Posted on

How to Scan External Host Names & IP Addresses using Nmap

Click here to subscribe for more videos like this!

So, now you don’t only have to scan devices on your local network, you can
also scan external IP addresses or host names. So, I’m going to scan my server here by typing “nmap pointybracket.net” and then the host name of my server. It’s gonna take a moment and I’ve got a lot of open ports just because I have so many different things running. I’ve got, there’s a lot of things that run on it and some things that I just setup that I’ve never really used and haven’t bothered to shut them down, and so what we get here is my host and we can see that I’ve got FTP, SSH, SMTP, we’ve got the standard domain in HTTP, pop3, there’s a bunch of stuff here and I’m not going to go into what all those are but we can see that these are everything that the server has. You can also set a file, so let me clear this. Let’s open up gedit. So, we’re going to create a file of of hosts that we want to regularly scan and this can save time when we scan them if you’ve got like you know a few hosts that you regularly check on. So, I’m going to put “pointybracket.net” “192.168.0.1” and “192.168.0.100” and I’m gonna save this as “networks.txt” So, what we can do there is we can type “nmap -iL -/networks.txt.” so it’s a lowercase “i” and a capital “L” and then the location of that file, so it was “networks.txt” in my home directory. This is going to scan each of the hosts that is in that networks file. It returns in the order that they were scanned in, so that’s pretty neat. I want to go over a few more things with you guys regarding this command it does get pretty big there’s so much so that you can do with this, and so I really urge you guys to go and explore this if networking is one of your interests, if you want to really you know follow that. One of the things I want to show you guys is how we can turn on OS inversion detection during the scan, and so what we’re going to do is type “nmap -A 192.168.0-100” and this is going to scan, oh I had a little typo in the IP address there so I had just fix that, so this should tell me the operating system versions that are running on the devices on my network, and you can also find this information about other hosts. Aside from this, just while this is running you can scan aa network and find out which servers and devices are up and running by using the flag “-sP” You can display the reason that a port is in a particular state by having the flag “–reason” You can choose to only show opened ports which appears to be the default functionality here, it doesn’t show the closed ports. You can actually also show all of the host interfaces for a machine by typing “–iflist” in the list of arguments for this command, and I mean again it’s really big so go ahead and look this up. If you wanna type in google.com “nmap commands” there’s a bunch of different ones that you guys should play around with, this was more of an introduction onto the most common or basic functionalities of this program. I’m going to cancel this here and I’m just going to restart. This will go a bit faster, I’m just going to target my own IP address here so we can get this done and you guys can see the example output that this is gonna do when adding the “-A” slag in here. So, here you can see a lot of information about this machine. Let’s go to the top here. We’ve got the port, the state, and the service, as well as the version of the service. So, I have Apache 2.4.12 installed and that’s also the same one here. If we go down we get more information about the host cell, so we have OS UNIX, we’ve got the computer name, the domain name if anything is configured, the fully qualified domain name, and just a lot more information. So, that is the nmap command and it would be useful if you’re trying to just scan your network, and one of the examples that comes off the top of my head that would be you know when I would use command is if I noticed that the internet’s you know running a bit slow. Let’s say I’ve got 10 people in my house and half of them may or may not be using the internet and I wanna see how many people are online, this is what I would do in that instance or if you you know if you want to check how many machines offer a certain service, or what the IP address is that you need to use to access a certain service on another machine, this would help you figure that out. So, thank you guys for watching this video, I will see you guys again soon.

Posted on

Nmap Install & how to get Started

Click here to subscribe for more videos like this!

