Linux Essentials For Hackers - #14 - Networking (ifconfig, netstat & netdiscover)

Video Statistics and Information

Video

Captions Word Cloud

Reddit Comments

Captions

this series is sponsored by lenode linux provides virtual servers that make it easy and affordable to host your own app site or project in the cloud whether you're a linux power user or just a beginner you can use linux you can start from scratch and fully customize your server for any application or use linux one-click apps to deploy game servers wordpress websites personal vpns and much more you can even upload and run your own image you can get twenty dollars free on your new code hack lenovo 20 or by clicking the link in the description that is linux.com forward slash hack exploit hey guys welcome back to the linux essentials series for hackers in this video we're going to be talking about networking in the command line all right so let's get started now um if you pretty much watched any of my older videos where we were working with networking within the linux terminal you know that i would typically use the ifconfig utility however you know the standard has changed now and what we have to use or what is the preferred method of uh getting information and interacting with various network interfaces is by using the ip command right so the ip utility allows you to you know show manipulate routing network devices interfaces and tunnels etc all right so let's get started by first of all um understanding how to display your current uh routing table so again we can do that by typing in ip route show and that's very simple so ip route show and this will show you your current routing table so you can see this is my uh this is this is currently my router's ip address or my gateway this is my interface name here and this is the source ip which is my ip address so that gives you an idea of uh of your ip routing table uh currently now again you can take a look at uh we can grip route here and in the man pages and you can take a look at all the options you have available for you um so you can pretty much change the route if you want to do but of course that's beyond the scope of this tutorial i'm simply showing you how to find information that's very useful if you want to display your current ip address we type in ipaddr and we hit enter and this gives you your two interfaces so we have local uh this is a loop back uh so this is you know for your local host and you then have your uh ethernet in my case my ethernet adapter which has the interface name enp2so uh you can see that it has an ip of 192.168.1.101 and you have the uh the entire uh the entire network range there um you also have your uh your ipv6 ip address here that is required and of course you have your mac address so very similar to ifconfig um so if we if we take a look at ifconfig which is a perfectly great uh tool that you can use and so you know you can use it if i type in i have config we can take a look at the man pages here just so i can show you the flexibility so again uh you can play around with all the options that are available but pretty much the simple way of going about it would be to simply display your current um so if i say i have config and i'm only looking for my i can say i net if i'm only looking for my ipv4 address or my inet addresses you can see that i can easily just print them out and i also have my netmask so a very organized way of taking a look at your your interfaces and your ip addresses as well right now i'm still to make a video on on managing services and processes with linux but uh essentially working with your network manager we can also take a look at dhcp because that would be quite important so if you are running this on wi-fi or you are using a wireless adapter or even an ethernet where you don't have static ip uh distribution or resolution what we can do is if you say what is dhclient and we can just hit enter you can see that if we type in dhclient and we hit enter you can see that it doesn't give us any any options here so if we take a look at the options that we available to use uh we can pretty much um let's take a look at the man pages because this is a bit better way of actually utilizing it so again we can use the dhcp v4 protocol to obtain a new ipv4 address but in my case i i have my ip statically assigned here so that would not be a wise thing to do but if i wanted to restart my network manager again i'll be making a an individual video on this so you don't have to worry so you can use sudo service network network manager um restart and i can hit enter or i can use systemd so i can say sudo system control uh we can say restart we say network let me just see network we're looking for the network manager here so if i let me just tab and see what we have we're looking for the network manager.service which is right over here so i can execute this and that will essentially restart it now again as i said if you're not familiar with processes don't worry we'll be covering it in the next set of videos as we wind up this series but that's pretty much how to restart your network adapter if you're having any issues and you can sort of work with that now let's talk about netstat because again that's quite an important tool and i haven't i have a an independent video on how to use netstat if you are interested in it so again we can say netstat and we hit enter say print network connections routing tables uh et cetera et cetera so i'll just go i'll just go over the most common options you can use and this essentially allows you to understand what uh what services ports you have running listening and are you are connected to so for example if i wanted to display the route i would say stat and i would say r and that gives me my routing table so we have the destination uh the gateway the gen mask flags and the interface here so in all cases we're working with my with my ethernet interface here so you can see that for the default gateway uh we have it right over here the destination and of course the gen mask so again you can get very good information from this now if we wanted to take a look at all the tcp connections that we have we can say net stat and we use t and that gives us all the tcp connections on uh that we're currently connected to or listening for on our system so you can see that we have the protocol which is very important this is the this is uh uniquely going to be tcp uh the local address the foreign address the port it gives you and the state which i'll get to in a second um so you can pretty you can also grab information from this so again you can say grep and if i had the ssh port open i would hit i would say grep 22 for example and uh you pretty much gives you results based on uh the actual string of characters in this case it's not giving us anything new but if i was to say um let's say sudo sudo service ssh start now hit enter and uh if we try and grab this now uh we don't get anything so let's uh let's take a look at how to find a listening ports so uh or listening socket so we can say netstat uh l and we hit enter and you can see there's quite uh a bit of listening uh of stock of sockets that are currently listening for uh for actual connection so in our case you can see we have the ssh port here and we can pretty much grip with these particular services um and you can sort of work with that if you want to talking about udp only we can again that's very simple so that's that if i wanted listening tcp connections i would say um for example lt and hit enter and that will only display the listening tcp connections if i wanted listening udp connections i would i type in lu and again that gives us all the listening udp connections if we want to display uh the the actual processor processors and the process id is we can say netstat p and we hit enter and what we can do is we can say ltp so ltp and we're looking for grip ssh and we hit enter it again tells you that we have ssh running in or you can go through this all over again so let me just clear this out so if we display the results here um you can see that it gives