Networking Commands

1. ifconfig
ifconfig (interface configurator) command is use to initialize an interface, assign IP
Address to interface andenable or disable interface on demand. With this command
you can view IP Address and Hardware / MAC address assign to interface and
also MTU (Maximum transmission unit) size.
# ifconfig
eth0Linkencap:EthernetHWaddr 00:0C:29:28:FD:4C
inet addr:192.168.50.2Bcast:192.168.50.255
Mask:255.255.255.0
inet6addr:fe80::20c:29ff:fe28:fd4c/64Scope:Link
UPBROADCASTRUNNINGMULTICASTMTU:1500Metric:1

loLinkencap:LocalLoopback
inetaddr:127.0.0.1Mask:255.0.0.0
inet6addr:::1/128Scope:Host

ifconfig with interface (eth0) command only shows specific interface details like IP
Address, MAC Address etc. with -a options will display all available interface details
if it is disable also.
# ifconfig eth0
eth0Linkencap:EthernetHWaddr00:0C:29:28:FD:4C
inetaddr:192.168.50.2Bcast:192.168.50.255
Mask:255.255.255.0
inet6addr:fe80::20c:29ff:fe28:fd4c/64Scope:Link
UPBROADCASTRUNNINGMULTICASTMTU:1500Metric:1

Assigning IP Address and Gateway

Assigning an IP Address and Gateway to interface on the fly. The setting will be
removed in case of system reboot.
# ifconfig eth0 192.168.50.5 netmask 255.255.255.0
Enable or Disable Specific Interface
To enable or disable specific Interface, we use example command as follows.
Enable eth0
# ifup eth0
Disable eth0

# ifdown eth0
Setting MTU Size
By default MTU size is 1500. We can set required MTU size with below command.
Replace XXXX with size.
# ifconfig eth0 mtu XXXX
Set Interface in Promiscuous mode
2. PING Command
PING (Packet INternet Groper) command is the best way to test connectivity
between two nodes. Whether it isLocal Area Network (LAN) or Wide Area
Network (WAN). Ping use ICMP (Internet Control Message Protocol) to communicate
to other devices. You can ping host name of ip address using below command.
# ping 4.2.2.2
PING4.2.2.2(4.2.2.2)56(84)bytesofdata.
64bytesfrom4.2.2.2:icmp_seq=1ttl=44time=203ms
64bytesfrom4.2.2.2:icmp_seq=2ttl=44time=201ms
64bytesfrom4.2.2.2:icmp_seq=3ttl=44time=201ms
21b.resolvers.Level3.net(4.2.2.2)199.725ms199.190ms202.488
ms
4. NETSTAT Command
Netstat (Network Statistic) command display connection info, routing table
information etc. To displays routing table information use option as -r.
# netstat -r
KernelIProutingtable
DestinationGatewayGenmaskFlagsMSSWindow
irttIface
192.168.50.0*255.255.255.0U00
5. DIG Command
Dig (domain information groper) query DNS related information like A
Record, CNAME, MX Record etc. This command mainly use to
troubleshoot DNS related query.
# dig www.tecmint.com;<<>>DiG9.8.2rc1RedHat9.8.20.10.rc1.el6
<<>>www.tecmint.com
;;globaloptions:+cmd
;;Gotanswer:
;;>>HEADER<

HOSTNAME Command
hostname is to identify in a network. Execute hostname command to see the
hostname of your box. You can set hostname permanently in /etc/sysconfig/network.
Need to reboot box once set a proper hostname.
# hostname
tecmint.com
13. GUI tool system-config-network
Type system-config-network in command prompt to configure network setting and
you will get nice Graphical User Interface (GUI) which may also use to configure IP
Address, Gateway, DNS etc. as shown below image.
# system-config-network

kill
signal to a process or to kill a process. We typically use kill -SIGNAL PID, where you know the PID of the
process.
The options to the kill command are:

pid : list of process that kill command should send a signal

-s signal : send the specified signal to the process

-l : list all the available signals.

Some the important signals which we use in our daily usage ar listed below:
Number

Signal Name

Description

SIGNULL

Used to check access to the process id

SIGHUP

Hup signal. Terminates the process.

SIGNINT

Interrupt signal. Terminating the process

SIGQUIT

Quit signal. Terminate process with core dump

SIGKILL

Forcibly killing a process

24

SIGSTOP

Pausing the process

26

SIGCONT

Runs a stopped process

$ ps -e

1986 ?

Sl

7:22 /usr/lib/firefox-3.5.3/firefox

$ kill -9 1986

Getting the process id

To know the process id of a process running in the unix system, use the ps command as
ps -aef
root

4529

657

Jul 20 ?