Hey guys, welcome back. This is the last video in the networking module. I just want to give you guys the tools you need to further your knowledge of networking in general, and how networking tasks would be performed on Linux. So, there is one more tool that I want to introduce you guys to called “nmap” So, nmap is an abbreviation for the term network mapper, and it’s an open source tool that can tell you what devices are on the network, what IP addresses are in use, and what services each machine is offering. So, let’s go ahead we need to install the tools so let’s run “sudo apt-get install nmap” and it’s going to download about 3 megabytes of data and it’s going to expand to 18 megabytes. Alright, now that this is installed the way we’re going to use this is by simply typing and “nmap” and then we can do a bunch of things after this. So, the first thing we’re gonna cover is how to scan specific IP address, so I wanna get the IP address that I have so I’m gonna run “ifconfig” So, “nmap 192.168.0.100 and we can see what ports are open, well we can see what ports are available, their state, and then also the service that they provide by name. So, I have Apache installed on this machine, you guys should have it installed on yours as well, if you went through the Apache videos and so you should see the same
thing here. And so the port is 80, the state is opened because we’ve got we’ve got Apache running right now, it automatically runs when start up the machine, and the service that the port provides is http. So, if I were also running an SSH server on this machine you would see another entry in this list for port 22, it would say state open, and service SSH or something to that effect. Now, if we want more information we can run “nmap -v” then the IP address again, so “192.168.0.100” “-v” means verbose and what verbos mode does in most applications is it also, aside from the regular output, it also gives you more direction on what’s happening in the application or provides more information than you would normally get, so in this instance we see that it’s doing a bunch of scans. It scans the IP address then for 1,000 ports and it finds all these ports that are open, and then also finds a bunch of a bunch of closed ports listed here, closed ports, and it it gives us the same output as before. So, that’s neat, I only have one device on my network actually except for my router. Now, my router I believe is 192.168.0.1 So, that is the IP address for my router, so what we can do is scan multiple IP addresses at a time in multiple ways. So, the first way that we’re gonna do is by specifying each IP address. So, let’s go ahead and run “nmap 192.168.0.” and then we’re going to add the last values in here separated by comma. So, first I’m going to scan my machine as well as the router and if I had a network address of 192.168.0.10 I could also do that, but I don’t so I’m not going to. Now, what we see here would be my router. We can see this is the IP address for it and this is what services it offers on which ports, and then we get my machine right here that provides the same output as it does before but this is how it would output multiple machines scan results. Now, you can also scan a range of IP address. So, let’s go ahead and run nmap command again 192.168.0.1-100 this is gonna go from 1 all the way to a 100 and it’s gonna scan all IP addresses within that range, so if I had a bunch of machines on my network, which I actually do I have my phone on that network as well, and that’s it actually so I’ve my router, my computer, and my phone. My phone is not coming up so I’m not doing anything on my computer right at the moment, I’m just checking what IP address I have on my phone here, if I can find out how. Ok, so the IP address on my phone is .101, so I’m what gonna do is run the previous command and just have it scan from 1-101. We should see three machines come up, I don’t think my phone has any services or open ports that it would list, but let’s have a look here. And when you scan multiple IP addresses the more you ,the longer it takes. Okay, so there’s nothing available from my phone coming up. Now, you can also scan, so when we talked about IP addresses we discovered that you can use anything from 0 to 255. So, if I were to want to scan all IP addresses that begin with 192.168.0, I could then put this in here, right, but rather than doing that we can actually use a wild card here. And, I’m actually gonna cancel this because it’s gonna take a while.

Posted on

Using the Traceroute Command to Track Server Requests

Click here to subscribe for more videos like this!

Hey guys, we’re about to talk about the traceroute command and what it does why you use it, but first we need to install that program. So, just come along with me run “sudo apt-get install traceroute” and it will fetch that from the repositories and install it for us, and when it’s done we can run the command. So, run “traceroute” all one word and then the domain that you want to trace the route to, and it’s gonna spit out every server that the request jumps from and to in order to get to Google’s server. When you see “* * *” it means the request has times out on that server so it’s gonna try another one. There we go. Let me make this bigger so it might be easier to read here, alright. So, we can basically trace what servers we are communicating with in order to gets to google.com. So, when I when I type in google.com into my browser, it doesn’t just go from my router, the request doesn’t get sent automatically right to Google servers, what happens is there’s a lot of intermediary servers in between the two including your ISP, the DNS servers, and then other servers that need to be hopped to order to get to Google, So, this is what we’re seeing here. The first request, this is the IP address of my router, this is the length of time that it took to get there. What happens then is this address is where this goes and you can see each address as we go down gets a bit different because we’re going to a different part of the world. And the host name will show if it’s available too with the IP address in brackets, so we can see this my ISP and this is one of their servers that my request has to hop from in order to get the information required to get to google.com. So, I’m gonna try it with my own server here so I’m just gonna type “traceroute pointybracket.net” and we can see that is accessing different servers in order to get to where it needs to be. So, in here we can see two interesting things, first of all my internet service provider, and second of all my virtual private server provider, and I’m not going to point those out, but we can see that and then we can see also everything in between that holds information about the route that our request needs to take in order to get to that server. So, that’s how to use trace route and that’s why you would is just kind of to you know trace the route of your request to different servers. So, thank you guys for watching this video and I will see you guys again soon.

