Net Tools
Tools
- New trace route - my trace route
mtr
- https://github.com/dylanaraps/neofetch - A command-line system information
# list TCP connections
sudo -i
lsof -ni4 -i6 |grep EST
netstat -nr -f inet
conntrack -E -p icmp
# linux
nft list ruleset
resolvectl status eth0
# macos
networksetup -listallnetworkservices
networksetup -setv6off [networkservice]
nslookup -type=CNAME flying-o.com
# populate arp tables
nmap -T5 -n -sn x.x.x.0/24
ss
- install
iproute2-ssoriproute2
ss -nlt ss -nlu lsof -ni ':8089'- install
What’s my IP
# works with -4 -6 curl options curl ifconfig.me curl api.ipify.org curl bot.whatismyipaddress.com curl ipinfo.io/ip curl ipecho.net/plain curl https://wtfismyip.com/json # hum
Curl
Auth
curl -u username ... # will prompt for pw curl -u uname:pw ... curl -n url1 # see man curl cat ~/.netrc machine name.net login user1 password pass1 machine another.net login user2 password pass2
Sending data
// JSON { "incident": { "name": "test incident", "components": ["8kbf7d35c070", "vtnh60py4yd7"] } } // Form Encoded (using curl as an example): curl -X POST https://api.statuspage.io/v1/example \ -d "incident[name]=test incident" \ -d "incident[components][]=8kbf7d35c070" \ -d "incident[components][]=vtnh60py4yd7" or --form 'audit=@"./mro/audit.json"'curl -X POST \ 'https://rufas-manager.int.x.com/api/v1/audits/' \ -H 'Authorization: Token e6b9df4xxxxd11e118f20e' \ --form 'uuid="9ffc4e1d-4ef5-46c0-955e-a84222488f82";type=application/json' \ --form 'audit=@"./mro/audit.json"'
curl -fsSL <url> | bash
routing
sudo route del default sudo route add default gw 10.182.200.1 eth1 traceroute -n -w 1 10.182.200.100 ip route get to 198.51.100.1 from 192.168.0.2 iif eth0
Connection tests
echo X | telnet -e X 192.168.1.135 3306 nc -v -z -w1 192.168.1.135 3306 nc -vz email-smtp.us-east-1.amazonaws.com 587 # 25, 465
Linux listening Ports
ss -nlt # which process listening lsof -ni ':80'
Get my IP
GETIPADDR="dig +short myip.opendns.com @resolver1.opendns.com"
Monitoring tools
- darkstat
- iptraf
- iperf -P
Vendor lookup from mac-address
arp -a |cut -d' ' -f4 |grep -v incom|cut -c-8 |sort -u > mac-addrs for i in $(cat mac-addrs ); do echo $i; curl https://api.macvendors.com/$i; echo; sleep 2; done # grep and sort by IP arp -a |awk '{print $4 " " $2}' |tr -d "\(\)" |sort -uk2 -V |grep 'xx:xx:xx'
MacOS
Virtual Hosts Setup
- Using vlan nic tied to wifi nic
sudo -i ifconfig vlan11 create ifconfig vlan22 create ifconfig vlan11 vlan 11 vlandev en1 ifconfig vlan22 vlan 22 vlandev en1 ifconfig vlan11 inet 10.10.11.11 netmask 255.255.255.255 ifconfig vlan22 inet 10.10.22.22 netmask 255.255.255.255 ifconfig vlan11 destroy ifconfig vlan22 destroy # another way? sudo ifconfig en0 alias 10.10.11.11/32 up # create sudo ifconfig en0 alias 10.10.22.22/32 up # create sudo ifconfig en0 -alias 10.0.11.11/32 # remove sudo ifconfig en0 -alias 10.0.22.22/32 # remove
Local DNS with dnsmasq
brew install dnsmasq cp /usr/local/etc/dnsmasq.conf /usr/local/etc/dnsmasq.conf.orig echo "conf-dir=/usr/local/etc/dnsmasq.d/,*.conf" | tee /usr/local/etc/dnsmasq.conf cat > /usr/local/etc/dnsmasq.d/mylocal.conf <<EOF address=/host1.io.local/192.168.20.21 address=/host2.io.local/192.168.20.22 address=/host2.io.local/192.168.20.22 EOF sudo mkdir -p /etc/resolver cat > /etc/resolver/io.local <<EOF nameserver 127.0.0.1 EOF sudo brew services start dnsmasq
dnsmasq direct test
dig host1.io.local @localhost +short 192.168.20.21 dig anyname.io.local @localhost +short 192.168.20.21
see dns detail
scutil --dns
flush dns
sudo -i dscacheutil -flushcache killall -HUP mDNSResponder killall mDNSResponderHelper