BLAH-BLAH > IT > Notes > Network


  • aircrack utilities:
    airodump-ng: packet capture (e.g.airodump-ng --channel 1 --write ciao eth2)
    aireplay-ng: packet injection
    aircrack-ng: statik WEP & WPA-PSK cracking
    airdecap-ng: decrypt WEP/WPA capture files
  • Other Utilities:
    dsniff (without parms): searches the net for passwords
    filesnarf: get files from NFS traffic
    mailsnarf: get mails from SMTP and POP traffic
    urlsnarf: get requested URLs
    webspy: display sniffed URLs in netscape in real-time
    ettercap: boh
  • tcptraceroute
    like traceroute but instead of using UDP it uses TCP in order to avoid to be stopped by firewalls
  • lft
    like traceroute but somehow different.
    In order to get the real IP address from your router you can download the configuration file with:
    wget --user= --password= /doc/home.htm
  • The webmin admin port is https://localhost:10000
  • To create a mirror /relay for http try:
    socat TCP4-LISTEN:80 TCP4::80
  • Syntax of lftp is:
    lftp -u
    To upload a directory to the remote server, after that use:
    mirror -RL
  • To change in Webmind (gentoo) the password of a user type:
    /usr/libexec/webmin/ /etc/webmin
  • The password for apache2 is generated by htpasswd2 or htdigest2 depending on the auth method used.
  • IP-Address + Port = Socket.
  • To spoof/wardrive/listen to wireless traffic/communications not intended for the local pc using a Centrino wireless adapter (which uses ipw2200 drivers) do:
    - Shutdown the network (e.g. /etc/init.d/net.eth2 stop)
    - Type "echo 1 > /sys/bus/pci/drivers/ipw2200/*/rtap_iface"
    - Shutdown the interface driver with "modprobe -r ipw2200"
    - Restart the interface driver with "modprobe ipw2200"
  • Use "mtr" for a better combination of traceroute and ping.
  • Use ifconfig in order to change the MAC address of the network card:
    ifconfig eth2 hw ether 00:01:02:03:04:05
  • Use "scp" to copy files from one machine to another through ssh:
    scp username@* .
  • Use "nmap" to discover your home network. A good article about it is E.g.:
    nmap 10.0.0.* discovers the network.
    nmap -sP 10.0.0.* reports all kind of stuff.
    nmap -sS -O 10.0.0.* guesses the operating system that is running on the target hosts.
    knetscan does the same (uses nmap in the background) but has a graphical user interface.
    nmap -p0-65535 10.0.0.* scans all ports of all 10.0.0.*-hosts.
  • Use Knocker to check your system for open ports.
  • The config file for NFS is /etc/exports. After changing it run the commands exportfs -ra && /etc/init.d/nfs reload.
  • Read this in order to know how to install the drivers needed by Intel's 4965AGN's wireless adapter on Linux. Source files are here (the driver should be included in future 2.6.24 kernels). The drivers for mac80211 do not need to be installed as they're already included in the kernel (>= 2.6.23). For Gentoo, put the firmware drivers under /lib/firmware (create the directory if it does not exist yet). Use iwconfig in order to know how the net.* is called. Run iwconfig while attempting to connect to the access point in order to be able to see its MAC and appropriately configure the access point. Additionally in /etc/conf.d/rc, set RC_PLUG_SERVICES="!net.*", so that the ethernet connection does not get automatically started, and finally in /etc/modules.autoload.d/kernel-2.6 mention the module ieee80211_crypt_wep (or the wpa one, if you're using WPA) that you selected in the kernel. If the wlan is failing to start when booting, add a timeout - the modules need some time in order to become active.
  • How to create a HTTP tunnel:
  • Configuration to setup SMTP to be able to send emails:
  • If the network connection using KVM is slow (e.g. copying a file), make sure that only the network module "8139cp" is compiled and running. Eventually give as parameter "model=rtl8139" to the option "-net".
  • If mounting a NFS doesn't work with the error message "mount.nfs: rpc.statd is not running but is required for remote locking", make sure "rpc.statd" is not only running on the server, but as well on the client.
  • To know to which interface a network card was assigned (by UDEV), have a look at /sys/class/net. There will be e.g. eth0, eth1, and so on... listed. Going into one of those directories and having a look at uevent will show you to which module (PHYSDEVDRIVER) that interface belongs to. It will be e.g. e1000e and with lspci -v | less and searching for e1000e you will know to which physical device it will belong.
  • Use iperf to test the network speed. You'll have to run two of them - one on the server, one on the client.
  • Set "ChallengeResponseAuthentication" to "no" in sshd_conf to avoid that users can login using ssh using the password-challenge. Only a known public certificate will allow the login.
  • Pidgin - a very good irc client.
  • For the openfire chat server, after installing it make sure to run chown -R jabber:jabber /opt/openfire to change file permissions to the user jabber. Without this, the server will always listen to the port 9090, doesn't matter what you put into /opt/openfire/conf/openfire.xml and the configuration won't save anything, always looping endlessly.
  • To configure the iptables firewall use Firewall Builder (package fwbuilder) or KMyFirewall (package kmyfirewall).
  • Create tunnels using OpenSSH: 
    • Let's say that the current situation is that:
      - I have on server a VNC server running, listening to the default port 5901.
      - On that server I don't want to open in the firewall config the port 5901 as it would be unsecure.
      - Normally if on that server the port would be open I would connect to VNC using the command:
      - I have on that server sshd listening on port 56666
    • I can create a SSH-tunnel for the VNC connection with:
      ssh -L localhost:5901: -p 56666 root@
    • And afterwards I can connect to it with:
      vncviewer localhost:1
    • Use additionally "-f -N" to make ssh go to the background ("-f") and to establish the connection in this case ("-N"). Use then the "kill" command to terminate this connection.
  • To copy files and/or directories which contain special chars using sftp escape each special char. Directories containing blanks must be enclosed in quotes. Example:
    sftp"/a blank dir \!/my special f\&le.txt" .
  • To generate using OpenSSL a public RSA certificate using an already existing private one:
    openssl rsa -in my_priv_cert.pem -pubout > my_pub_cert.pem
  • List programs listening on which IP address and port:
    netstat -anp
  • Citadel and Webcit: how to access the "Edit your push email settings" menu entry under "Advanced":
    Change in the file "/usr/share/citadel-webcit/static/t/menu/your_info.html" (path might differ for non-Gentoo distributions) on the line that contains the entry "Edit your push email settings" the string "prefs_pushemail" with "display_pushemail". Restart Webcit.
  • Use ncat to read/write data through the network without ssh, sftp, etc... .
  • Show the activity (in bytes) that ipfilter is having:
    iptables -L -v
    e.g. iptables -L fail2ban-banallports -v
  • IPv6 at home:
  • Loadbalancing configuration for an Apache virtual server:
    (please replace the characters "[" and "]" with the arrows)
    [VirtualHost *:80]

       #Create a cookie deployed on the client's browser to make the session sticky
       Header add Set-Cookie "MYCOOKIE=.%{BALANCER_WORKER_ROUTE}e; path=/" env=BALANCER_ROUTE_CHANGED

       [Proxy balancer://anyname]
          BalancerMember route=1
          BalancerMember route=2
          Order allow,deny
          Allow from all

          #For session stickyness
          ProxySet stickysession=MYCOOKIE

       ProxyPass / balancer://anyname/
       ProxyPassReverse / balancer://anyname/