Posted on

Linux Host File Explained

Click here to subscribe for more videos like this!

Alright, so I just had to restart Firefox here. This is the default server page, the route page for my server, if were gonna “server.pointingbracket.net” and actually get the exact same page, and so what I can do I believe is access the routes on the server as normal and it works. So, what we’re doing as you can see is we’re just, we’re just setting DNS records internally for this machine that it looks at before it goes at you the correct DNS information. So, again I’m gonna go to network-tools. We’re going to try with like, let’s try and find Joe’s Pizza, a
website for them, there we go. So let’s see if this works. This is the IP address I’m getting. So, I’m going to check if that IP address will route to the website as well. No, but it routes to this page. This is the page we should see after we paste this in to our hosts file. Let’s go ahead and save, and then let’s go to “go/” Close this, and there we go. And you can see how this works is basically it routes to whatever we want to route to. So, you could create shortcuts for your favorite websites with the exception of Google, Google does a lot of internal routing and stuff. Sometimes this will work, sometimes it wont. It all depends on how the web server is setup. Usually though I just use the hosts file to set domains to go to my localhost, and that’s for when I’m developing something that a URL needs to be set with. So, if I’m developing a WordPress site on my local machine and I need to set up a URL in the WordPress configuration, I would configure a domain and then point it to my localhost. So, that is the hosts file. Let’s exit out of here, close this, clear that. So, now our hostname. A hostname is basically a name of a machine, and in this instance ours is called Voltron and we can see that because we’ve got this right here. So, you can use the hostname much like the same way you can use you know custom hosts that you set, so I can just go to Voltron and its gonna route to my Apache default page. Now, you can also update the hostname and we need to do a couple things in order to do that. So, first we’re gonna run the command “sudo hostnamectl set-hostname and whatever host we want to name it to. So, “Megazord” Now we need to edit the hosts file to update our host name here as well. So, we’re going to replace “Voltron” with “Megazord” and save this and close it, and we’re gonna run “sudo service hostname restart” It said it failed to restart the hostname service, but it looks like it’s working hostname is now set to Megazord, and if I were to close the browser and reopen it I should be able to go to Megazord/ and it does in fact redirect me to my default Apache 2 page. And so that’s what a host name is and how to change it on Ubuntu, you can also change it through the system settings but we’re not going to go through a GUI way to do this right now. So, thanks for watching I hope you guys found this informative. If you have any questions just leave a comment, otherwise I’ll see you guys soon.

Posted on

What is the Linux Host File?

Click here to subscribe for more videos like this!

Hey guys, in this video we’re going to talk about hosts briefly, so in terms of our local host actually. So, there’s two parts to this video, the first we’re going to cover is the hosts file and we briefly touched on that in a previous video I think when we were, when we were deploying I think our Meteor application with Apache 2. We went into our hosts file to create some routes for the, for the application. So, basically the host file is in “/etc/hosts” so we can go ahead and open that up just type “sudo nano /etc/hosts” and hit enter. Put in your password and this is our hosts file. So, we actually did we were in here for app.localhost, subdomain in python, so the virtual hosts, and Python deployment, and Meteor deployment we were in here, and I didn’t really explain to what extent you can use this file. So, as I explained in the networking introduction video, a DNS server basically hold records of what domains point to what IP addresses. Think of this file as an internal DNS lookup functionality. So, when I go to apt.localhost the first place my computer checks for a route is the hosts file. If it doesn’t find an entry for a domain in the hosts file, then it goes out to the router, and then your ISP, and then a DNS server, and it checks there if there’s any records for it. So, by adding entries here we can actually override default behavior of known domains that we want to change. So, what I’m going to do is open up Firefox here for a moment, and I’m going to go to a website that will allow us to get the IP address of google.com, because we’re going to be using that. Just gonna go to network-tools.com and I’m gonna type in here google.com, and we can see that this IP address is the one we’re looking for. So, I’m going to copy this here and I’m gonna jump back into this file. Now, this file can take three columns and we’ve only discussed two so far, so let’s go ahead and cover all the columns here in great detail. So, the first one is the IP address that we want a route to. The second column is gonna be the domain or the host’s name that we want to route to that. So, let’s just type in go.com and then the third column is an alias, so we can just type “go”. And, so when we save this file what we’re gonna is when we go to go, it’s going to go to google.com and their their servers have actually, their not ok so they’re doing a lot of internal routing there. Let’s try YouTube. So, what we’re gonna do again, we’re gonna get actually let’s try something that we know is going to work. So, I’m just gonna type in my own server name here, and grab that IP address, jump back into our hosts file, and I’m gonna paste that there. Now I’m gonna save this again and go to go.com. It’s saying it’s not found, weird this just worked.

