Scribd Logo
Upload

Welcome to Scribd!

  • Linux Networking Cheat Sheet

    Uploaded by

    amir
    141 views7 pages
    Linux-Networking Cheat Sheet

    Original Title

    Linux-Networking Cheat Sheet

    Copyright

    © © All Rights Reserved

    Available Formats

    PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document
    Linux-Networking Cheat Sheet

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    141 views7 pages

    Linux Networking Cheat Sheet

    Uploaded by

    amir
    Linux-Networking Cheat Sheet

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 7

    7/12/2016

    LinuxNetworkingCheatSheet

    CHEAT SHEETS

    /// BLOG

    /// POLSCAN

    /// WEBSCAN

    CDN USAGE

    Group Coaching Testimonials


    TableofContent
    Basics
    Configuration
    iptables

    Troubleshooting
    Measuring
    Discovery
    Debugging

    LinuxNetworkingCheatSheet
    NFS SSH

    Basics
    Resolveanameviansswitch
    getenthosts<hostname>

    CloudShark :Sharingnetworktraces
    DNSLookup
    dig<domain>
    dig<domain>+noall+answer
    dig<domain>+short
    digMX<domain>
    digNS<domain>
    digANY<domain>
    digx<IP>
    digx<IP>+short
    dig@8.8.8.8<domain>
    http://lzone.de/cheatsheet/LinuxNetworking

    1/7

    7/12/2016

    LinuxNetworkingCheatSheet

    digfinput.txt+noall+answer

    netcatCommands
    nclp<port>
    ncw3<ip><port>

    #Listenonport
    #ListenforconnectionfromIPonport

    #Searchbanners
    echo|ncvnw1<ip><portmin><portmax>
    #Portscan
    ncvnzw1<ip><portmin><portmax>

    paketlife.netcheetsheets

    forallnetworkprotocols(PDFs)

    Configuration
    ethtoolUsage
    ethtooleth0#Printgeneralinfooneth0
    ethtoolieth0#Printkernelmoduleinfo
    ethtoolSeth0#Printeth0trafficstatistics
    ethtoolaeth0#PrintRX,TXandautonegotiationsettings
    ethtoolpeth0#BlinkLED
    #ChangingNICsettings...
    ethtoolseth0speed100
    ethtoolseth0autonegoff
    ethtoolseth0duplexfull
    ethtoolseth0wolg#TurnonwakeonLAN

    Donotforgettomakechangespermanentine.g./etc/network/interfaces.
    ipUsage
    iplinkshow
    iplinkseteth0up
    ipaddrshow
    ipneighshow

    miitoolShowLinkInfos

    #miitoolv
    eth0:negotiated100baseTxFDflowcontrol,linkok
    productinfo:vendor00:07:32,model17rev4
    basicmode:autonegotiationenabled
    basicstatus:autonegotiationcomplete,linkok
    capabilities:1000baseTHD1000baseTFD100baseTxFD100baseTxHD10baseTFD10baseTHD
    advertising:100baseTxFD100baseTxHD10baseTFD10baseTHDflowcontrol
    linkpartner:1000baseTHD1000baseTFD100baseTxFD100baseTxHD10baseTFD10baseTHDflowcontro

    EnableJumboFrames
    ifconfigeth1mtu9000
    http://lzone.de/cheatsheet/LinuxNetworking

    2/7

    7/12/2016

    LinuxNetworkingCheatSheet

    NFSTuningSecrets

    :SGISlidesonNFSPerformance

    iptables
    ipsetsvs.iptablesPerformance
    ipsetsUsingIPsetsforsimpleriptablesrules
    ipsetcreatesmtpblockshash:netcounters
    ipsetaddsmtpblocks27.112.32.0/19
    ipsetaddsmtpblocks204.8.87.0/24
    iptablesAINPUTptcpdport25msetmatchsetsmtpblockssrcjDROP

    iptablesLoopbackRouting:

    iptablestnatAPOSTROUTINGd<internalwebserverIP>s<internalnetworkaddress>ptcpdpo

    iptablesShowactiverules:
    iptablesS
    iptablesL
    iptablesL<table>

    iptablesFullflush:
    iptablesF
    iptablesX
    iptablestnatF
    iptablestnatX
    iptablestmangleF
    iptablestmangleX
    iptablesPINPUTACCEPT
    iptablesPFORWARDACCEPT
    iptablesPOUTPUTACCEPT

    iptablesAllowestablished:
    iptablesAINPUTmconntrackctstateRELATED,ESTABLISHEDjACCEPT

    iptablesLogfailedrequests:
    iptablesIINPUT5mlimitlimit5/minjLOGlogprefix"iptablesdenied:"loglevel7

    iptablesPersistencyonDebian:
    aptgetinstalliptablespersistent
    #Setsomerulesandcall
    invokerc.diptablespersistentsave

    http://lzone.de/cheatsheet/LinuxNetworking

    3/7

    7/12/2016

    LinuxNetworkingCheatSheet

    iptablesPersistencyonUbuntu:UFW

    (UncomplicatedFireWall)

    ufwenable
    ufwstatus
    ufwallowssh/tcp
    ufwallowfrom<IP>prototcptoanyport<port>
    ufwdeleteallowfrom<IP>prototcptoanyport<port>

    fail2banCLICommands
    fail2banclientstatus
    fail2banclientstatus<jailname>

    Troubleshooting
    BlackHoleRoute:ToblockIPscreaterouteonloopback
    routeaddnet91.65.16.0/24gw127.0.0.1lo#forasubnet
    routeadd91.65.16.4gw127.0.0.1lo#forasingleIP

