Linux Part 10

Linux Part 10

Network Features
DNS Domain name system – translates Internet names to IP addresses
DHCP – Dynamic Host Configuration Protocol
Ethernet
Hostnames –
IP addresses – IPv4 & IPv6
Network Mask
Routers
TCP /IP
WIFI

To connect a host to a network it needs the 4 following attributes
IP Address – For your host
Netmask – or subnet to distinguish which network your host is on
IP Address from router (Gateway)
IP Address of your DNS Server

Configuring a Network Connection
Automatic Configuration is handle by a DHCP Server
A computer typically needs an IP address and a netmask / subnet mask to connect to your local network.
A DHCP server can deliver a Fixed and Dynamic address.
Fixed (Static) a specific computer will always receive the same IP address & Subnet mask address.
Dynamic – the computer will receive an IP address from the DHCP server but it maybe will be different to the last one.
The easiest way to configure your network connection is with a GUI.

Configuring wireless from shell
Iwlist – is a command that can identify wireless networks
Iwconfig – is for configuring your wifi configuration

Configuring a fixed network connection (Cabled)
ifconfig – used to configure you network adapter
route – used to adjust the computers routing table – this will tell the computer how you want the computer to send the data, based on network packets & which path /route etc
/etc/resolve.conf – contains the IP addresses of DNS servers (up to 3 dns servers) as well as the computers internet domain and all of the other domains that should be
searched when the user does not put in a domain host nameDHCP Client dhclient or dhcpcd can automatically configure a network connection for you from the command line.

Distribution specific Network Scripts
Depending on the distribution you maybe already scripts already configured for you or scripts you can use, this will because the ifconfig and route and dhcp programs will produce temporary changes to your computers network configuration, but if you want to make those changes permanent , those settings have to be stored in a configuration file may vary from one distribution to another, so a lot of them have configured scripts to make it easier to use.

Network Testing
In most cases when you startup your linux system the network configuration is going to
work fine, however there might be an issue where it stops working or may have never
worked at all.

Checks
To check for network connectivity you use the route command $route

Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
default fritz.box 0.0.0.0 UG 100 0 0 ens160
default fritz.box 0.0.0.0 UG 202 0 0 ens160
link-local 0.0.0.0 255.255.0.0 U 1000 0 0 ens160
192.168.178.0 0.0.0.0 255.255.255.0U 202 0 0 ens160

Ping
Ping 8.8.8.8 will ping google’s dns server – Pinging a remote system
Ping 192.168.178.1 Ping local host
Ping 127.0.0.1 loop back test

Trace Route
traceroute yahoo.com
traceroute to yahoo.com (74.6.143.25), 30 hops max, 60 byte packets
1 fritz.box (192.168.178.1) 0.333 ms 0.429 ms 0.501 ms
2 100.124.1.74 (100.124.1.74) 6.552 ms 6.533 ms 6.506 ms
3 100.127.1.132 (100.127.1.132) 5.539 ms 5.280 ms 5.443 ms
4 185.22.46.145 (185.22.46.145) 6.358 ms 5.877 ms 5.871

DNS and Ping
DNS is the equivalent of an Internet phonebook, they maintain a big directory of
all of the domain names and translate them into IP addresses. If the DNS server is
a problem it cant resolve the domain name to an IP address.
If you can ping an IP address but cant ping the domain name, then there is likely
a problem with DNS services or DNS configuration.

Host
Dig Nslookup
Netstat
Netstat is like a Swizz Army Knife of networking tools, it will show you what ports
are open and listening
-a – shows all the port status on the server you are running netstat on
–all – does the same
To see what options are available use the man page for netstat.
man netstat

Network protection
Shutdown / Disable or remove any unused servers (services). Some Linux distros may automatically start daemon (services), switch off / disable any daemon you don’t need running, this narrow any opportunistic attack , if you are not using secure shell, switch it off, same goes for apache web server and mail servers.
Enable a Firewall
Use good passwords
Be Suspicious – be aware of phishing, Social engineering and fake emails or any other method to try to trick people into giving their username and password.
Stick to official Software sources.
Always keep your software up to date , security updates and fixes are a common
issue with software, so always update!

Connecting to a Network
We can connect to a network using a command line or via GUI
With the GUI you can configure the Network Settings with relative ease.

Configuring the NIC via Command line.
1. Ip address show – this should show your loopback (127.0.0.1)
2. The 2nd part of the output should show your wired NIC, you should see that it is a multicast device, a broadcast device and if its “up” you should see the MTU maximum transmission units 1500
For more options for IP use the man ip.