Linux commands for networking with command line

This post has a collection of Linux commands for networking. There are basic linux network commands, advanced linux network commands and some centos network configuration commands, but I’ve tried to keep it to the point.

jump to:
Linux Network Configuration
Basic Linux Network Commands
Advanced Linux Network Commands

Linux commands for networking

Linux commands for Networking Configuration

When setting up a new redhat / centos based machine, the first thing you will need to do once the system is installed is to configure the network.

Navigate to the network configuration directory – /etc/sysconfig/network-scripts

cd /etc/sysconfig/network-scripts

Assuming you are configuring interface eth0 [though this will work for any networking device that is found by the kernel]

vi ifcfg-eth0

The easiest way to configure your network device is to enable dhcp.
Check that the ifcfg-eth0 file has (among other things):

ONBOOT=yes
BOOTPROTO=dhcp

If you need to configure a static IP for the device:

ONBOOT=yes
BOOTPROTO=none
IPADDR=xxx.xxx.xxx.xxx #[replace the xxx with your ipaddress]
NETMASK=xxx.xxx.xxx.xxx #[replace xxx with your netmask]
GATEWAY=xxx.xxx.xxx.xxx #[replace xxx with your gateway (router) device's ip address so that your traffic can be routed correctly]

You can also add in the DNS servers to query in this file:

PEERDNS=yes
DNS=8.8.8.8

Save and exit from the ifcfg-eth0 file.

Now, to apply the settings you just made:

service network restart

You should be able to ping google.com now.

Follow this link for a tutorial on how to configure multiple IP addresses on a single network port.

basic linux network commands

Basic Linux Network Commands

Linux commands for networking – Basic commands. These are a few basic linux network commands that I use day-to day to find information on servers, check if they are responding, find which name-servers they use, and which entries they have in their DNS records

HOSTNAME

man hostname

To show the current name of the server you are on:

hostname

to show the current domain of the server you are on:

hostname -d

to show the FQDN of the server you are on:

hostname -f

to show the ipaddress of the server you are on

hostname -i

PING

man ping

ping is one of the most basic linux network commands. It’s also one of the most frequently used commands.

ping google.com

there are a lot of options for ping, but -c for ‘count’ is the one I use most often:

ping -c5 google.com
PING google.com (216.58.204.142) 56(84) bytes of data.
64 bytes from par21s05-in-f14.1e100.net (216.58.204.142): icmp_seq=1 ttl=54 time=5.18 ms
64 bytes from par21s05-in-f14.1e100.net (216.58.204.142): icmp_seq=2 ttl=54 time=5.02 ms
64 bytes from par21s05-in-f14.1e100.net (216.58.204.142): icmp_seq=3 ttl=54 time=5.00 ms
64 bytes from par21s05-in-f14.1e100.net (216.58.204.142): icmp_seq=4 ttl=54 time=5.00 ms
64 bytes from par21s05-in-f14.1e100.net (216.58.204.142): icmp_seq=5 ttl=54 time=5.05 ms

--- google.com ping statistics ---
5 packets transmitted, 5 received, 0% packet loss, time 4006ms
rtt min/avg/max/mdev = 5.003/5.053/5.180/0.111 ms 

DIG

man dig

dig is used when you need to find information on a domain name from its DNS entries. In centos its part of the bind-utils, so you might have to yum install bind-utils to get the command first.

Usage:  dig [@global-server] [domain] [q-type] [q-class] {q-opt}
            {global-d-opt} host [@local-server] {local-d-opt}
            [ host [@local-server] {local-d-opt} [...]]

to return A records from your upstream DNS provider:

dig google.com

to return A records from a specific DNS provider (in this case resolver1.opendns.com)

dig @resolver1.opendns.com google.com

to return all records from your upstream DNS provider:

dig google.com any

WHOIS

man whois

whois is used to find registrar information on a domain – who owns that domain name. sometimes it can give you someone to contact, sometimes its hidden

whois google.com

NSLOOKUP

man nslookup

nslookup is used to query DNS to find ip addresses belonging to domain names

nslookup google.com

to query DNS to find ip addresses belonging to domain names, using a specified nameserver (in this case 8.8.8.8)

nslookup 8.8.8.8 google.com
Linux commands for networking

Advanced Linux Network Commands

Linux commands for networking – Advanced commands. These are more advanced commands that I don’t need to use that often, but when I need to find information on a large number of hosts, or active IP addresses, or map my home network, this is what I use for Linux network host discovery – there are various ways to find the hosts in your network using command-line commands.

For the following, it is assumed that:
192.168.1.0/24 is your whole network
192.168.1.255 is your broadcast address

Replace with your own values (you can find these with ifconfig)

scapy arp ping

you can run an arp-ping in scapy

ARP Ping

The fastest way to discover hosts on a local ethernet network is to use the ARP Ping method. This can help you address ip conflicts by listing all the hosts on your network (incase you have multiple hosts connected to your network trying to use the same ip address)

ans,unans=srp(Ether(dst="ff:ff:ff:ff:ff:ff")/ARP(pdst="192.168.1.0/24"),timeout=2)
ans.summary(lambda (s,r): r.sprintf("%Ether.src% %ARP.psrc%") )

broadcast ping

Use the -b flag to ping your broadcast address, and listen for all the replies

ping -b 192.168.1.255

nmap

-sn (No port scan)
This option tells Nmap not to do a port scan after host discovery, and only print out the available hosts that responded to the host discovery probes. This is often known as a “ping scan”. It can easily be used to count available machines on a network or monitor server availability. This is often called a ping sweep, and is more reliable than pinging the broadcast address because many hosts do not reply to broadcast queries.
In previous releases of Nmap, -sn was known as -sP.

nmap -sP 192.168.1.0/24

or

nmap -sn 192.168.1.0/24

Netdiscover

netdiscover -r 192.168.1.0/24

arp-scan

sudo arp-scan 192.168.1.0/24

check your arp cache

arp -a -n

Linux commands for networking in metasploit

Metasploit arp scan

See more info here: http://www.offensive-security.com/metasploit-unleashed/Scanner_Discovery_Auxiliary_Modules and in my metasploit tutorial for beginners

msfconsole
use auxiliary/scanner/discovery/arp_sweep
set RHOSTS 192.168.1.0-254
set THREADS 55
run

Metasploit nmap scan

msfconsole
db_nmap -v -sV 192.168.0.0/24
hosts

Leave a Reply