Network
How to see the the network IP address of your system
Show the IP address of your system with the help of the ip command.
Summary
Show your local IP address
How to see the IP address of your internet connection
Show the IP address of your internet connection using the dig command.
Summary
Query the IP address of your internet connection
How to see which DNS server is used
Find the active DNS server being used by reviewing the network configuration, including common commands to query this information.
Summary
Show the active DNS server
How to see the number of open connections on Linux
Show the number of open connections using the ss command on Linux.
Summary
Show number of open connections per protocol
How to see active connections and bandwidth usage on Linux
Show actual bandwidth usage and active connections using the iftop tool on Linux.
Summary
Show actual bandwidth usage
Show to clear the DNS cache with systemd
Learn how to inspect and clear the DNS cache when using the systemd resolver daemon.
Summary
Clear DNS cache using resolvectl
How to show network TCP statistics and counters
Show counters related to the TCP connections by using the nstat command. This small utility will quickly retrieve the related statistics and display them.
Summary
Show TCP connection statistics
Tcpdump cheat sheet
Get more information out of the tcpdump tool using this cheat sheet. Find everything that is going on the network and your Linux systems.
Summary
No network packet will remain hidden
Ip cheat sheet
Want to see or configure every piece of information about networking, including routing on Linux? Forget tools like netstat and learn using the ip command.
Summary
No more networking secrets
How to see errors and dropped packets on a network interface on Linux
Show the network link details using the ip command to find out if a network has errors or dropped packets on a Linux system.
Summary
Show network link statistics to discover errors or dropped packets
How to see the default gateway on Linux
Show the network routing table to discover the default gateway used on a Linux system.
Summary
Show network table to discover the default gateway
How to see which process is using a port
Show which process is already opened an UDP or TCP port on Linux by using the ss command.
Summary
Show which process is listening to a port
How to see open ports on Linux
Show which UDP/TCP ports are opened on a Linux system, including the related process. Use the ss tool to see more details about these sockets.
Summary
Show open network ports such as TCP and UDP
Ss cheat sheet
If you want to learn more about network connections on Linux, then ss is the tool to get the job done. Learn how to use it with this cheat sheet.
Summary
Reveal all those sockets
How to see the TTL value of a DNS record
Learn how to query the Time To Live (TTL) for a DNS record by using the dig tool.
Summary
Query DNS to reveal the TTL value of a DNS record.
The purpose of the /etc/networks file
Also wondering what some files are used for on Linux systems? In this article we have a look at the /etc/networks file.
Summary
Also wondering what particular files do on Linux? One of those files we recently rediscovered during auditing is the /etc/networks file. For some reason it was always there, yet we never change it. Output of /etc/networks When looking at the man page of networks(5) we learn its purpose (almost instantly): It translates between IP ranges and network names It is used for tools like netstat and route It only works on class A, B, or C networks It does not work on subnets Surprisingly enough a test with subnetting actually showed the right names during our test.
Is your /etc/hosts file healthy?
Small things have a big impact. Resolving issues with localhost or system hostname. Here is how to check your /etc/hosts file.
Summary
The /etc/hosts file is one of the few files you will always find on a Linux system. It stores the ‘hosts’ database, and can be used to resolve between IP addresses and hostnames. Although the file is very simple structured, it is still common to see minor issues with name resolving on systems. Guess what, your /etc/hosts file might be causing more trouble than you think. A regular check up won’t hurt.
Linux DNS Tuning for Performance and Resilience
Linux DNS configuration is usually done during the installation of the system. With proper configuration and tuning, you gain performance and stability.
Summary
DNS Configuration on Linux We often don’t realize the importance of DNS, or name resolving in our infrastructure. The impact when things go (slightly) wrong is huge. Time to have a good look at improving our DNS configuration. How DNS resolving works When your Linux system needs to know the IP address of a particular host, it will use gethostbyname(3) function. This will use the nsswitch configuration stored in /etc/nsswitch.conf. For the related hosts line, it will determine how to do resolving.
Linux Security Guide for Hardening IPv6
Extensive guide to help you secure your IPv6 configuration on Linux. From initial set-up to hardening the kernel with sysctl.
Summary
Version 6 of Internet Protocol is now 20+ years available. You would think it is widely available now, right? Not exactly. Still many internet providers don’t have it deployed for their customers. Hosting companies are not always eager to deploy it either. Mostly because of lacking knowledge. To get at east more knowledge shared on the security side of IPv6, we have crafted this guide. Hopefully it will be a practical guide for your to configure and tune your configurations.
List network interfaces on Linux
Show the available network interfaces and information on Linux with the right tools. We cover common replacements for iptables and netstat, with examples.
Summary
The network configuration is a common place to start during system configuration, security audits, and troubleshooting. It can reveal useful information like MAC and IP addresses. This guide helps you to gather this information on Linux, including listing all available network interfaces and its details. Show network interfaces Linux Every Linux distribution is using its own way of configuring the network configuration details. Therefore, it is good to know which tools can be used to query these details in a generic way.
Which Linux process is using a particular network port?
Seeing the 'address in use' error or need to find out which process is listening to a particular port on Linux? Here are the tools to find out!
Summary
Most network related services have to open up a network socket, so they can start listening for incoming network requests. It is common to find the TCP or UDP being used as the main communication protocol. In this article, we will check what ports are used by which Linux process. Auditing processes and network services Find out what process is listening to a port Only one process can actively listen to a TCP or UDP port.
Alternative for netstat: ss tool
Newer distributions do not use netstat anymore in favor of other tools like ss. This alternative tool can show in-depth information about socket statistics.
Summary
The ss tool helps system administrators and security professionals to display information about network connected applications. Learn how to maximize its potential and get everything out of this nifty tool.
Filtering ARP traffic with Linux arptables
Filtering ARP traffic is easy with the arptables utility. In this article we look at the possibilities of arptables and provides example of using it.
Summary
Most Linux system administrators will be familiar with iptables on Linux. Less known is the arptables utility, which controls filtering arp packets. Installation of arptables The arptables utility is easy to set-up, as the main functionality is already implemented in the Linux kernel. Just install the arptables package on your favorite Linux distribution. Debian / Ubuntu: apt install arptables Red Hat: yum install arptables Configuration example To show the effect of filtering traffic, we will show an example by filtering router traffic and blocking it.
How to clear the ARP cache on Linux?
Clearing the ARP cache on Linux is easy with the arp or ip utility. This blog post will help you to clear the cache with examples for both utilities.
Summary
There are several reasons when you might need to clear your ARP cache. There are two common ways on Linux systems, typically using the arp or ip utility. Depending on your Linux distribution and the availability, we suggest using the ip tool. Clearing cache with ip Newer Linux distributions have the ip utility. The ip tool has a more advanced way to clear out the full ARP cache. ip -s -s neigh flush all