CNT-2311-Chapter 8 Notes: Difference between revisions

From ITCwiki
Jump to navigation Jump to search
(Created page with "== Ifup and ifdown command *(pg. 408) == ::-The ifup command bring the interface up ::-The ifdown command bring the interface down == Example of ifup/ifdown *(pag.408) == ::“...")
 
Line 42: Line 42:
== Tracepath command *(pg. 413) ==
== Tracepath command *(pg. 413) ==
::- This command is a lot similar to traceroute
::- This command is a lot similar to traceroute
== Checking Network Status ==
::-A useful diagnostic tool is Netstat
::-Netstat can be used in place of many other tools.
::-It also shows information that is not easily found in other ways.
== Netstat options  ==
::-Interface information: use netstat –interface or -i parameter to see information about
::network interfaces. This is similar to what ifconfig command displays
::-Routing information: use netstat –route or -r parameter to see the routing table. This
::output is similar to what the route command shows
::-Masquerade information: use netstat –masquerade or –M to see information about
::connections mediated by Linux’s NAT features . This is a good way to stretch limited
::IPv4 addresses.
::-Program use: use netstat –program or –p parameter to show information about programs that
::are using network connections.
::-All connections: use netstat –all or –a parameter to display information about the ports
::that server programs open to listen for network connections.
== tcpdump ==
::-Advanced network troubleshooting tool.
::-tcpdump is a packet sniffer that intercepts network packets and log them on the screen.
::-Useful tool to verify that computer is receiving data from other computers
::-This is also useful to examine the data in its raw form, which can be helpful if you
::-understand protocols implementation details allowing you to spot problems.
::-Be aware that packet sniffers can be used by individuals to capture passwords sent over
::the network.
::-You must use tcpdump in root mode.
::-Once you enter tcpdump it summarizes what it is doing and prints lines, one for each packet
::it monitors.
::-Lines consist of time stamps, stack identifiers, origin system name, IP addresses and
::port, destination system name and packet-specific information.
::-Once tcpdump starts it dose not stop so you must press Ctrl+C to terminate it.
== tcpdump options ==
::- A: displays packet contents in ASCII
::- D: Displays a list of interfaces tcpdump can listen to.
::- n: Shows all addresses numerically.
::- v: Shows additional packet information.
::- w file: Used to write captured packets to the specified file.
::-You could consult tcpdump’s man page for details and for additional options.
== Additional Networking Tools ==
::-Other than networking diagnostic programs you could use some common programs as debugging tools.
::-One of the most helpful tools may be Telnet a program and protocol tool that is mainly used as
::a remote login tool.
::-Telnet is considered a poor choice as a remote login protocol due to the fact that it
::is entirely unencrypted.
::-A good rule to follow is that you should remove Telnet server from your system and never use
::the telnet client program. SSH is a safer alternative to Telnet described in chapter 10.
== Using Telnet to Debug Network Protocols ==
::-If you include a port number after the remote hostname, the program connects to the
::specified port allowing you to interact with the server.
::-To use telnet this way you must know a lot of information about the protocol. Without
::the knowledge of the protocol you can still use Telnet to test if a server is running or not.
::-If you try to connect and get a connection refused error message you know that a remote
::server is not running or is inaccessible. (This may be because a firewall is blocking
::the connection)
::-If the result is Escape character this means that the server is running, even though it
::could not be working correctly.
::-This test only works for protocols that us TCP. UDP tools will not connect.
== Using Telnet to Debug Network Protocols continued ==
::-Sometimes File Transfer Protocols (FTP) can be a helpful tool.
::-This program allows you to transfer files between systems, as its name suggests.
::-To use this tool type the program name followed by the FTP servers name, which will then
::show you a login prompt, allowing you to issue FTP commands.

Revision as of 22:12, 24 March 2011

Ifup and ifdown command *(pg. 408)

-The ifup command bring the interface up
-The ifdown command bring the interface down

Example of ifup/ifdown *(pag.408)

“ifup eth0”
–bring up the interface eth0“ifdown eth0”.
–bring down the interface eth0- useful to quickly to take down a interface or
bring it up, because you do not need to remember all the detail of the IP
address, route and so on.