Posted on

How to use Netstat to Track Detailed Network Statistics

Click here to subscribe for more videos like this!

Hey guys, welcome back. So, last video we looked at a way to really track packets and the packets that are actually being sent to and from this machine individually as packets, and now we’re going to talk about a man called “netstat” which is an abbreviated term for network statistics. So, basically the command that we’re going to be using throughout this video is netstat, and based on the flags that we pass it it’s going to return different statistics. So, if I put “netstat -nr” the “n” option makes netstat print addresses as dots, you know dotted IP addresses rather than symbolic host network name, so this is gonna make sense if you want to see the actual IP addresses rather than the domains that are connected to the machine. And, so this is what I’ve got right now. Basically, gives us the information that were looking for regarding the IP routing table, and so the “r” flag in that command that I just put basically states that we’re looking for the kernel IP routing table, and that basically shows what certain things are routed to. So, let’s actually display network interface statistics themselves, and we’re gonna do that with the “-I” command. So, we’re gonna take “netstat -I” and this shows us the usage of each of our devices, and so we can see the local host here which was configured has sent this many packets right here, and it’s received this many packets. As compared to our wireless interface which so far has received that many, and actually this is bytes not packets, and this many. So, you can kind of see how this would be useful. We can actually display connections to our machine as well, and so I think my system update is still going, it is, so this is going to be good. What we’re gonna do is run the “netstat” with the flags -ta, and this is going look for active sockets and it’s going to print out the status of them, and basically you know the foreign address in the local address. So, this obviously is our local machine here. These are the foreign addresses that it’s connecting to, and so what I’m going to do is I’m going to run “netstat -tan” and it’s gonna show IP addresses instead of the host names. And so you can see how that’s gonna be useful because we can actually combine elements of the different flags that we’re passing to the netstat command, and it’s basically you know going to change the way that each of these outputs works. And, so that is how you would use netstat to view active connections and active route of IP addresses internally through through the command line here, and you know if you’re not sure if you think your computer may be connecting to a malicious host or something, what you can do is you can take these IP addresses and you can actually look them up through through a website like network-tools. I think it’s network-tools.com it could be .org I’m not sure, but you can find information about each one of these hosts if you’re not sure where it came from. And, just by looking at these you might be able to you know the actual host names themselves you may know what they are. I think these are all my updates that are happening through the software update, or so that’s I don’t recognize any of these. So, that’s how to use netstat. I hope you guys enjoyed this video and found informative. I hope you guys can basically understand what netstat does. It’s a very simple command but it’s a very useful in a lot of circumstances. So, thank you guys for watching this video, I’ll see you guys soon.

Posted on

Practical Networking Commands pt.2

Click here to subscribe for more videos like this!