you all the information that you're looking for so if we get rid of this and we also have p it gives you the various process ids uh so if we let's just take a look at the table right at the top here that pretty much prints it all uh you can see we have the pid right over here and we can sort of grip through that if we wanted to so that's uh using um net discover netstat uh we're not talking about netdiscover yet but again you can check out our independent video on that and allows you to check various connections that you have open and you know running either established or listening on your system they could be for both a tcp and udp now let's talk about net discover uh now net discover does not come pre-installed with any linux distribution is as far as i'm concerned apart from the pen testing or offensive distribution so again we can simply just say what is netstat and you can pretty much um well no not nets that net discover um i believe this is uh its cover like so and we hit enter and it's an active passive uh arp reconnaissance tool and so what this means is it allows you to essentially scan your network for uh for other devices or hosts that are currently connected to your network whether they be uh wi-fi enabled devices or connected to your uh to your network via ethernet or to your switch um so again to install it you can use any of the package managers you're comfortable with and we simply type in net discover and we hit enter so do have to get install sorry and we hit enter and you can see already have it installed so using it requires root uh privileges uh so we say sudo net discover and then we specify the interface that we want to use so we can see enp2s0 and hit enter and as you can see it will start scanning and it's doing this through arp or the address resolution protocol so arp request and response packets so again it's sending various erp requests uh to you know all ips on the network and then the responses give us the results that uh that actually proved that way whether we have a device or not so you can see um i currently have the my router which is running uh this is the default gateway and then i also have another device running here um let's see if we have any other devices and we'll just wait for it to continue scanning so i'll just wait for this to continue scanning i think i have multiple other devices this is pretty much going to be my windows device if i bring up a mobile device here let's see if that actually comes up and i'll try and load up a website here i actually don't have my phone on me but in any case this essentially gives you uh all it essentially gives you all devices on your network and that's a great way of monitoring your network and viewing what devices you have so again it gives you the ip their mac address and their mac vendor so again it gives you an information about what device you're dealing with so in this case tp-link and then hot high precision which is pretty much a network adapter and once you're done you just hit ctrl c and that will terminate the process right over there all right now to end up at or to end this video let's talk about a dns which a lot of people actually ask me about so your dns information or your name servers rather are going to be stored in your resolve.com file so again sudo sudo and we'll use vim etsy and we're looking for the resolve uh resolve.conf file and we hit enter you can see that this uh this file is managed uh by the systemd resolved uh and we can i'll actually show you how to use that utility shortly um so this is a dynamic result or configuration file for connecting local clients to the internal dns stub resolver of systemd so again it tells you that this is going through system d and this is more of a dynamic uh of a dynamic file that is generated dynamically and again it is just for connecting local clients to the internal dns dns resolver with systemd resolved um and i'll be talking about services as i said later on but many people edit this which will work temporarily however if you do want to take a look at systemd resolve that's extremely simple so what you could do if you want to use this manually is uh we would actually just add another one here so i can say name server and then i would say for example the google name server 8888 and i can use that if i want to but in our case we're not gonna we're not gonna have any changes here so we'll just exit so uh you can actually check the status of systemd resolve so we can say uh systemd resolve sorry resolve and we say status and we hit enter and again that gives you uh the various dns information that you're looking for so we can print out so you can see the dns servers that we currently have set are going to be the google dns server and this is going through your your actual um your router or your main gateway so it would be advisable to switch uh you know to any dns server that you want to do or that you want to use on your main router so you can see that it uses the default one uh that is your default gateway ip here and the google i the google dns server that i have set here and that was simply for the demonstration purposes in this video so that's how to system the resolve um now when talking about your hosts file this essentially allows you to manage your various hosts and you can use this uh you know for ad blocking uh or yeah you can use it for ad blocking if you want to so for example uh we can say sudo uh bim and we say etsy and we say host and we hit enter and you can see uh for example where we have uh defined uh the localhost or the loopback uh you know 127.0.0.1 is our localhost and then the current host here which is a lexis workstation is 127.8 so i could also change that to any other ip i want uh so if you're going to block an ad what you typically do is you put an invalid ip address here so i could say zero zero zero zero and i could sort of block a website here like for example i could say google.com which is not a smart thing to do but in any case uh we can write those changes and exit and then if i say sudo system control we say restart network manager i believe network manager dot service um so we will just let me just try and complete this for some reason it isn't displaying this system system control network manager.service and we want to use this so we want to restart the network manager and i'll actually show you this to you right now um so if we try and open up a firefox instance here and we say google.com and we hit enter you can see uh it pretty much redirects us to the localhost and that's essentially how to use the hosts file now i can change the ip to something i do something else completely but again many of you have been asking me how to use the hosts file so that's pretty much how to use it and we can get rid of that right now because i don't want that to be the case and we can just restart the network manager one more time and there we are so we should be good there all right so that's pretty much all i wanted to cover in regards to networking and all that is important as i said we'll be taking a look at services i will also be taking a look at ssh and if you are interested in in exploring tools like netstat and net discover you can check my independent videos they will be linked or you should see a card to them right over uh this video they should be also linked in the description section and yeah that's pretty much it i'll be seeing you in the next video you

Info

Channel: HackerSploit

Views: 42,423

Rating: undefined out of 5

Keywords: hackersploit, hacker exploit, linux, kali linux, kali linux tutorial for beginners, linux tutorial, linux tutorials point, linux tutorial for beginners bangla, linux tutorial for beginners, linux tutorial bangla, linux tutorial for beginners 2019, linux essentials, linux essentials commands, linux for hacker, linux for hacking, linux commands, linux command line tutorial, hacking, linux networking, linux networking commands, netstat, netdiscover, ifconfig linux, linux mint

Id: 8tgEsVdy4a8

Channel Id: undefined

Length: 16min 52sec (1012 seconds)

Published: Mon Nov 18 2019