data like system logging files, mail and printer spool directories, and transient and temporary files. | |**/var/log** | Log files from the system and various programs/services, especially login (/var/log/wtmp, which logs all logins and logouts into the system) and syslog (/var/log/messages, where all kernel and system program message are usually stored). | |**/var/log/messages** | System logs. The first place you should look at if your system is in trouble. | |**/var/log/utmp** | Active user sessions. This is a data file and as such it can not be viewed normally. | |**/var/log/wtmp** | Log of all users who have logged into and out of the system. The last command can be used to access a human readable form of this file. | ^ Network Open Source Network Utilities** | Some of the most useful network tools available for Linux. | |**[[http://insecure.org/|nmap]]** | A very advanced network tool used to query machines (local or remote) as to whether they are up and what ports are open on these machines. Download it from _insecure.org//and for additional documentation. | |**[[http://netcat.sourceforge.net/|nc]]** | Netcat. A networking utility which reads and writes data across network connections, using the TCP/IP protocol. | |**[[http://ngrep.sourceforge.net/|ngrep]]** | Network grep. Used to debug plaintext protocol interactions such as HTTP, SMTP, FTP, etc. | |**[[http://www.ntop.org/download.html|ntop]]** | A network traffic probe that shows the network usage, similar to what the popular top Unix command does. | |**[[http://www.hping.org/|Hping2]]** | A network probing utility like ping on steroids. | |**[[http://curl.haxx.se/|curl and libcurl]]** | A command line tool and library for client-side URL transfers. | |**[[http://rkhunter.sourceforge.net/|Rootkit Hunter]]** | A file scanner for rootkits, backdoors, and sniffers. | |**[[http://dspam.nuclearelephant.com/|DSPAM]]** | A server-side anti-spam agent for UNIX email servers. | |**[[http://www.realvnc.com/|RealVNC]]** | Cross-platform Virtual Network Computing | |**[[http://sourceforge.net/projects/webadmin|Webmin]]** | A web-based system administration tool for Unix servers and services. | -- FredPettis - 26 Mar 2009