Network
is one of the Important aspect. Linux Provides various commands in
analyzing the network information
host
Searches
for information about an Internet host by name or IP address, using
DNS.
[root@vx111a ~]# host www.google.com
www.google.com is an alias for www.l.google.com.
www.l.google.com has address 74.125.236.82
www.l.google.com has address 74.125.236.83
www.l.google.com has address 74.125.236.84
www.l.google.com has address 74.125.236.80
www.l.google.com has address 74.125.236.81
[root@vx111a ~]# host www.google.com
www.google.com is an alias for www.l.google.com.
www.l.google.com has address 74.125.236.82
www.l.google.com has address 74.125.236.83
www.l.google.com has address 74.125.236.84
www.l.google.com has address 74.125.236.80
www.l.google.com has address 74.125.236.81
ipcalc
Displays IP information for a host. With the -h option, ipcalc does a reverse DNS lookup, finding the name of the host (server) from the IP address.
[root@vx111a ~]# ipcalc -h 10.5.11.119
HOSTNAME=vx111a.example.com
nslookup
Do
an Internet "name server lookup" on a host by IP address.
This is essentially equivalent to ipcalc -h or dig -x . The command
may be run either interactively or noninteractively, i.e., from
within a script.
The nslookup command has allegedly been "deprecated," but it is still useful.
[root@vx111a ~]# nslookup -sil 10.5.11.119
Server: 202.54.12.164
Address: 202.54.12.164#53
** server can't find 119.11.5.10.in-addr.arpa.: NXDOMAIN
dig (Domain Information Groper)
Similar
to nslookup, dig does an Internet name server lookup on a host. May
be run from the command-line or from within a script.
Some interesting options to dig are +time=N for setting a query timeout to N seconds, +nofail for continuing to query servers until a reply is received, and -x for doing a reverse address lookup.
[root@vx111a ~]# dig -x 173.229.135.72
Some interesting options to dig are +time=N for setting a query timeout to N seconds, +nofail for continuing to query servers until a reply is received, and -x for doing a reverse address lookup.
[root@vx111a ~]# dig -x 173.229.135.72
;
<<>> DiG 9.3.6-P1-RedHat-9.3.6-20.P1.el5_8.6 <<>>
-x 173.229.135.72
;;
global options: printcmd
;;
Got answer:
;;
->>HEADER<<- 42360="" font="" id:="" noerror="" opcode:="" query="" status:="">
;;
flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 4, ADDITIONAL: 4
;;
QUESTION SECTION:
;72.135.229.173.in-addr.arpa.
IN PTR
;;
ANSWER SECTION:
72.135.229.173.in-addr.arpa.
7200 IN PTR eth0.vx1379.nova.com.
;;
AUTHORITY SECTION:
135.229.173.in-addr.arpa.
7200 IN NS eth0-DNS.omdx1ccf.nova.com.
135.229.173.in-addr.arpa.
7200 IN NS eth0-DNS.omhq1cce.nova.com.
135.229.173.in-addr.arpa.
7200 IN NS eth0-DNS.omdx1cd0.nova.com.
135.229.173.in-addr.arpa.
7200 IN NS eth0-DNS.omhq1cd8.nova.com.
;;
ADDITIONAL SECTION:
eth0-DNS.omdx1ccf.nova.com.
7200 IN A 167.132.254.233
eth0-DNS.omdx1cd0.nova.com.
7200 IN A 167.132.254.237
eth0-DNS.omhq1cce.nova.com.
7200 IN A 167.132.254.225
eth0-DNS.omhq1cd8.nova.com.
7200 IN A 167.132.254.229
;;
Query time: 3 msec
;;
SERVER: 167.132.254.225#53(167.132.254.225)
;;
WHEN: Tue Sep 17 07:52:28 2013
;;
MSG SIZE rcvd: 271
traceroute
traceroute
Trace the route
taken by packets sent to a remote host. This command works within a
LAN, WAN, or over the Internet. The remote host may be specified by
an IP address.
[root@vx111a ~]# traceroute 10.5.11.119
traceroute to 10.5.11.119 (10.5.11.119), 30 hops max, 40 byte packets
1 vx111a.example.com (10.5.11.119) 0.047 ms 0.016 ms 0.013 ms
ping
This is a diagnostic tool for testing network connections, and it should be used with caution.
