Lab - Poking the Network

Overview:

1. Examine network configuration information

 

Description: Querying vital networking settings and determining the basic requirements for a computer on a Local Area Network (LAN).

Key Knowledge Areas:

  • Internet, network, routers
  • Domain Name Service
  • Network configuration

The following is a partial list of the used files, terms, and utilities:

  • route
  • resolv.conf
  • IPv4, IPv6
  • ifconfig
  • netstat
  • ping

Things that are nice to know

  • ssh
  • dig

 

Step 1:

In order to determine your Internet Protocol (IP) address, execute the ifconfig command:

The output shows two main blocks of information. The first block, indented by eth0, reflects information about your first Ethernet network card. The second block, indented by lo, reflects information about the "loopback" or internal network interface.

The second line in each block contains the pertinent information for version 4 of the Internet Protocol (called IPv4) while the third line has the information for version 6 of the Internet Protocol (IPv6). IPv4 is an older method of identifying machines with a series of numbers. It is still widely used today despite the fact that the improved IPv6 method has been available for many years.

The IPv4 addresses are displayed as four decimal numbers ranging from 0 to 255 separated by periods.

The IPv6 addresses are 128 bit numbers which are displayed as hexadecimal digits ranging from 0 to f. The hexadecimal digits are generally organized into groups of four digits separated by colons. If a number of consecutive hexadecimal digits have the value of zero, then they are replaced with two colons.

 

 

Step 2:

Having an IP address will allow your system to communicate with other systems on the same network. With routing devices you are able to communicate with systems on other networks. To view the table of routing information, use theroute command:

route
route -n

 

Notice that the output of the first route command, names were provided for some items (like *). In the output of the second route command, numbers were provided in place of names, the result of using the -n option to the routecommand.

When connecting to other computers, either an IP address or a hostname may be used. Hostnames can be used if they are entered into the /etc/hosts file along with their associated IP address or if a Domain Name Server (DNS) provides IP address to host name translation.

A couple of names that are commonly in the /etc/hosts file are localhost, andlocalhost.localdomain, both of which are used to refer to the current machine.

 

Step 3:

Verify that the IP address 127.0.0.1 has an entry in the /etc/hosts file:

grep 127.0.0.1 /etc/hosts

 

The output should appear as follows, defining the localhost names:

The ping command may be used to tell if a system is presently connected to a network.

Sometimes, a system may be configured to not respond to ping requests. Therefore, the lack of a response to a ping command does not mean a system is not connected to a network. A quick response to a ping command does indicate, however that a system is connected to a network.

 

Step 4:

Test to see if the localhost machine will respond to four ping requests:

ping -c4 localhost

 

Unlike the ping command that is available in the Microsoft Windows operating system, the Linux ping command does not stop making requests by default. If you forget to specify the -c option, then you will have to manually stop the command by holding the Control key and pressing C (CTRL+C).

Hostnames can also be used if they are registered with a Domain Name Service (DNS) server. If your system is connected to a network with DNS servers, then thenameserver entry in the /etc/resolv.conf file configures your system to use these servers to resolve hostnames into IP addresses.

 

Step 5:

View the /etc/resolv.conf file to see if any nameserver entries exists:

cat /etc/resolv.conf

 

The output should show one nameserver entry:

 

 

Step 6:

Use the dig command to resolve the localhost.localdomain name to an IP address:

dig localhost.localdomain

 

Notice the output shows that the first nameserver that was listed in the/etc/resolv.conf file is the one that responded with the answer in the ANSWER SECTION of the output.

 

Step 7:

You can use the dig command to resolve other fully qualified domain names. Use the dig command to resolve the cserver.example.com hostname to an IP address:

dig cserver.example.com

 

A fully qualified domain name (FQDN) includes not just the hostname, but also the domain that the hostname is "in". For the FQDN cserver.example.com, cserveris the hostname and example.com is the domain.

 

Step 8

Use the dig command to resolve the IP address 192.168.1.2 to a hostname:

dig -x 192.168.1.2

 

 
 
 

Step 9:

The netstat command performs a large variety of tasks related to networking. To get an idea of some of its capabilities, execute the command with the --helpoption:

netstat --help

 

One of the common uses of netstat is to determine which services are listening to or waiting for an incoming connection. For example, a service that is used to allow users to perform remote or network logins is called Secure SHell or SSH. SSH normally will listen to TCP port 22.

Well-known ports are the port numbers in the range of 0-1023, typically used by system processes to provide network services. A list of service names and associated port numbers can be found in the /etc/services file.

 

Step 10:

Use the netstat command to see if the TCP port for ssh, 22, has a process listening:

netstat -tl
netstat -tln

 

 

Step 11

The -t option to the netstat command limits the listing to TCP ports; the -loption limits the output to ports with listening services; the -n shows the network addresses numerically:

 

posted @ 2015-09-22 11:07  elewei  阅读(263)  评论(0)    收藏  举报