Hostnames *(pg. 409)

There are 2 way to configure the hostname
-On DNS
-On you local computer

Domain Name System (DNS) *(pg. 409)

- “is a distributed database computers that converts between IP addresses and
hostnames”.
- The DNS server just sit and listen for other computers on the network to send
request.
- The server then send the request out to other DNS server if it cannot find it
in it cache.
- If the server found what the request is asking for then it will send a request
back to the computer telling it where to go.

Diagnosing Network Connections *(pg. 412)

- There are a few command that will help diagnose a problem.
- They are ping, traceroute, tracepath, netstat, and tcpdump.

Ping command *(pg. 412)

- The ping command is a very basic network test, which send ICMP packet to the
system you name, hostnames, or ip address and wait for a reply
- In Linux it send the packet every second until you press Ctrl+C key to stop
the stroke.

Traceroute command *(pg. 412-413)

- This command will sends a series of three test packets to each computer
between your system and a specified target system

Tracepath command *(pg. 413)

- This command is a lot similar to traceroute

Checking Network Status

-A useful diagnostic tool is Netstat
-Netstat can be used in place of many other tools.
-It also shows information that is not easily found in other ways.

Netstat options

-Interface information: use netstat –interface or -i parameter to see information about
network interfaces. This is similar to what ifconfig command displays
-Routing information: use netstat –route or -r parameter to see the routing table. This
output is similar to what the route command shows
-Masquerade information: use netstat –masquerade or –M to see information about
connections mediated by Linux’s NAT features . This is a good way to stretch limited
IPv4 addresses.
-Program use: use netstat –program or –p parameter to show information about programs that
are using network connections.
-All connections: use netstat –all or –a parameter to display information about the ports
that server programs open to listen for network connections.

tcpdump

-Advanced network troubleshooting tool.
-tcpdump is a packet sniffer that intercepts network packets and log them on the screen.
-Useful tool to verify that computer is receiving data from other computers
-This is also useful to examine the data in its raw form, which can be helpful if you
-understand protocols implementation details allowing you to spot problems.
-Be aware that packet sniffers can be used by individuals to capture passwords sent over
the network.
-You must use tcpdump in root mode.
-Once you enter tcpdump it summarizes what it is doing and prints lines, one for each packet
it monitors.
-Lines consist of time stamps, stack identifiers, origin system name, IP addresses and
port, destination system name and packet-specific information.
-Once tcpdump starts it dose not stop so you must press Ctrl+C to terminate it.

tcpdump options

- A: displays packet contents in ASCII
- D: Displays a list of interfaces tcpdump can listen to.
- n: Shows all addresses numerically.
- v: Shows additional packet information.
- w file: Used to write captured packets to the specified file.
-You could consult tcpdump’s man page for details and for additional options.

Additional Networking Tools

-Other than networking diagnostic programs you could use some common programs as debugging tools.
-One of the most helpful tools may be Telnet a program and protocol tool that is mainly used as
a remote login tool.
-Telnet is considered a poor choice as a remote login protocol due to the fact that it
is entirely unencrypted.
-A good rule to follow is that you should remove Telnet server from your system and never use
the telnet client program. SSH is a safer alternative to Telnet described in chapter 10.

Using Telnet to Debug Network Protocols

-If you include a port number after the remote hostname, the program connects to the
specified port allowing you to interact with the server.
-To use telnet this way you must know a lot of information about the protocol. Without
the knowledge of the protocol you can still use Telnet to test if a server is running or not.
-If you try to connect and get a connection refused error message you know that a remote
server is not running or is inaccessible. (This may be because a firewall is blocking
the connection)
-If the result is Escape character this means that the server is running, even though it
could not be working correctly.
-This test only works for protocols that us TCP. UDP tools will not connect.

Using Telnet to Debug Network Protocols continued

-Sometimes File Transfer Protocols (FTP) can be a helpful tool.
-This program allows you to transfer files between systems, as its name suggests.
-To use this tool type the program name followed by the FTP servers name, which will then
show you a login prompt, allowing you to issue FTP commands.