ping- Send an ICMP ECHO_REQUEST to network hoststraceroute- Print the route packets trace to a network hostnetstat- Print network connections, routing tables, interface statistics, masquerade connections, and multicast membershipsftp- Internet file transfer programwget- Non-interactive network downloaderssh- OpenSSH SSH client (remote login program)
The ping command sends a special network packet called an IMCP ECHO_REQUEST to a specified host. Most network devices receiving this packet will reply to it, allowing the network connection to be verified.
Note: It is possible to configure most network devices (including Linux hosts) to ignore these packets. This is usually done for security reasons, to partially obscure a host from a potential attacker. It is also common for firewalls to be configured to block IMCP traffic.
himanshu@workstation:~$ ping google.com
PING google.com (172.217.166.110) 56(84) bytes of data.
64 bytes from maa05s09-in-f14.1e100.net (172.217.166.110): icmp_seq=1 ttl=58 time=25.0 ms
64 bytes from maa05s09-in-f14.1e100.net (172.217.166.110): icmp_seq=2 ttl=58 time=24.1 ms
64 bytes from maa05s09-in-f14.1e100.net (172.217.166.110): icmp_seq=3 ttl=58 time=56.6 ms
64 bytes from maa05s09-in-f14.1e100.net (172.217.166.110): icmp_seq=4 ttl=58 time=41.7 ms
^C
--- google.com ping statistics ---
4 packets transmitted, 4 received, 0% packet loss, time 3004ms
rtt min/avg/max/mdev = 24.126/36.855/56.646/13.391 ms
The traceroute program displays a listing of all the “hops” network traffic takes to get from the local system to a specified host.
himanshu@workstation:~$ traceroute www.google.com
traceroute to www.google.com (172.217.163.196), 30 hops max, 60 byte packets
1 _gateway (192.168.1.1) 3.069 ms 3.602 ms 4.220 ms
2 115.98.212.1 (115.98.212.1) 5.371 ms 4.708 ms 5.865 ms
3 202.88.190.157 (202.88.190.157) 7.802 ms 6.443 ms 7.039 ms
4 10.241.1.6 (10.241.1.6) 10.200 ms 10.739 ms 11.281 ms
5 10.240.254.120 (10.240.254.120) 8.144 ms 8.739 ms 9.385 ms
6 10.240.254.1 (10.240.254.1) 11.687 ms 4.409 ms 5.861 ms
7 10.241.1.1 (10.241.1.1) 5.157 ms 4.407 ms 3.732 ms
8 136.232.28.173.static.jio.com (136.232.28.173) 6.924 ms 7.541 ms 6.199 ms
9 * * *
10 * * 72.14.217.254 (72.14.217.254) 16.266 ms
11 74.125.51.4 (74.125.51.4) 23.005 ms 74.125.50.202 (74.125.50.202) 20.190 ms 28.912 ms
12 74.125.242.129 (74.125.242.129) 26.163 ms 39.160 ms *
13 108.170.253.97 (108.170.253.97) 34.662 ms 142.251.55.246 (142.251.55.246) 19.193 ms 142.251.55.68 (142.251.55.68) 26.867 ms
14 74.125.242.129 (74.125.242.129) 24.506 ms maa05s06-in-f4.1e100.net (172.217.163.196) 26.088 ms 74.125.242.129 (74.125.242.129) 23.756 ms
We have to hop 14 routers
For routers that provided identifying information, we see their hostnames, IP addresses, and performance data, which includes three samples of round-trip time from the local system to the router. For routers that do not provide identifying information (because of router configuration, network congestion, firewalls, etc.)
himanshu@workstation:~$ netstat -ie
Kernel Interface table
docker0: flags=4099<UP,BROADCAST,MULTICAST> mtu 1500
inet 172.17.0.1 netmask 255.255.0.0 broadcast 172.17.255.255
ether 02:42:4e:0c:4c:e8 txqueuelen 0 (Ethernet)
RX packets 0 bytes 0 (0.0 B)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 0 bytes 0 (0.0 B)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
enp2s0: flags=4099<UP,BROADCAST,MULTICAST> mtu 1500
ether 10:7d:1a:3a:7b:a8 txqueuelen 1000 (Ethernet)
RX packets 0 bytes 0 (0.0 B)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 0 bytes 0 (0.0 B)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536
inet 127.0.0.1 netmask 255.0.0.0
inet6 ::1 prefixlen 128 scopeid 0x10<host>
loop txqueuelen 1000 (Local Loopback)
RX packets 7251 bytes 1973719 (1.9 MB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 7251 bytes 1973719 (1.9 MB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
wlp1s0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 192.168.1.10 netmask 255.255.255.0 broadcast 192.168.1.255
inet6 fe80::5495:1fdb:2db7:1594 prefixlen 64 scopeid 0x20<link>
ether e8:9e:b4:20:44:09 txqueuelen 1000 (Ethernet)
RX packets 300067 bytes 369059576 (369.0 MB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 67261 bytes 16773360 (16.7 MB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
eth0is the Ethernet interface.lo, is the loopback interface, a virtual interface that the system uses to “talk to itself.”
When performing causal network diagnostics, the important things to look for are the presence of the word “UP” at the fourth column in first line for each interface, indicating that the network interface is enabled.
Using the “-r” option will display the kernel’s network routing table.
himanshu@workstation:~$ netstat -r
Kernel IP routing table
Destination Gateway Genmask Flags MSS Window irtt Iface
default _gateway 0.0.0.0 UG 0 0 0 wlp1s0
link-local 0.0.0.0 255.255.0.0 U 0 0 0 wlp1s0
172.17.0.0 0.0.0.0 255.255.0.0 U 0 0 0 docker0
192.168.1.0 0.0.0.0 255.255.255.0 U 0 0 0 wlp1s0
himanshu@workstation:~$ netstat -nr
Kernel IP routing table
Destination Gateway Genmask Flags MSS Window irtt Iface
0.0.0.0 192.168.1.1 0.0.0.0 UG 0 0 0 wlp1s0
169.254.0.0 0.0.0.0 255.255.0.0 U 0 0 0 wlp1s0
172.17.0.0 0.0.0.0 255.255.0.0 U 0 0 0 docker0
192.168.1.0 0.0.0.0 255.255.255.0 U 0 0 0 wlp1s0
We can get same table with $ route command as well.
Name drived from underlying protocol File Transfer Protocol.
Before there were web browsers, there was the ftp program. ftp is used to communicate with FTP servers, machines that contain files that can be uploaded and downloaded over a network.
FTP (in its original form) is not secure, because it sends account names and passwords in cleartext. This means that they are not encrypted and anyone sniffing the network can see them. Because of this, almost all FTP done over the Internet is done by anonymous FTP servers. An anonymous server allows anyone to login using the login name “anonymous” and a meaningless password.
ftp is not the only command-line FTP client. In fact, there are many. One of the better (and more popular) ones is lftp by Alexander Lukyanov. It works much like the traditional ftp program, but has many additional convenience features including multiple protocol support (including HTTP), automatic re-try on failed downloads, background processes, tab completion of path names, and many more.
Another popular command-line program for file downloading is wget. It is useful for downloading content from both web and FTP sites. Single files, multiple files, and even entire sites can be downloaded.
$ wget google.com
--2022-10-15 23:23:57-- http://google.com/
Resolving google.com (google.com)... 172.217.166.110, 2404:6800:4007:811::200e
Connecting to google.com (google.com)|172.217.166.110|:80... connected.
HTTP request sent, awaiting response... 301 Moved Permanently
Location: http://www.google.com/ [following]
--2022-10-15 23:23:57-- http://www.google.com/
Resolving www.google.com (www.google.com)... 172.217.163.196, 2404:6800:4007:810::2004
Connecting to www.google.com (www.google.com)|172.217.163.196|:80... connected.
HTTP request sent, awaiting response... 200 OK
Length: unspecified [text/html]
Saving to: ‘index.html’
index.html [ <=> ] 15.93K --.-KB/s in 0s
2022-10-15 23:23:58 (72.1 MB/s) - ‘index.html’ saved [16315]
This downloads index.html page of google.com
Some old tools for this was rlogin and telnet programs. These programs, however, suffer from the same fatal flaw that the ftp program does; they transmit all their communications (including login
names and passwords) in cleartext.
ssh to address this problem, a new protocol called SSH (Secure Shell) was developed.
