September 9, 2008

Linux Network Commands

Filed under: Linux — Tags: , , — hoball @ 2:32 pm

Quoted from Here

This category contains the most basic network commands available on Linux platform.
w Shows who is currently logged in and where they are logged in from.
who This also shows who is on the server in an shell.
netstat Shows all current network connections.
netstat -an Shows all connections to the server, the source and destination ips and ports.
netstat -rn Shows routing table for all ips bound to the server.
netstat -an |grep :80 |wc -l Show how many active connections there are to apache (httpd runs on port 80)
top Shows live system processes in a formatted table, memory information, uptime and other useful info.

While in top, Shift + M to sort by memory usage or Shift + P to sort by CPU usage

top -u root Show processes running by user root only.
route -n Shows routing table for all ips bound to the server.
route add default gw my_computer Add a default gateway to my_computer
nslookup yahoo.com Query your default domain name server (DNS) for an Internet name (or IP number) host_to_find.
traceroute yahoo.com Have a look how you messages travel to yahoo.com
tracepath yahoo.com Performs a very similar function to traceroute.
ifconfig Display info on the network interfaces.
ifconfig -a Display into on all network interfaces on server, active or inactive..
ifconfig eth0 down This will take eth0 (assuming the device exists) down, it won’t be able to receive or send anything until you put the device back 「up」 again.
ifconfig eth0 up You guessed it. This would take eth0 up and available to receive or send packets.
/sbin/ifconfig eth0 netmask broadcast Assign IP, netmask and broadcast address to interface eth0.
ifup eth0 Will bring eth0 up if it is currently down.
ifdown eth0 Will bring eth0 down if it is currently up.
ifcfg Use ifcfg to configure a particular interface. Simply type ifcfg to get help on using this script.
ifcfg eth0 del This command takes eth0 down and removes the assigned IP
ifcfg eth0 add This command brings eth0 up and assigns the new IP
ping Sends test packets to a specified server to check if it is responding properly
ping yahoo.com Sends echo requests to yahoo.com
mii-tool Checks what your duplex settings are.
arp Command mostly used for checking existing Ethernet connectivity and IP address
hostname Tells the user the host name of the computer they are logged into.
findsmb Used to list info about machines that respond to SMB name queries. findsmb with no argument would find all machines possible. You can also specify a particular subnet to localize search.
host yahoo.com Performs a simple lookup of an internet address using DNS.
dig yahoo.com The “domain information groper” tool. This example looks up information about yahoo.com such as IP.
dig -x Looks up the address and returns the associated domain name. dig takes a huge number of options (at the point of being too many), refer to the manual page for more information.
whois Used to look up the contact information from the 「whois」 databases. Also reports IP address and name server of domain as well as creation and expiration dates..
ftp File transfer protocol. Transfers files to another host (insecure)
rdesktop Display remote desktop on Linux Machine. You can use to connect to Windows.
All the remote network administration related tools and techniques available on Linux platform.
ssh Secure shell, an alternative but secure to telnet/rsh and all the non-secure methods of logging in to remote servers. All connections get encrypted.
ssh username@hostname Connect to a remote server by specifying your username and hostname you’re logging into.
scp <from_server> <to_server> Secure copy. Allows you to copy files from one computer to another computer, use -r to copy recursively.
scp -r jose@remote1:/tmp greg@remote2:/tmp Do a recursive scp of /tmp on remote1 server logging in as jose to remote2 server /tmp logging in as greg.
scp remote:/home/me/junk/* . This will copy files on the remote machine in the directory 「/home/me/junk/」 to your local computer.
sftp Secure ftp, another part of the ssh package. This command is similar to ftp but uses an encrypted tunnel to connect to an ftp server and is therefore more secure than just plain ftp.
rsync An open source utility that provides fast incremental file transfer. Can be transferred via ssh.
rsync -av -e ssh remote@server:/home/dir /local/dir Rsync command used via ssh to login as default user on remote server to fetch /home/dir to local server and path /local/dir.
tcpdump Print all the network traffic going through the network. Do a ‘man tcpdump’ to learn more.
tcpdump -v Display the verbose output
tcpdump -D Display network interfaces available for the capture
tcpdump -n Display numerical addresses rather than symbolic (DNS) addresses
tcpdump -i eth0 Capture the traffic of eth0 interface
tcpdump udp Capture the UDP traffic
tcpdump -w capture.log Send the capture output in a file instead of directly on the screen
tcpdump -r capture.log Read a capture file
tcpdump port http Capture the TCP port 80 traffic
tcpdump -i eth0 host Listen to all traffic on interface eth0 going to This troubleshooting technique can determine why a web connection is not reaching yahoo.com (
tcpdump host http://www.yahoo.com Display the packets having “www.openmaniak.com” as their source or destination address
tcpdump src and dst and port ftp Display the FTP packets coming from to
nmap A very advanced network tool used to query machines (local or remote) as to whether they are up and what ports are open on these machines. Download it from insecure.org and for additional documentation.
nmap host_name This would query host_name and report what ports it keeps open.
nc Netcat. A networking utility which reads and writes data across network connections, using the TCP/IP protocol.
wget (GNU Web get) used to download files from the World Wide Web. To archive a single web-site.