0:06 /usr/local/sbin/sshd -R

....
....
The second field in the output is the process Id. Here the /usr/local/sbin/sshd -R is running with the process id
4529.
Killing a process.
To kill processes simply pass the process id to the kill command. This is shown below:
kill 4529
Forcefully killing a process.
Use the -9 option with the kill command to kill a process force fully. The following kill command terminates the
process forcefully:
kill -9 1567
kill -SIGKILL 1567
kill -KILL 1567
kill -s SIGKILL 1567
kill -s KILL 1567

DHCP
One way is to manually configure network interface and assign an IP address by
hand. This is called static configuration which means that host's IP address will
never change until changed manually again by user or system administrator. If
company's network includes more than 1000 hosts this job of setting up each
individual host with static IP address will become tiresome and more importantly
inefficient.
Dynamic Host Configuration Protocol (DHCP) automatically assigns IP

addresses and other network configuration information (subnetmask,

broadcast address, etc) to computers on a network. A client configured for
DHCP will send out a broadcast request to the DHCP server requesting an
address. The DHCP server will then issue a "lease" and assign it to that
client. The time period of a valid lease can be specified on the server.
DHCP reduces the amount of time required to configure clients and allows
one to move a computer to various networks and be configured with the
appropriate IP address, gateway and subnet mask. For ISP's it conserves
the limited number of IP addresses it may use. DHCP servers may assign a
"static" IP address to specified hardware. Microsoft NetBios information is
often included in the network information sent by the DHCP server.
The DHCP protocol lets a DHCP client to lease network configuration parameters
such as an IP address. In fact parameters to lease are not limited to IP address only
and they also include:
IP addresses and network masks
Here are some advantages of having a DHCP server connected to network:
1. No IP address conflicts. DHCP can guarantee that all hosts on the network will
have unique IP address. DHCP server keeps a record of all IP addresses
assigned and cross reference them with host's MAC addresses.
2. Based on the MAC address DHCP allows for a fixed parameter configuration
for a specific host
3. Efficiency with minimum local client configuration

OpenVAS
OpenVAS (Open Vulnerability Assessment System, the name of the fork originally known as GNessUs)
is a framework of several services and tools offering a vulnerability scanning and vulnerability
management solution. All OpenVAS products are Free Software.

The OpenVAS Manager is the central service that consolidates plain vulnerability scanning into a full vulnerability
management solution. The Manager controls the Scanner via OTP (OpenVAS Transfer Protocol) and itself offers
the XML-based, stateless OpenVAS Management Protocol (OMP). All intelligence is implemented in the Manager
so that it is possible to implement various lean clients that will behave consistently e.g. with regard to filtering or
sorting scan results. The Manager also controls a SQL database (sqlite-based) where all configuration and scan
result data is centrally stored. Finally, Manager also handles user management includiung access control with
groups and roles.
Different OMP clients are available: The Greenbone Security Assistant (GSA) is a lean web service offering a
user interface for web browsers. GSA uses XSL transformation stylesheet that converts OMP responses into
HTML.

Feature overview

OpenVAS Scanner
o

Many target hosts are scanned concurrently

OpenVAS Transfer Protocol (OTP)

SSL support for OTP (always)

WMI support (optional)

OpenVAS Manager
o

OpenVAS Management Protocol (OMP)

SQL Database (sqlite) for configurations and scan results

SSL support for OMP (always)

Many concurrent scans tasks (many OpenVAS Scanners)

Notes management for scan results

False Positive management for scan results

Scheduled scans

Flexible escalators upon status of a scan task

Stop, Pause and Resume of scan tasks

Master-Slave Mode to control many instances from a central one

Reports Format Plugin Framework with various plugins for: XML, HTML, LateX,
etc.

User Management

Feed status view

Feed synchronisation

Greenbone Security Assistant (GSA)

o

Client for OMP and OAP

HTTP and HTTPS

Web server on its own (microhttpd), thus no extra web server required

Integrated online-help system

Multi-language support

...

OpenVAS CLI
o

Client for OMP

Runs on Windows, Linux, etc.

Plugin for Nagios

Shell Scripts:
i. The basic concept of a shell script is a list of commands, which are listed in
the order of execution. A good shell script will have comments, preceded by a
pound sign, #, describing the steps.

ii. There are conditional tests, such as value A is greater than value B, loops
allowing us to go through massive amounts of data, files to read and store
data, and variables to read and store data, and the script may include
functions.
iii. The shell is, after all, a real programming language, complete with variables,
control structures, and so forth. No matter how complicated a script gets,
however, it is still just a list of commands executed sequentially

Write about others like variables, read,

echo, etc.