First, it authenticates that the remote host is who it says it is (thus preventing so-called “man in the middle” attacks), and second, it encrypts all of the communications between the local and remote hosts.
SSH consists of two parts. An SSH server runs on the remote host, listening for incoming connections on port 22, while an SSH client is used on the local system to communicate with the remote server.
Most Linux distributions ship an implementation of SSH called OpenSSH from the OpenBSD project. Some distributions include both the client and the server packages by default (for example, Red Hat), while others (such as Ubuntu) only supply the client. To enable a system to receive remote connections, it must have the OpenSSH-server package installed, configured and running, and (if the system is either running or is behind a firewall) it must allow incoming network connections on TCP port 22.
Check if you have ssh client already or not
$ dpkg --list | grep ssh-client
ii openssh-client
If not then install client as
$ sudo apt-get install openssh-client
Check the host to which we want to connect have ssh server. Run below command on target host.
$ ssh localhost
ssh: connect to host localhost port 22: Connection refused username@host
Then you need to install ssh server as
$ sudo apt-get install openssh-server
Then try again
$ ssh localhost
The authenticity of host 'localhost (127.0.0.1)' can't be established.
ED25519 key fingerprint is SHA256:LC/sOf90k1B1qNjlpEOtIdxchFGmCFYEs9Rpny1FALc.
This key is not known by any other names
Are you sure you want to continue connecting (yes/no/[fingerprint])? yes
Warning: Permanently added 'localhost' (ED25519) to the list of known hosts.
himanshu@localhost's password:
$ exit
logout
Connection to localhost closed.
If the local user “me” had an account named “bob” on a remote system, user me could log in to the account bob on the remote system as follows:
[me@linuxbox ~]$ ssh bob@remote-sys
bob@remote-sys's password:
Last login: Sat Aug 30 13:03:21 2008
[bob@remote-sys ~]$
Besides opening a shell session on a remote system, ssh also allows us to execute a single command on a remote system. For example, to execute the free command on a remote host named remote-sys and have the results displayed on the local system:
[me@linuxbox ~]$ ssh remote-sys free
me@twin4's password:
total used free Mem:
...
OR
[me@linuxbox ~]$ ssh remote-sys 'ls *' > dirlist.txt
me@twin4's password:
[me@linuxbox ~]$
Notice the use of the single quotes in the command above. This is done because we do not want the pathname expansion performed on the local machine; rather, we want it to be performed on the remote system.
The OpenSSH package also includes two programs that can make use of an SSH-en- crypted tunnel to copy files across the network.
- scp (secure copy)
- sftp (secure ftp)
But source or destination pathnames may be preceded with the name of a remote host, followed by a colon character.
For example, if we wanted to copy a document named document.txt from our home directory on the remote system, remote-sys, to the current working directory on our local system, we could do this:
[me@linuxbox ~]$ scp remote-sys:document.txt .
me@remote-sys's password:
document.txt 100% 5581
[me@linuxbox ~]$
As with ssh, you may apply a username to the beginning of the remote host’s name if the desired remote host account name does not match that of the local system:
[me@linuxbox ~]$ scp bob@remote-sys:document.txt .
sftp works much like the original ftp program that we used earlier; however, instead of transmitting everything in cleartext, it uses an SSH encrypted tunnel. sftp has an important advantage over conventional ftp in that it does not require an FTP server to be running on the remote host. It only requires the SSH server. This means that any remote machine that can connect with the SSH client can also
be used as a FTP-like server.
himanshu@workstation:~/HP$ sftp localhost
himanshu@localhost's password:
Connected to localhost.
sftp> cd HP/
sftp> ls
Pics dev index.html
sftp> get index.html
Fetching /home/himanshu/HP/index.html to index.html
index.html 0% 0 0.0KB/s --:-- ETA
sftp> bye
himanshu@workstation:~/HP$