    QuickAccessLogIPTopList
    tail100000access.log|awk'{print$1}'|sort|uniqc|sortnr|head25

    FindoutifIPisusedbeforeconfiguringit
    arping<IP>

    TraceroutewithASandnetworknamelookup
    lftANwww.google.de

    ManuallylookupAS 3220
    dailychanges.com

    Lookup

    :TracksDNSchanges

    Measuring
    vnstatShorttermmeasurementbytes/packetsmin/avg/max:
    vnstatl#LivelistinguntilCtrlCandsummary
    vnstattr#5sautomatictrafficsample

    vnstatLongtermstatistics:
    vnstath#lasthours(includingASCIIgraph)
    vnstatd#lastdays
    vnstatw#lastweeks
    vnstatm#lastmonths
    vnstatt#top10days
    http://lzone.de/cheatsheet/LinuxNetworking

    4/7

    7/12/2016

    LinuxNetworkingCheatSheet

    curlTimedetailsonHTTPrequests:

    curlw"DNS:%{time_namelookup}Connect:%{time_connect}start:%{time_starttransfer}total:%{tim

    Discovery
    LLDP
    lldpctl
    lldpctleth0

    nmapcommands
    #Networkscan
    nmapsP192.168.0.0/24
    #Hostscan
    nmap<ip>
    nmapF<ip>#fast
    nmapO<ip>#detectOS
    nmapsV<ip>#detectservicesandversions
    nmapsU<ip>#detectUDPservices
    #Alternativehostdiscovery
    nmapPS<ip>#TCPSYNscan
    nmapPA<ip>#TCPACKscan
    nmapPO<ip>#IPping
    nmapPU<ip>#UDPping
    #Alternativeservicediscovery
    nmapsS<ip>
    nmapsT<ip>
    nmapsA<ip>
    nmapsW<ip>
    #Checkingfirewalls
    nmapsN<ip>
    nmapsF<ip>
    nmapsX<ip>

    Debugging
    XTraceMultiprotocoltracingframework
    iptrafRealtimestatisticsinncursesinterfaces
    mtrDebugrouting/packagelossissues
    netstatThedifferentmodes
    #Typicallyusedmodes
    netstatrn#Listroutes
    netstattlnp#ListallopenTCPconnections
    netstattlnpc#Continuouslydotheabove
    netstattulpen#Extendedconnectionview
    netstata#Listallsockets
    http://lzone.de/cheatsheet/LinuxNetworking

    5/7

    7/12/2016

    LinuxNetworkingCheatSheet

    #Andmorerarelyused
    netstats#Listperprotocolstatistics
    netstatsu#ListUDPstatistics
    netstatM#Listmasqueradedconnections
    netstati#Listinterfacesandcounters
    netstato#Watchtime/waithandling

    nttcpTCPperformancetesting
    #Onsendinghost
    nttcpts
    #Onreceivinghost
    nttcprs

    ListKernelSettings
    sysctlnet

    SNMPDumpallMIBs

    :WhenyouneedtofindtheMIBforanobjectknownonlybynametry

    snmpwalkcpublicv1Os<myhost>.iso|grep<searchstring>

    HurricaneElectricBGPTools :StatisticsonallASaswellaslinkstotheirlookingglasses.
    tcpdumpBeverboseandprintfullpackagehexdumps:
    tcpdumpieth0nNvvvxXs1500port<someport>

    tcpdumpNonpromiscuousmodetolistonlytrafficthatthenetworkstackprocesses:
    tcpdumpe...

    tcpdumpTutorial

    :Manyusageexamples.

    #Filterport
    tcpdumpport80
    tcpdumpsrcport1025
    tcpdumpdstport389
    tcpdumpportrange2123
    #FiltersourceordestinationIP
    tcpdumpsrc10.0.0.1
    tcpdumpdest10.0.0.2
    #Filtereverythingonnetwork
    tcpdumpnet1.2.3.0/24
    #Logicallyoperators
    tcpdumpsrcport1025andtcp
    #ProvidefullhexdumpofcapturedHTTPpackages
    tcpdumps0xport80
    #FilterTCPflags(e.g.RST)
    http://lzone.de/cheatsheet/LinuxNetworking

    6/7

    7/12/2016

    LinuxNetworkingCheatSheet

    tcpdump'tcp[13]&4!=0'

    darkstat
    0

    libpcapmonitoring
    Tweet

    http://lzone.de/cheatsheet/LinuxNetworking

    7/7

    You might also like