So, right now it’s not capturing any, let’s go ahead and do some updates. So, that just captured 10 of the packets from my machine that was essentially coming into my machine, and so we can analyze them a bit. We can see where they’re going to and where they’re coming from. So, we can see here basically, the first column is a time stamp, right. Over here we’ve got the IP address we’re sending from, so this is our machine here as you recall, and it’s sending this package out to our router which basically ends up here at this domain. And so that’s how to use you know tcpdump very, very minimally. There are some other options that we can go through as well for this command. So, you can print the captured packets in ASCII, so let’s go ahead and do that. “sudo tcpdump -c 10 -A” and this is going to print out the actual packets in ASCII. So, you can use this if you’re trying to see you know what exactly you’re getting in this just all looks like gibberish to me but it’s the packets are actually coming through, so that’s a neat way to use this command. So, basically if you only want to listen on one network interface, I’m going to run “ifconfig” again, and we can see wlo1 is the name of this device. So, what I’m gonna do is run “sudo tcpdump -c 5 -I wlo1” and what that -I does is it tells it to listen to a very specific interface that we define after that “-I”. Now, in addition to displaying the packets in ASCII format we can also display them in hex and ASCII. So, this may make sense for you if you’re looking for some hex response from these packets that are coming in and out, so what we’re gonna do is run “sudo tcpdump -XX -I wlo1” and this is gonna print out, I didn’t use the c flag so I’m just going to cancel there. So, this is gonna print out packets in hex and ASCII format. So, let me clear this. One other neat thing is you can capture packets from specific ports and so let’s go ahead and do that. So, let’s run “sudo tcpdump” and I’ll show you guys why that’s going to make sense here in a moment “-I wlo1” this is the name of my interface and then “port 22” Now, right now I don’t think I have any port 22’s going on here and that’s because port 22 is an SSH port. So, what I’m going to do is I’m going to connect to my server via SSH and we’re gonna packet activity here. So, here we see a bunch packets happening and each time you do something you can see exactly what’s happening here, and you would you be able to parse through these and you know basically see that there is activity, what kind of activity, and you know where it’s happening between. So, that is a bit about the “tcpdump” command. This is gonna be good with troubleshooting network activity, there’s not really many other uses that I can think for this, but if you have any uses for this that i don’t know about leave a comment I would like to know how you guys use this command if you do or any any practical applications that you think this command would serve.

Posted on 1 Comment

Practical Networking Commands pt.1

Click here to subscribe for more videos like this!

Hey guys, welcome back. In this video we are going to get to some practical networking things, and this is all in terminal. And so the first thing we’re going to do is bring up terminal, and first I want to talk about the ping command and what this means and what it does. So, you can ping an IP address or a domain name to see if you can get a successful response from it. This is a great way let’s say you’re using a web, this is just an example, if you’re using a web browser and you’re trying to troubleshoot if the web browsers isn’t working or if your entire internet connection is not working, you might drop down here to command line and run a ping command on a known host that you know is always going to be up, for instance google.com. And so that’s exactly what we’re gonna do, so I’m just gonna type in the command ping and then the address of what I want to ping. And I’m getting a response and it tells us what length of time each response is taking to return to us, so yeah. It also shows other stuff like the exact IP address, the server that it’s reaching, and that good stuff. And this is gonna just go until you close it, so just CTRL+C to exit, and then it gives you a breakdown of what happens. You could let this run for a while to see if you’re getting any packet loss through your network card, and so that’s what pinging does. So I’m going to clear this up here and we’re going to talk about the command ifconfig. So, on Windows in command line you have a command called ipconfig and it spits out a whole bunch information about your network configuration. In Linux it’s ifconfig and it does the same here. I’m gonna run that command again. Alright, so this is going to link our addresses here or our network interfaces, and also any IP addresses that it has and whatnot. So, the first one is gonna be an ethernet which I don’t have plugged in right now, and so it’s gonna be basically not working. This is the name of that interface. This is our local loopback, so this is like a virtual interface that runs that it has our local host address here and it basically controls that, and then down here we have our wireless ethernet which we can see this is working as I have received bytes. So, “RX” basically means what you’ve received, “TX” basically means what you’ve transferred out. So, that’s how to read that. There’s an IP 6 address right here and my IP address, this is gonna be my NAT address and it gives ID’s and stuff of the network interface device. And so that’s basically how to use ifconfig, sometimes this might be useful to see if you know you’re getting a valid IP address from the router, to see you know if it’s actually working at all which you can see here mine is. I’m gonna clear this and what we’re going to go over now is a command called TCPDUMP. It’s a really powerful command line packet sniffer, so it can analyze the packets that are you know going in and out of your computer or your network. So, first thing we need to do is install it if we don’t already have it installed. So, “sudo apt-get install tcpdump” it’s probably already installed but just in case make sure, and it is it’s the newest version. So, this is a big command-line tool and I was gonna do more stuff in the video but I think we’re going to cut it off after this command. So, what we’re gonna do is basically just run the command “tcpdump” We don’t have permission to capture on that device so we’re going to run “sudo tcpdump” And this capturing all packets that are coming in and out of my computer. This is just gonna run until you cancel, so I’m just gonna cancel here. Now, as you can see that was a pretty big output and so what we can do is we can only capture a certain amount, so what we’re gonna do is that. How we do that is basically using the command “sudo tcpdump -c 10” and that’s good. Alright I have to run sudo. So, this is going to capture 10 packets.

