System Administration Network Tools. ping Test connectivity / latency (RTT) ICMP echo request/reply Variants ◦ARP ping  Send ARP instead  May also ping.

Slides:

Advertisements

Similar presentations

Static Routing Exercise AFNOG 2003/ Track 2 # 1 Static Routing Exercise u Unix network interface configuration u Cisco network interface configuration.

Advertisements

Ipchains and Iptables Linux operating system natively supports packet-filtering rules: Kernel versions 2.2 and earlier support the ipchains command. Kernel.

Precept 3 Host Configuration 1 Peng Sun. What TCP conn. running? Commands netstat [-n] [-p] [-c] (Linux) lsof -i -P (Mac) ss (newer version of netstat)

METEOROLOGICAL TELECOMMUNICATION AND METCAP A GLANCE TO NETWORK BRIEFLY Ömer Hüdai ALBAYRAK 2010ALANYA.

SYSTEM ADMINISTRATION Chapter 19

Chapter 13: Troubleshooting network connectivity Unit objectives Identify TCP/IP troubleshooting tools Discuss the Telnet utility and its functions Discuss.

Linux Networking TCP/IP stack kernel controls the TCP/IP protocol Ethernet adapter is hooked to the kernel in with the ipconfig command ifconfig sets the.

Network Management And Debugging

Network Debugging Organizational Communications and Technologies Prithvi Rao H. John Heinz III School of Public Policy and Management Carnegie Mellon University.

ICMP: Ping and Trace CCNA 1 version 3.0 Rick Graziani Spring 2005.

TCP/IP Tools Lesson 5. Objectives Skills/ConceptsObjective Domain Description Objective Domain Number Using basic TCP/IP commands Understanding TCP/IP3.6.

Click to edit Master subtitle style Chapter 17: Troubleshooting Tools Instructor:

Linux Networking Commands

SUSE Linux Enterprise Server Administration (Course 3037) Chapter 7 Connect the SUSE Linux Enterprise Server to the Network.

IP-adresses and subnet masks. Figure 19.9 Dotted-decimal notation.

TCP/IP Networking sections 13.2,3,4,5 Road map: TCP, provide connection-oriented service IP, route data packets from one machine to another (RFC 791) ICMP,

Chapter Twelve Using TCP/IP on the Network. Objectives Here, we’ll examine how to configure TCP/IP. The concepts of subnetting will be examined in detail.

Lab-4 ICMP Ping Programming Speaker : Yi-Fong Lin Date:

Internet Control Message Protocol ICMP. ICMP has two major purposes: –To report erroneous conditions –To diagnose network problems ICMP has two major.

Load-Balance/Route Policy Advanced Routing. Outline How does it Work – When matching criteria, send via the route What does it Do – 2 real usage examples.

NetFilter – IPtables Firewall –Series of rules to govern what Kind of access to allow on your system –Packet filtering –Drop or Accept packets NAT –Network.

07/11/ L10/1/63 COM342 Networks and Data Communications Ian McCrumRoom 5B18 Tel: voice.

Herramientas para diagnósticos. Ping USO: Ping nombre.dominio o dirección IP Options: -t Ping the specifed host until interrupted. -a Resolve addresses.

Mr. Mturi Elias University Computing Centre SYSTEMS ADMIN TRAINING WORKSHOP.

ITS CSS Desktop Support Introduction to networking concepts Last updated: 9/30/2008 by pxahelp.

1 IP: putting it all together Part 2 G53ACC Chris Greenhalgh.

Network Tools TCP/IP interface configuration query - MAC (HW) address and IP address – Linux - /sbin/ifconfig – MS Windows – ipconfig/all 1.

Cosc 4750 Networking. The basics Machine A and Machine B have a connection to a network When Machine A wants to “talk” to machine B, it creates a packet.

Iptables and apache 魏凡琮 (Jerry Wei). Agenda iptables apache.

1 The Firewall Menu. 2 Firewall Overview The GD eSeries appliance provides multiple pre-defined firewall components/sections which you can configure uniquely.

Examining TCP/IP.

1 Tutorial 6: Networking Utilities & Firewall. 2 Internet Control Message Protocol (ICMP) designed to compensate for the deficiencies of IP protocol.

Day 14 Introduction to Networking. Unix Networking Unix is very frequently used as a server. –Server is a machine which “serves” some function Web Server.

Firewalling With Netfilter/Iptables. What Is Netfilter/Iptables? Improved successor to ipchains available in linux kernel 2.4/2.6. Netfilter is a set.

IPtables Objectives Contents Practicals Summary

Firewall Tutorial Hyukjae Jang Nc lab, CS dept, Kaist.

Le firewall Technofutur. Table des matières Schémas du réseau Routage sans VPN Routage avec VPN Le NAT Le firewall.

CSN09101 Networked Services Week 6 : Firewalls + Security Module Leader: Dr Gordon Russell Lecturers: G. Russell.

1 COP 4343 Unix System Administration Unit 11: Networking – basic concepts: IP, TCP, UDP, DHCP – devices: setup, status.

IP network tools & troubleshooting AFCHIX 2010 Nairobi, Kenya October 2010.

Linux Networking #1 Dr. Michael L. Collard 1.

1 IPTABLES and NAT on Fedora Core 6 Speaker ： Rex Wu Date ：

Linux Operations and Administration Chapter Eight Network Communications.

