Professional Documents
Culture Documents
LinuxNetworkingCheatSheet
CHEAT SHEETS
/// BLOG
/// POLSCAN
/// WEBSCAN
CDN USAGE
Troubleshooting
Measuring
Discovery
Debugging
LinuxNetworkingCheatSheet
NFS SSH
Basics
Resolveanameviansswitch
getenthosts<hostname>
CloudShark :Sharingnetworktraces
DNSLookup
dig<domain>
dig<domain>+noall+answer
dig<domain>+short
digMX<domain>
digNS<domain>
digANY<domain>
digx<IP>
digx<IP>+short
dig@8.8.8.8<domain>
http://lzone.de/cheatsheet/LinuxNetworking
1/7
7/12/2016
LinuxNetworkingCheatSheet
digfinput.txt+noall+answer
netcatCommands
nclp<port>
ncw3<ip><port>
#Listenonport
#ListenforconnectionfromIPonport
#Searchbanners
echo|ncvnw1<ip><portmin><portmax>
#Portscan
ncvnzw1<ip><portmin><portmax>
paketlife.netcheetsheets
forallnetworkprotocols(PDFs)
Configuration
ethtoolUsage
ethtooleth0#Printgeneralinfooneth0
ethtoolieth0#Printkernelmoduleinfo
ethtoolSeth0#Printeth0trafficstatistics
ethtoolaeth0#PrintRX,TXandautonegotiationsettings
ethtoolpeth0#BlinkLED
#ChangingNICsettings...
ethtoolseth0speed100
ethtoolseth0autonegoff
ethtoolseth0duplexfull
ethtoolseth0wolg#TurnonwakeonLAN
Donotforgettomakechangespermanentine.g./etc/network/interfaces.
ipUsage
iplinkshow
iplinkseteth0up
ipaddrshow
ipneighshow
miitoolShowLinkInfos
#miitoolv
eth0:negotiated100baseTxFDflowcontrol,linkok
productinfo:vendor00:07:32,model17rev4
basicmode:autonegotiationenabled
basicstatus:autonegotiationcomplete,linkok
capabilities:1000baseTHD1000baseTFD100baseTxFD100baseTxHD10baseTFD10baseTHD
advertising:100baseTxFD100baseTxHD10baseTFD10baseTHDflowcontrol
linkpartner:1000baseTHD1000baseTFD100baseTxFD100baseTxHD10baseTFD10baseTHDflowcontro
EnableJumboFrames
ifconfigeth1mtu9000
http://lzone.de/cheatsheet/LinuxNetworking
2/7
7/12/2016
LinuxNetworkingCheatSheet
NFSTuningSecrets
:SGISlidesonNFSPerformance
iptables
ipsetsvs.iptablesPerformance
ipsetsUsingIPsetsforsimpleriptablesrules
ipsetcreatesmtpblockshash:netcounters
ipsetaddsmtpblocks27.112.32.0/19
ipsetaddsmtpblocks204.8.87.0/24
iptablesAINPUTptcpdport25msetmatchsetsmtpblockssrcjDROP
iptablesLoopbackRouting:
iptablestnatAPOSTROUTINGd<internalwebserverIP>s<internalnetworkaddress>ptcpdpo
iptablesShowactiverules:
iptablesS
iptablesL
iptablesL<table>
iptablesFullflush:
iptablesF
iptablesX
iptablestnatF
iptablestnatX
iptablestmangleF
iptablestmangleX
iptablesPINPUTACCEPT
iptablesPFORWARDACCEPT
iptablesPOUTPUTACCEPT
iptablesAllowestablished:
iptablesAINPUTmconntrackctstateRELATED,ESTABLISHEDjACCEPT
iptablesLogfailedrequests:
iptablesIINPUT5mlimitlimit5/minjLOGlogprefix"iptablesdenied:"loglevel7
iptablesPersistencyonDebian:
aptgetinstalliptablespersistent
#Setsomerulesandcall
invokerc.diptablespersistentsave
http://lzone.de/cheatsheet/LinuxNetworking
3/7
7/12/2016
LinuxNetworkingCheatSheet
iptablesPersistencyonUbuntu:UFW
(UncomplicatedFireWall)
ufwenable
ufwstatus
ufwallowssh/tcp
ufwallowfrom<IP>prototcptoanyport<port>
ufwdeleteallowfrom<IP>prototcptoanyport<port>
fail2banCLICommands
fail2banclientstatus
