logo

Cheatsheets - Networking

Last Updated: 2024-05-12

Private Networks IP Address Ranges

Assigned by Internet Assigned Numbers Authority (IANA).

  • Class A: 10.0.0.0 to 10.255.255.255
  • Class B: 172.16.0.0 to 172.31.255.255
  • Class C: 192.168.0.0 to 192.168.255.255

Shell Commands

Check IP Routes:

$ ip route

Display TCP/IP and other packets being transmitted or received over a network:

$ sudo tcpdump

Ping, sending ICMP echo request:

$ ping wikipedia.org

Trace the route

$ traceroute wikipedia.org

Query Name Servers:

$ nslookup wikipedia.org

Check all valid IPs in range

$ nmap -sn 192.168.1.0/24

Check if a port is open on a remote machine

Or "How to 'ping' a port".

nc

Use nc (nc=netcat):

$ nc -vz <host> <port_number>
$ nc -vz <domain> <port_number>
  • -z = sets nc to simply scan for listening daemons, without actually sending any data to them.
  • -v = enables verbose mode.

Result:

  • if failed: nc: connect to xx.xx.xx.xx port 443 (tcp) failed: No route to host
  • if succeeded: Connection to xx.xx.xx.xx 443 port [tcp/https] succeeded!

nmap

Use nmap (note that param order is different from nc)

nmap -p <port> <ip>

Use telnet:

$ telnet <ip_address> <port_number>
$ telnet <domain_name> <port_number>

/dev/tcp/host/port

$ cat < /dev/tcp/xx.xx.xx.xx/443
-bash: connect: No route to host
-bash: /dev/tcp/xx.xx.xx.xx/443: No route to host

get your sshd header

$ cat < /dev/tcp/localhost/22
SSH-2.0-OpenSSH_8.2p1 Ubuntu-4ubuntu0.9

Check ip forward

$ sudo iptables-save

How to check if a port is being used?

$ lsof -i:$PORT # e.g. lsof -i:5000

# Linux
$ netstat -tulpn | grep LISTEN

# macOS
$ netstat -anp tcp | grep LISTEN

$ less /etc/services

Network Interface Names

Naming conventions (what you may see in ip a):

  • if it has firmware or BIOS-provided index numbers for onboard devices. => eno1
  • else if it has firmware or BIOS-provided PCI Express (PCIe) hot plug slot index numbers => ens1
  • else if it has the physical location of the connector of the hardware => enp2s0
  • else => eth0 (The traditional unpredictable kernel naming scheme.)

to config:

/usr/lib/systemd/network/99-default.link => NamePolicy

DNS

  • /etc/resolv.conf file defines how the system uses DNS to resolve host names and IP addresses. This file usually contains a line specifying the search domains and up to three lines that specify the IP addresses of DNS server.
  • /etc/systemd/resolved.conf
  • /etc/hosts: list of hosts.
  • /etc/hostname: the hostname of the machine.
$ cat /etc/hosts
127.0.1.1   example-hostname

# DNS lookup
$ host $HOST_NAME
$ host example-hostname
example-hostname.foo.bar.example.com has address 10.64.xxx.xxx

# Show hostname
$ hostname
$ cat /etc/hosts

# Show IP
$ hostname -i

# Show all IPs
$ hostname -I

# Set hostname
$ hostname newname

dig

dig (domain information groper): DNS lookup utility

Unless it is told to query a specific name server, dig will try each of the servers listed in /etc/resolv.conf

Example

$ dig google.com

; <<>> DiG 9.10.3-P4-Ubuntu <<>> google.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 13686
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 512
;; QUESTION SECTION:
;google.com.			IN	A

;; ANSWER SECTION:
google.com.		8	IN	A	xxx.xxx.xxx.xxx

;; Query time: 16 msec
;; SERVER: 127.0.1.1#53(127.0.1.1)
;; WHEN: Thu Jan 01 20:24:55 PDT 2020
;; MSG SIZE  rcvd: 55

nmcli

For controlling NetworkManager.

Show connections

$ nmcli connection show

iftop

There are top-like tools for network, but need to be installed separately, e.g. iftop

Deprecated Commands

Deprecated Linux commands and their replacements:

deprecated replaced by
arp ip n (ip neighbor)
ifconfig ip a (ip addr), ip link, ip -s (ip -stats)
iptunnel ip tunnel
iwconfig iw
nameif ip link, ifrename
route ip route
ipmaddr ip maddr
netstat ip -s, nstat
netstat -r ip route
netstat -i ip -s link
netstat -g ip maddr

HTTP Server

Java

Introduced in Java 18 (JEP 408: Simple Web Server).

$ jwebserver

# Specify port 9000
$ jwebserver -p 9000

Python

Start HTTP server

Python 3.x:

$ python -m http.server
Serving HTTP on 0.0.0.0 port 8000 ...

Python 2.x:

$ python -mSimpleHTTPServer 8080

Read Web Pages

Java

final URL url = new URL("http://ichart.finance.yahoo.com/table.csv?s=" + ticker);
final BufferedReader reader = new BufferedReader( new InputStreamReader(url.openStream()));

Python

Download pages from wikipedia

import urllib.request
opener = urllib.request.build_opener()
opener.addheaders =[('User-agent','Mozilla/5.0')]
infile = opener.open('http://en.wikipedia.org/w/index.php?title=Albert_Einstein&printable=yes')
page = infile.read()

Network

Java

In java.net, Java programs can use TCP or UDP to communicate over the Internet. The URL, URLConnection, Socket, and ServerSocket classes all use TCP to communicate over the network. The DatagramPacket, DatagramSocket, and MulticastSocket classes are for use with UDP.

java.net.URL vs java.net.URI: java.net.URL#equals is blocking:

Two hosts are considered equivalent if both host names can be resolved into the same IP addresses; else if either host name can't be resolved, the host names must be equal without regard to case; or both host names equal to null. Since hosts comparison requires name resolution, this operation is a blocking operation.