Networking on Linux
-
Find all devices in the local network
nmap -sn 192.168.1.* -
List open ports and processes that owns them
lsof -ior
netstat -tulpnss -tulpn -
Get process which is bound to port
22lsof -i :22 -
Show both listening and non-listening sockets
netstat -a -
Show all TCP connections
netstat -t -
Display all connections and don’t resolve names
netstat -an -
View processes which are using the network connection
netstat -p -
Get listening ports
netstat -napt | grep -i LISTEN -
Ask the DNS server where the domain can be found - ommit the cache
dig www.google.com @ns1.syseleven.de -
View the packets which go through port
18026on localhosttcpdump -s 0 -X port 18026 -i lo-s- show the whole package-X- print package data-i lo- use the lo interface, ifconfig will show you the lo interfaceView available interfaces with
sudo tcpdump -D -
Sniff on
10.0.50.2:9200tcpdump -s 0 -X port 9200 and host 10.0.50.2 -i et0Check for the
et0interface withifconfig -
Sniff and save to a file which later can be used with Wireshark
tcpdump -s 0 -w file-name.pcap -X port 9000 -i venet0Find the file in:
/var/lib/tcpdump/Quick Wireshark Tips:
- set filter to: http
- right click on a packet > Decode As > Choose the Transport tab and select HTTP
-
View only the answer section
dig redhat.com +noall +answer -
View the MX DNS records
dig -t MX redhat.com +noall +answer -
View only the NS DNS records
dig -t NS redhat.com +short -
View all DNS records
dig -t ANY redhat.com +noall +answer -
View only the IP of the A record
dig redhat.com +short -
View the URL of the given IP (reverse lookup)
dig -x 209.132.183.81 +short -
View TXT record
dig -t TXT yandex-verification.domain.com