fail2banclientstatus<jailname>
Troubleshooting
BlackHoleRoute:ToblockIPscreaterouteonloopback
routeaddnet91.65.16.0/24gw127.0.0.1lo#forasubnet
routeadd91.65.16.4gw127.0.0.1lo#forasingleIP
QuickAccessLogIPTopList
tail100000access.log|awk'{print$1}'|sort|uniqc|sortnr|head25
FindoutifIPisusedbeforeconfiguringit
arping<IP>
TraceroutewithASandnetworknamelookup
lftANwww.google.de
ManuallylookupAS 3220
dailychanges.com
Lookup
:TracksDNSchanges
Measuring
vnstatShorttermmeasurementbytes/packetsmin/avg/max:
vnstatl#LivelistinguntilCtrlCandsummary
vnstattr#5sautomatictrafficsample
vnstatLongtermstatistics:
vnstath#lasthours(includingASCIIgraph)
vnstatd#lastdays
vnstatw#lastweeks
vnstatm#lastmonths
vnstatt#top10days
http://lzone.de/cheatsheet/LinuxNetworking
4/7
7/12/2016
LinuxNetworkingCheatSheet
curlTimedetailsonHTTPrequests:
curlw"DNS:%{time_namelookup}Connect:%{time_connect}start:%{time_starttransfer}total:%{tim
Discovery
LLDP
lldpctl
lldpctleth0
nmapcommands
#Networkscan
nmapsP192.168.0.0/24
#Hostscan
nmap<ip>
nmapF<ip>#fast
nmapO<ip>#detectOS
nmapsV<ip>#detectservicesandversions
nmapsU<ip>#detectUDPservices
#Alternativehostdiscovery
nmapPS<ip>#TCPSYNscan
nmapPA<ip>#TCPACKscan
nmapPO<ip>#IPping
nmapPU<ip>#UDPping
#Alternativeservicediscovery
nmapsS<ip>
nmapsT<ip>
nmapsA<ip>
nmapsW<ip>
#Checkingfirewalls
nmapsN<ip>
nmapsF<ip>
nmapsX<ip>
Debugging
XTraceMultiprotocoltracingframework
iptrafRealtimestatisticsinncursesinterfaces
mtrDebugrouting/packagelossissues
netstatThedifferentmodes
#Typicallyusedmodes
netstatrn#Listroutes
netstattlnp#ListallopenTCPconnections
netstattlnpc#Continuouslydotheabove
netstattulpen#Extendedconnectionview
netstata#Listallsockets
http://lzone.de/cheatsheet/LinuxNetworking
5/7
7/12/2016
LinuxNetworkingCheatSheet
#Andmorerarelyused
netstats#Listperprotocolstatistics
netstatsu#ListUDPstatistics
netstatM#Listmasqueradedconnections
netstati#Listinterfacesandcounters
netstato#Watchtime/waithandling
nttcpTCPperformancetesting
#Onsendinghost
nttcpts
#Onreceivinghost
nttcprs
ListKernelSettings
sysctlnet
SNMPDumpallMIBs
:WhenyouneedtofindtheMIBforanobjectknownonlybynametry
snmpwalkcpublicv1Os<myhost>.iso|grep<searchstring>
HurricaneElectricBGPTools :StatisticsonallASaswellaslinkstotheirlookingglasses.
tcpdumpBeverboseandprintfullpackagehexdumps:
tcpdumpieth0nNvvvxXs1500port<someport>
tcpdumpNonpromiscuousmodetolistonlytrafficthatthenetworkstackprocesses:
tcpdumpe...
tcpdumpTutorial
:Manyusageexamples.
#Filterport
tcpdumpport80
tcpdumpsrcport1025
tcpdumpdstport389
tcpdumpportrange2123
#FiltersourceordestinationIP
tcpdumpsrc10.0.0.1
tcpdumpdest10.0.0.2
#Filtereverythingonnetwork
tcpdumpnet1.2.3.0/24
#Logicallyoperators
tcpdumpsrcport1025andtcp
#ProvidefullhexdumpofcapturedHTTPpackages
tcpdumps0xport80
#FilterTCPflags(e.g.RST)
http://lzone.de/cheatsheet/LinuxNetworking
6/7
7/12/2016
LinuxNetworkingCheatSheet
tcpdump'tcp[13]&4!=0'
darkstat
0
libpcapmonitoring
Tweet
http://lzone.de/cheatsheet/LinuxNetworking
7/7