[root@vx111a ~]# ping 10.5.11.119
PING 10.5.11.119 (10.5.11.119) 56(84) bytes of data.
64 bytes from 10.5.11.119: icmp_seq=1 ttl=64 time=0.031 ms
64 bytes from 10.5.11.119: icmp_seq=2 ttl=64 time=0.032 ms
--- 10.5.11.119 ping statistics ---
2 packets transmitted, 2 received, 0% packet loss, time 999ms
rtt min/avg/max/mdev = 0.031/0.031/0.032/0.005 ms
whois
The WHOIS system is used by domains and ip address on the Internet. It is used by system administrators to obtain contact information for IP address assignments or domain name administrators
[root@vx111a ~]# dnsdomainname
example.com
[root@vx111a
~]#whois google.com
Registrant:
Dns
Admin
Google
Inc.
Please
contact contact-admin@google.com 1600 Amphitheatre Parkway
Mountain
View CA 94043
US
dns-admin@google.com
+1.6502530000 Fax: +1.6506188571
Domain
Name: google.com
Registrar
Name: Markmonitor.com
Registrar
Whois: whois.markmonitor.com
Registrar
Homepage: http://www.markmonitor.com
Administrative Contact:
DNS
Admin
Google
Inc.
1600
Amphitheatre Parkway
Mountain
View CA 94043
US
dns-admin@google.com
+1.6506234000 Fax: +1.6506188571
Technical
Contact, Zone Contact:
DNS
Admin
Google
Inc.
2400
E. Bayshore Pkwy
Mountain
View CA 94043
US
dns-admin@google.com
+1.6503300100 Fax: +1.6506181499
Created
on..............: 1997-09-15.
Expires
on..............: 2020-09-13.
Record
last updated on..: 2013-02-28.
Domain
servers in listed order:
ns2.google.com
ns1.google.com
ns4.google.com
ns3.google.com
finger
finger
Retrieve
information about users on a network.
[root@vx111a ~]#finger
[root@vx111a ~]#finger
Login
Name Tty Idle Login Time Office Office Phone
Host
root
root pts/0 38d Aug 9 12:39
(eth0.vx181d.nova.com)
root
root pts/1 38d Aug 9 14:58
(eth0.vx181d.nova.com)
root
root pts/2 23:45 Sep 16 08:10
(eth0.vx181d.nova.com)
root
root pts/3 Sep 17 07:19
(eth0.vx181d.nova.com)
We
can also obtain more information about a user like
[root@vx111a ~]# finger root
[root@vx111a ~]# finger root
Login:
root Name: root
Directory:
/root Shell: /bin/bash
On
since Fri Aug 9 12:39 (CDT) on pts/0 from eth0.vx181d.uprr.com
38
days 19 hours idle
On
since Fri Aug 9 14:58 (CDT) on pts/1 from eth0.vx181d.uprr.com
38
days 16 hours idle
On
since Mon Sep 16 08:10 (CDT) on pts/2 from eth0.vx181d.uprr.com
23
hours 46 minutes idle
On
since Tue Sep 17 07:19 (CDT) on pts/3 from eth0.vx181d.uprr.com
New
mail received Tue Sep 17 04:02 2013 (CDT)
Unread
since Tue Sep 17 01:29 2013 (CDT)
No
Plan.
nc
It may be useful to know which ports are open and running services on a target machine
nc -z -v -n xxx.xxx.xxx.xx 10000-10020
provides
information of the Open Ports On A Remote Machine ( xxx.xxx.xx.xx)
chfn
Change information disclosed by the finger command. If we want to change any of the information that is display when we run the finger command, we can use this command
wget
wget is a Utility is the best option to download files from internet. wget can pretty much handle all complex download situations including large file downloads, recursive downloads, non-interactive downloads, multiple file downloads etc.
wget
http://www.openss7.org/repos/tarballs/strx25-0.9.2.1.tar.bz2
# Downloads a Single File
scp
scp
(Secure CoPy) is a secure and network-aware version of the UNIX rcp
remote copy command and allows files to be transferred between
different computers via an encrypted end-to-end link
scp
$PWD/filename username@host:/path/to/other/destination/directory
ssh
ssh
is used to connect into a remote machine and for executing commands
on a remote host.
ssh
user@hostname [command]
More
to Come , Happy learning :-)