Posted on

How does the internet work?

Click here to subscribe for more videos like this!

In this video we’re not going to be doing anything, we’re not gonna be learning about networking specifically on Linux. We need to understand a few general concepts before we get to that. So, this video is going to be a sort of introduction to networking on Linux. An introduction to networking in general. So, right now you are on a computerized device watching this video which is on the Internet. And the way that’s happening is basically you’re connected to a router, or a modem router all-in-one device, and the router is connected to your internet service provider, and your internet service provider has devices that are connected to the bigger world of the internet. So, you send a request, if you open up a browser and type in google.com and then hit enter, your web browser sends that as a request. It’s basically saying okay this is the web page that this computer wants to look at right now. It sends that through your router, which sends it to your internet service provider, and your internet service provider has all these fancy computers that properly route certain requests to DNS servers, any requests actually. What a DNS server does is it says okay, you gave me this string of text, a domain name or URL, and I have a record here that shows this domain or string of texts is supposed to serve up the content at this IP address. And so how the internet works is it doesn’t understand Google.com or Facebook.com. The internet uses network addresses, right, and so think of it like each web server, each server out there has and address just like every house on your street has an address. So, if you were gonna send somebody down the street to Joe’s place, you would say okay well go to this address, then you would give them the address of Joe’s place and they would be able to find it. The same thing is happening on a DNS server. You give the DNS server a domain name that you want to look at, and then th the DNS server takes that and says okay well I know this domain name is supposed to route to this IP address. So, you request, you need to go over to the server to get that content, and so your request then gets translated to an IP address and other information, and it gets to the web server that it’s supposed to be at. And then the web server running Apache or anything really nginx, I’m sure there’s tons out there that I don’t know about, but the web server receives requests, it receives all of the information related to it. So, cookies you know session variable stuff like that as well as the exact item you want to look at it. So, if you go to website.com/something /something else, everything after the .com/ is called a URI and that indicates what piece of content on the server you want. So, think of the first part domain.com as what server you need to be communicating with, and then afterward you know /about.php or something that’s gonna tell the server once it gets the request what page it needs to send you. And then it does it’s you know rendering process and it sends you that page in the exact same route that your request took to get there. So, it’s like when you send your friend down the street to Joe’s place to pick up a box of pizza. So, your friend walks down the street he turns left you know maybe turns right, he gets to Joe’s place, he walks in says hey I need to get a pizza, Joe gives him the pizza, then he walks same way back to your house, and before you know it a web page has loaded within your computer box. That’s how that happens. I hope you guys understood that. In the next video we’re actually gonna cover a few more concepts before we dive into you know really understanding to the point that we can use applications to do certain things. So, I hope you guys found that informative. If you didn’t, if there’s any point in this video that you felt lost or confused, or even that I was just rambling, or even if you just want to tell me you know a few more web server applications aside from Apache, there is a comment section to the side of this video. You just leave a comment I will reply and get you whatever information you need, and hopefully this will make sense to you.

Posted on

Introduction to Networking on Linux

Click here to subscribe for more videos like this!

So, we’re all done with the user accounts and groups and stuff and we’re gonna move on to networking. Networking is a big topic in and of itself, and so there’s no humanly way possible I’d be able to teach you everything there is to know about networking, and I don’t plan to. What I plan to do is give you guys the most essential and necessary information about networking and then take that as you want and you know further development, but this should be a starting point for you. It should help you understand what’s actually happening on a network, and even what network is. So, for people new to I guess computers, technology, and maybe not new but maybe you’ve used the internet before and you just haven’t thought about you know what’s actually happening, and that’s how I was for a long time actually. I had worked with an internet service provider and before I worked there I just though you know the internet was magic. That you know I opened up a web browser and type in a series of letters you know separated by a few dots that somehow, magically, I didn’t really care how it happened at that point it went out and found a page. You know magically brought it to my computer, and so if that’s the kind of understanding you guys have at this point this is going to be some really great information for you guys to take and really absorb.