Lab 1, Basic Linux and Networking Commands Shiv Kalyanaraman Yong Xia (former TA) Google:

Introduction to Linux Firewall

LINUX® Netfilter The Linux Firewall Engine. Overview LINUX® Netfilter is a firewall engine built into the Linux kernel Sometimes called “iptables” for.

Chapter 4: server services. The Complete Guide to Linux System Administration2 Objectives Configure network interfaces using command- line and graphical.

Linux Firewall Iptables.

Routing with Linux 'cause you really love the command line

LINUX Network Concepts M.S.Dibay Moghaddam Second Linux Festival Amir Kabir University of Technology Computer & IT Department.

Firewalls. A Firewall is: a) Device that interconnects two networks b) Network device that regulates the access to an internal network c) Program that.

Firewalls and DMZ Dr. X. Firewalls Filtering traffic based on policy Policy determines what is acceptable traffic Access control over traffic Accept or.

Ping and Traceroute by Aleisa A. Drivere Supervisor Graciela Perera.

Click to edit Master subtitle style

CompTIA Network+ N Authorized Cert Guide

Network Commands 2 Linux Ubuntu A.S.

Network Tools and Utilities

Linux Networking Tools

Linux Ubuntu Network Commands 3 A.S.

Network and System Security Risk Assessment

Packet Filtering Dick Steflik.

IP network tools & troubleshooting

Setting Up Firewall using Netfilter and Iptables

OPS235: Configuring a Network Using Virtual Machines – Part 2

Firewalls By conventional definition, a firewall is a partition made

System configuration and Log

From ACCEPT to MASQUERADE Tim(othy) Clark (eclipse)

Presentation transcript:

System Administration Network Tools

ping Test connectivity / latency (RTT) ICMP echo request/reply Variants ◦ARP ping  Send ARP instead  May also ping MAC instead of IP ◦echoping  Measure TCP connection latency

traceroute Trace packet path in sending direction UDP packet with incrementing TTL Can also use ICMP ping or TCP

mtr Combines ping and traceroute with friendly output

Looking Glass Ping / Traceroute from ISP routers Provided by most large ISPs ◦

host Query DNS records host [-t type | -a] name [server]

dig Query DNS records More versatile than host ◦Supports DNSSEC ◦Multiple queries ◦Tweakable output format ◦Batch mode Better for scripting

nslookup Old way to query DNS ◦Interactive command line ◦Best not to use

whois Query domain and IP registration Online tool:

netstat Show network information ◦Connections ◦Routing table ◦Statistics ◦Etc.

arp Show/manipulate ARP table ◦IP => MAC mapping

ifconfig Show interface configuration Configure network interfaces ◦Bring up/down interface ◦Set IP/netmask ◦Add/delete address (alias) 2 ways to alias 1.add/del – IP listed under same interface 2.ethX:X – Add symbolic name

ethtool Control network driver ◦IRQ Coalesce ◦Line speed ◦Auto negotiate

route Show routing table Manipulate routing table ◦Local network route is added when IP is configured ◦Default gateway:  Destination is “default” or  No netmask required

ip The way to do network configuration ◦Network interfaces ◦IPs ◦ARP table ◦Routing tables ◦Etc.

ip ip link ◦Interface up/down, settings ◦Manpage: ip-link (8) ip addr ◦IP addresses ◦Manpage: ip-address (8) ip neigh ◦ARP table ◦Manpage: ip-neighbour (8)

ip ip route ◦Routing tables ◦Manpage: ip-route (8) ip rule ◦Routing policies ◦Match rule => different routing table ◦Manpage: ip-rule (8)

iptables Linux 2.4+ Also known as Netfilter Filter ◦ACCEPT/REJECT packets ◦Rate limiting ◦QoS ◦Log traffic NAT ◦Redirect ◦NAT

iptables – Commands iptables -A -j ◦Chain: see next page ◦Rule: see second next page ◦TARGET: action  ACCEPT  DROP (silently ignore)  REJECT  Etc.

Iptables – Commands iptables -L ◦List current rules iptables –D ◦Delete a rule iptables –F ◦Flush (clear) a chain

iptables – Chain Map

iptables – Rules Match ◦IPs (-s -d) ◦Protocol (-p TCP/UDP/ICMP/…) ◦Port (--sport --dport) ◦Protocol options  ICMP type  TCP SYN/ACK  Etc. ◦Owner (UID, for OUTPUT chain) ◦Etc.

iptables (short hand)

iptables – Simple Rules Block a source IP ◦iptables -A INPUT -s -j DROP Block a destination IP ◦iptables -A OUTPUT -d -j DROP Block a TCP source port ◦iptables -A INPUT -p tcp --sport -j DROP Block a TCP destination port ◦iptables -A OUTPUT -p tcp --dport -j DROP

Combination Drop packets from /22 to local TCP port 80 iptables -A INPUT --source /22 -p tcp --dport 80 -j DROP

iptables – Evaluation Packets are evaluated rule by rule First match counts Ordering is important Be careful not to block yourself out

Homework 從家裡 Ping / Traceroute 系上網站查詢系上網域的 DNS MX 紀錄寫出設定網路的指令 (ifconfig+route) ◦eth1 ( 未啟動 )  IP: XXX (XXX 是座號 )  Netmask: (/24) ◦Default gateway: 同上，但改用 ip 系列指令防火牆 ◦ 擋掉所有進來的封包，但要允許系上連到本機的 SSH (TCP port 22)