1 00:00:06,559 --> 00:00:09,490 In this video we'll talk about some common network utilities. 2 00:00:10,710 --> 00:00:13,710 There is Ping, which you can use to verify host reachability. 3 00:00:14,529 --> 00:00:18,370 SS allows you to show information about local ports that are open. 4 00:00:19,070 --> 00:00:20,829 Dig is for DNS testing. 5 00:00:21,789 --> 00:00:25,629 NMAP is a powerful utility that can be used for network analysis. 6 00:00:26,570 --> 00:00:32,460 Netstat is an old utility which has now been replaced with SS. And NSLookUp is also 7 00:00:32,460 --> 00:00:38,350 an old utility nowadays. Use Dig instead. Let me show you what these tools are doing. 8 00:00:39,469 --> 00:00:43,560 So the ultimate utility to verify functionality is Ping. 9 00:00:44,179 --> 00:00:48,674 I like to use ping on google.com because if that is 10 00:00:48,674 --> 00:00:53,170 reachable, it means that everything in my network stack is running. 11 00:00:54,409 --> 00:00:58,754 You can also use Ping a couple of times. If you use ping 12 00:00:58,754 --> 00:01:03,099 C4, it will only send out four packets, otherwise it will continue forever. 13 00:01:03,700 --> 00:01:10,000 Now, in the packet information you can see who has answered from which IP address the answer came. 14 00:01:10,819 --> 00:01:17,730 And you also see a sequence number. And most important is the round trip time. 15 00:01:18,409 --> 00:01:21,890 75.5 milliseconds. That's an indicator of how fast it was. 16 00:01:22,519 --> 00:01:27,923 So this is going on the Internet now I'm curious what is going to happen 17 00:01:27,923 --> 00:01:33,326 if I use ping on 192-16-882 9.2. There you can also see the round trip 18 00:01:33,326 --> 00:01:38,730 time. And as this is local network, you can see it's significantly faster. 19 00:01:39,109 --> 00:01:43,640 That's to be expected because it's local network. And hey, I like that. 20 00:01:44,280 --> 00:01:46,120 Let's also try it on Ubuntu. 21 00:01:48,640 --> 00:01:53,145 Ping C4 on Ubuntu is not doing anything. Why not? Because I'm 22 00:01:53,145 --> 00:01:57,650 in my SSH session on Ubuntu. So let's do it right here. 23 00:01:57,810 --> 00:01:58,420 Ping C4 to Ubuntu. 24 00:02:02,640 --> 00:02:08,060 It's showing the round trip time still pretty decent between these virtual machines. 25 00:02:09,240 --> 00:02:14,810 Next thing that you might want to check is SS 26 00:02:14,810 --> 00:02:20,379 minus Tuln, which is showing currently listening network connections. So 27 00:02:20,379 --> 00:02:25,949 these are the network ports, they relate to services. 28 00:02:26,590 --> 00:02:30,349 And most important is what we see here. This is your SSH. 29 00:02:31,030 --> 00:02:36,340 So SSH is listening on all IPv4 but also on all IPv6. 30 00:02:36,900 --> 00:02:40,655 Now what you might not like about this service information is 31 00:02:40,655 --> 00:02:44,409 that it's not really easy to understand what it is. 32 00:02:45,009 --> 00:02:50,460 So add picture to it if you want to get. 33 00:02:51,520 --> 00:02:52,349 No, let's not do that. 34 00:02:53,539 --> 00:02:59,162 So remove the N option. So SS tul where you can see that the 35 00:02:59,162 --> 00:03:04,784 ports of the services are replaced by service names. These service names, by the 36 00:03:04,784 --> 00:03:10,407 way, are according to the contents of the etc Services file. That is a 37 00:03:10,407 --> 00:03:16,030 standardized file which is showing you which service is assigned to which specific port. 38 00:03:17,189 --> 00:03:22,020 An alternative deprecated way of doing it, but people still use it. So let me show it anyway. 39 00:03:22,580 --> 00:03:24,830 Is sudo netstat. 40 00:03:28,009 --> 00:03:34,729 It's giving more or less the same information, but it's a deprecated utility so you shouldn't be using it anymore. 41 00:03:35,389 --> 00:03:41,186 Then there is dig. If I use dig nu nl then I'm getting information 42 00:03:41,186 --> 00:03:46,983 about the nu NL from DNS. So it has received an answer and the 43 00:03:46,983 --> 00:03:52,780 answer session is like this, where we can find the IP addresses behind it. 44 00:03:53,479 --> 00:03:59,495 Now that I'm talking about it, let me do a sudo DNF install traceroute that was not on 45 00:03:59,495 --> 00:04:05,509 the slide, but now that we're talking about cool utilities, I want to do a traceroute as well. 46 00:04:06,270 --> 00:04:09,050 So traceroute to nu nl. 47 00:04:09,650 --> 00:04:13,569 It's doing what? Well, it's showing all the servers on the 48 00:04:13,569 --> 00:04:17,490 Internet between me and my destination, all the so called hops. 49 00:04:17,990 --> 00:04:24,175 So here I can see my local gateway all the way up to 16 hops. Further, the 50 00:04:24,175 --> 00:04:30,360 server that I'm reaching out to that makes sense because I'm currently in California and the server 51 00:04:30,360 --> 00:04:36,545 is in San Francisco, so there's half a planet between them. Final utility that I want to 52 00:04:36,545 --> 00:04:42,730 show you is nmap. I'm using sudo dnf install y NMAP to install it. 53 00:04:43,790 --> 00:04:46,240 And then we have the NMAP utility. 54 00:04:46,759 --> 00:04:48,360 Now one thing, one warning. 55 00:04:48,939 --> 00:04:54,949 NMAP by some is considered a hostile utility, so only use it on your own servers. 56 00:04:55,829 --> 00:05:01,417 It requires sudo privileges. So I'm using sudo nmap sn on 57 00:05:01,417 --> 00:05:07,004 1921682 sn is for scan network. It will find all the 58 00:05:07,004 --> 00:05:12,592 IP addresses that are in an active state on my current 59 00:05:12,592 --> 00:05:18,179 network and there I can find my Ubuntu host. 60 00:05:18,699 --> 00:05:24,924 So if I want to know what's going on on the Ubuntu, then I'm using sudo NMAP to the 61 00:05:24,924 --> 00:05:31,149 Ubuntu host and that is showing a list of all ports that are listening on the Ubuntu host. 62 00:05:31,790 --> 00:05:36,439 NMAP has many more advanced utilities, but that is really getting 63 00:05:36,439 --> 00:05:41,089 in an area where most people don't need to go. 64 00:05:41,949 --> 00:05:46,414 But here, NMAP on a specific host is giving you a convenient list of 65 00:05:46,414 --> 00:05:50,879 ports that are listening on that host and that can be really helpful.