Common Network Utilities


1. Determine if remote host is up/available: 'ping'

2. Determine if local/remote service is available: 'telnet'

3. Determine network sockets stats/connections: 'netstat'

4. View L2 information:'arp'

5. View path taken by packets to remote system: 'traceroute'

6. Hostname-to-IP and reverse resolution: 'nslookup', 'dig'

7. Learn more information about and IP and/or block: 'whois'


1. Explore Packet Internet Groper (PING)

a. 'ping -c 3 -s 32' - sends 32-bytes + 8-bytes (ICMP overhead)

b. 'ping -c 3 -i 3' - sends 3-packets of 56-bytes, every 3-seconds to the target.

Note: PING may be blocked by L3 devices on your network and/or the Internet

2. Telnet - Don't use for TTY access to remote host. Use SSH. Use telnet to test port-accessibility.

a. 'telnet' - Install if necessary using yum.

3. Netstat - reveals TCP:UDP:Lnix sockets - '/proc/net'

a. 'netstat -a' - dumps all sockets with: service/port and hostname resolution

b. 'netstat -an' - same as above, but suppresses name resolution

c. 'netstat -ntl' - suppresses name resolution, shows only TCP sockets, and Listeners

d. 'netstat -ntlp' - same as above, includes programs bound to ports

Note: 'Use '-p' option as root to reveal ALL programs'

Note: ':::514' - means that port is bound to ALL IPv6 addresses configured on the host

Note: '' - means that port is bound to ALL IPv4 addressesconfigures on the host

e. 'netstat -i'

f. 'netstat -nulp' - returns ALL UDP listeners

g. 'netstat -rn' - returns kernel routing table

4. ARP - Address Resolution Protocol

a. 'arp -a || arp -e'

Note: ARP is usually self managing.

5. Traceroute - follows path taken by packets across the network (Intra/Internet)

a. 'traceroute'

b. 'traceroute'

6. 'nslookup'

a. 'nslookup'

DNS client tools use: '/etc/resolv.conf' to determine which DNS servers to query

7. 'dig'

a. 'dig'

b. 'dig -x' - performs a reverse lookup

c. 'dig mx'

8. 'whois' - Finds IP/domain ownership information

a. 'whois'

No comments:

Post a Comment