-m or –mirror –> To archive a single website.

-nc –> no clobber option to stop wget from overwriting a file if you already have it.

-c or –continue –> Continue a file that was unfinished by wget or another program.

Wget has a large list of options. Please check the manual pages for more details.

wget http://blog.lxpages.com/ultimate_linux.html This would simply get ultimate_linux.html from blog.lxpages.com website.
curl Another remote downloader similar to wget. This remote downloader is designed to work without user interaction and supports a variety of protocols, can upload/download and has a large number of tricks/work-arounds for various things. It can access dictionary servers (dict), ldap servers, ftp, http, gopher, see the manual page for full details.
curl -M To access the full manual. There are too many options and variations for examples. Please refer to manual for in depth examples and techniques.
curl -u username:password -T index.html ftp://ftp.mywebsite.com This uploads index.html to ftp.mywebsite.com
Apache Shell Commands Some of the basic and helpful apache commands.
httpd -v Outputs the build date and version of the Apache server.
httpd -l Lists compiled in Apache modules
httpd status Only works if mod_status is enabled and shows a page of active connections
service httpd restart Restarted Apache web server
ab -n 100 -c 5 http://blog.lxpages.com/linux_network.html Apache benchmark. Great tool for load testing your site. -n 100 will send 100 # of requests to blog.lxpages.com in order to benchmark
-c 5 is # of concurrency.
All the network related configuration files on a Linux platform.
/etc This directory contains most of the basic Linux system-configuration Files.
/etc/sysconfig Contains important system configuration files that are created and maintained by various services (including iptables, samba, and most networking services).
/etc/sysconfig/network Network configuration file used by the system during the boot process.
/etc/sysconfig/network-scripts Configuration files that are run during boot process related to setting up of your network.
/etc/xinetd.d Contains a set of files, each of which defines a network service that the xinetd daemon listens for on a particular port.
/etc/syslogd.conf The configuration file for the syslogd daemon. syslogd is the daemon that takes care of logging (writing to disk) messages coming from other programs to the system.
/etc/resolv.conf Host name resolver configuration file. This configures Linux so that it knows which DNS server will be resolving domain names into IP addresses.
/etc/hosts Locally resolve node names to IP addresses. This informs Linux of local systems on the network which are not handled by the DNS server.
/etc/nsswitch.conf System Databases and Name Service Switch configuration file. Looks up /etc/hosts first, if host not found then it would query DNS server as defined by /etc/resolv.conf
/var Contains variable data like system logging files, mail and printer spool directories, and transient and temporary files.
/var/log Log files from the system and various programs/services, especially login (/var/log/wtmp, which logs all logins and logouts into the system) and syslog (/var/log/messages, where all kernel and system program message are usually stored).
/var/log/messages System logs. The first place you should look at if your system is in trouble.
/var/log/utmp Active user sessions. This is a data file and as such it can not be viewed normally.
/var/log/wtmp Log of all users who have logged into and out of the system. The last command can be used to access a human readable form of this file.
Network Open Source Network Utilities Some of the most useful network tools available for Linux.
nmap A very advanced network tool used to query machines (local or remote) as to whether they are up and what ports are open on these machines. Download it from insecure.org and for additional documentation.
nc Netcat. A networking utility which reads and writes data across network connections, using the TCP/IP protocol.
ngrep Network grep. Used to debug plaintext protocol interactions such as HTTP, SMTP, FTP, etc.
ntop A network traffic probe that shows the network usage, similar to what the popular top Unix command does.
Hping2 A network probing utility like ping on steroids.
curl and libcurl A command line tool and library for client-side URL transfers.
Rootkit Hunter A file scanner for rootkits, backdoors, and sniffers.
DSPAM A server-side anti-spam agent for UNIX email servers.
RealVNC Cross-platform Virtual Network Computing
Webmin A web-based system administration tool for Unix servers and services.

Leave a Comment »

No comments yet.

RSS feed for comments on this post. TrackBack URI

Leave a Reply

Please log in using one of these methods to post your comment:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

Create a free website or blog at WordPress.com.

%d bloggers like this: