Show counters related to the TCP connections by using the nstat command. This small utility will quickly retrieve the related statistics and display them.

Summary

Show TCP connection statistics

Tcpdump cheat sheet

Get more information out of the tcpdump tool using this cheat sheet. Find everything that is going on the network and your Linux systems.

Summary

No network packet will remain hidden

Ip cheat sheet

Want to see or configure every piece of information about networking, including routing on Linux? Forget tools like netstat and learn using the ip command.

Summary

No more networking secrets

How to see errors and dropped packets on a network interface on Linux

Show the network link details using the ip command to find out if a network has errors or dropped packets on a Linux system.

Summary

Show network link statistics to discover errors or dropped packets

How to see the default gateway on Linux

Show the network routing table to discover the default gateway used on a Linux system.

Summary

Show network table to discover the default gateway

How to see which process is using a port

Show which process is already opened an UDP or TCP port on Linux by using the ss command.

Summary

Show which process is listening to a port

How to see open ports on Linux

Show which UDP/TCP ports are opened on a Linux system, including the related process. Use the ss tool to see more details about these sockets.

Summary

Show open network ports such as TCP and UDP

Ss cheat sheet

If you want to learn more about network connections on Linux, then ss is the tool to get the job done. Learn how to use it with this cheat sheet.

Summary

Reveal all those sockets

How to see the TTL value of a DNS record

Learn how to query the Time To Live (TTL) for a DNS record by using the dig tool.

Summary

Query DNS to reveal the TTL value of a DNS record.

The purpose of the /etc/networks file

Also wondering what some files are used for on Linux systems? In this article we have a look at the /etc/networks file.

Summary

Also wondering what particular files do on Linux? One of those files we recently rediscovered during auditing is the /etc/networks file. For some reason it was always there, yet we never change it. Output of /etc/networks When looking at the man page of networks(5) we learn its purpose (almost instantly): It translates between IP ranges and network names It is used for tools like netstat and route It only works on class A, B, or C networks It does not work on subnets Surprisingly enough a test with subnetting actually showed the right names during our test.

Is your /etc/hosts file healthy?

hosts file

Small things have a big impact. Resolving issues with localhost or system hostname. Here is how to check your /etc/hosts file.

Summary

The /etc/hosts file is one of the few files you will always find on a Linux system. It stores the ‘hosts’ database, and can be used to resolve between IP addresses and hostnames. Although the file is very simple structured, it is still common to see minor issues with name resolving on systems. Guess what, your /etc/hosts file might be causing more trouble than you think. A regular check up won’t hurt.

Linux DNS Tuning for Performance and Resilience

Linux DNS configuration is usually done during the installation of the system. With proper configuration and tuning, you gain performance and stability.

Summary

DNS Configuration on Linux We often don’t realize the importance of DNS, or name resolving in our infrastructure. The impact when things go (slightly) wrong is huge. Time to have a good look at improving our DNS configuration. How DNS resolving works When your Linux system needs to know the IP address of a particular host, it will use gethostbyname(3) function. This will use the nsswitch configuration stored in /etc/nsswitch.conf. For the related hosts line, it will determine how to do resolving.

Linux Security Guide for Hardening IPv6

Extensive guide to help you secure your IPv6 configuration on Linux. From initial set-up to hardening the kernel with sysctl.

Summary

Version 6 of Internet Protocol is now 20+ years available. You would think it is widely available now, right? Not exactly. Still many internet providers don’t have it deployed for their customers. Hosting companies are not always eager to deploy it either. Mostly because of lacking knowledge. To get at east more knowledge shared on the security side of IPv6, we have crafted this guide. Hopefully it will be a practical guide for your to configure and tune your configurations.

List network interfaces on Linux

Show the available network interfaces and information on Linux with the right tools. We cover common replacements for iptables and netstat, with examples.

Summary

The network configuration is a common place to start during system configuration, security audits, and troubleshooting. It can reveal useful information like MAC and IP addresses. This guide helps you to gather this information on Linux, including listing all available network interfaces and its details. Show network interfaces Linux Every Linux distribution is using its own way of configuring the network configuration details. Therefore, it is good to know which tools can be used to query these details in a generic way.

Which Linux process is using a particular network port?

Seeing the 'address in use' error or need to find out which process is listening to a particular port on Linux? Here are the tools to find out!

Summary

Most network related services have to open up a network socket, so they can start listening for incoming network requests. It is common to find the TCP or UDP being used as the main communication protocol. In this article, we will check what ports are used by which Linux process. Auditing processes and network services Find out what process is listening to a port Only one process can actively listen to a TCP or UDP port.

Alternative for netstat: ss tool

Newer distributions do not use netstat anymore in favor of other tools like ss. This alternative tool can show in-depth information about socket statistics.

Summary

The ss tool helps system administrators and security professionals to display information about network connected applications. Learn how to maximize its potential and get everything out of this nifty tool.

Filtering ARP traffic with Linux arptables

Filtering ARP traffic is easy with the arptables utility. In this article we look at the possibilities of arptables and provides example of using it.

Summary

Most Linux system administrators will be familiar with iptables on Linux. Less known is the arptables utility, which controls filtering arp packets. Installation of arptables The arptables utility is easy to set-up, as the main functionality is already implemented in the Linux kernel. Just install the arptables package on your favorite Linux distribution. Debian / Ubuntu: apt install arptables Red Hat: yum install arptables Configuration example To show the effect of filtering traffic, we will show an example by filtering router traffic and blocking it.

How to clear the ARP cache on Linux?

Clearing the ARP cache on Linux is easy with the arp or ip utility. This blog post will help you to clear the cache with examples for both utilities.

Summary

There are several reasons when you might need to clear your ARP cache. There are two common ways on Linux systems, typically using the arp or ip utility. Depending on your Linux distribution and the availability, we suggest using the ip tool. Clearing cache with ip Newer Linux distributions have the ip utility. The ip tool has a more advanced way to clear out the full ARP cache. ip -s -s neigh flush all