CYBER SECURITY (2150002) Er. No.

: 161120105045

Practical - 1
AIM: Study of basic Linux network commands.

1. Free:

Description:

Free displays the total amount of free and used physical and swap memory in the
system, as well as the buffers used by the kernel. The shared memory column represents either
the MemShared value (2.4 series kernels) or the Shmem value (2.6 series kernels and later)
taken from the /proc/meminfo file. The value is zero if none of the entries is exported by the
kernel.

Option:

-b, --bytes
Display the amount of memory in bytes.
-k, --kilo
Display the amount of memory in kilobytes. This is the default.
-m, --mega
Display the amount of memory in megabytes.
-g, --giga
Display the amount of memory in gigabytes.
--tera Display the amount of memory in terabytes.
Screenshot: -
CYBER SECURITY (2150002) Er. No.: 161120105045

2. Ping:

Description:

Ping uses the ICMP protocol's mandatory ECHO_REQUEST datagram to elicit an

ICMP ECHO_RESPONSE from a host or gateway. ECHO_REQUEST datagrams
("pings'') have an IP and ICMP header, followed by a “struct timeval” and then an arbitrary
number of ``pad'' bytes used to fill out the packet.

Option:

-c count
Stop after sending (and receiving) count ECHO_RESPONSE packets.
-d Set the SO_DEBUG option on the socket being used.
-f Flood ping. Outputs packets as fast as they come back or one hundred times per second,
whichever is more. For every ECHO_REQUEST sent a period ``.'' is printed, while for every

Screenshot:
CYBER SECURITY (2150002) Er. No.: 161120105045

3. Last:

Description:

Last searches back through the /var/log/wtmp file (or the file
designated by the -f option) and displays a list of all users logged in (and out) since that file
was created. One or more usernames and/or ttys can be given, in which case last will show
only the entries matching those arguments.

Option:

-a, --hostlast
Display the hostname in the last column. Useful in combination with the --dns option.
-d, --dns
For non-local logins, Linux stores not only the host name of the remote host, but its IP
number as well. This option translates the IP number back into a hostname.
-f, --file file
Tell last to use a specific file instead of /var/log/wtmp.

Screenshot:
CYBER SECURITY (2150002) Er. No.: 161120105045

4. Dig:

Description:

Dig (domain information groper) is a flexible tool for interrogating DNS name servers.
It performs DNS lookups and displays the answers that are returned from the name server(s)
that were queried. Most DNS administrators use dig to troubleshoot DNS problems because of
its flexibility, ease of use and clarity of output.

Option:

The -b option sets the source IP address of the query to address. This ust be a valid
address on one of the host's network interfaces or "0.0.0.0" or "::". An optional port may be
specified by appending "#<port>" The default query class (IN for internet) is overridden by
the –c option. class is any valid class, such as HS for Hesiod records or CH for Chaosnet
records.
The -f option makes dig operate in batch mode by reading a list of lookup requests to
process from the file filename. The file contains a lookup requests to process from the file
filename. The file contains a number of queries, one per line. Each entry in the file should be
organized in the same way they would be presented as queries to dig using the command-line
interface.
The -m option enables memory usage debugging. If a non-standard port number is to
be queried, the -p option is used. port# is the port number that dig will send its queries instead
of the standard DNS port number 53. This option would be used to test a name server that has
been configured to listen for queries on a non-standard port number.

Screenshot:
CYBER SECURITY (2150002) Er. No.: 161120105045

5. Route:

Description:

Route manipulates the kernel's IP routing tables. Its primary use is

to set up static routes to specific hosts or networks via an interface after it has been configured
with the ifconfig program. When the add or del options are used, route modifies the routing
tables. Without these options, route displays the current contents of the routing tables.

Option:

-A family
use the specified address family (eg 'inet'; use 'route --help' for a full list).
-F operate on the kernel's FIB (Forwarding Information Base) routing table. This is the
default.
-C operate on the kernel's routing cache.
-v select verbose operation.
-n show numerical addresses instead of trying to determine symbolic host names. This is
useful if you are trying to determine why the route to your nameserver has vanished.
CYBER SECURITY (2150002) Er. No.: 161120105045

Screenshot:

6. W3m:

Description:

W3m is a text based browser which can display local or remote web pages as well as
other documents. It is able to process HTML tables and frames but it ignores JavaScript and
Cascading Style Sheets. w3m can also serve as a pager for text files named as arguments or
passed on standard input, and as a general purpose directory browser. w3m organizes its
content in buffers or tabs, allowing easy navigation between them. With the w3m-img
extension installed, w3m can display inline graphics in web pages. And whenever w3m's
HTML rendering capabilities do not meet your needs, the target URL can be handed over to a
graphical browser with a single command. For help with runtime options, press “H” while
running w3m.

Option:

Command line options are introduced with a single “-” character and may
take an argument.
General options:
-B with no other target defined, use the bookmark page for startup
-M monochrome display
-no-mouse
deactivate mouse support
-num display each line's number
-N distribute multiple command line arguments to tabs. By default, a stack of buffers is used
-ppc num
CYBER SECURITY (2150002) Er. No.: 161120105045

width of num pixels per character. Range of 4.0 to 32.0, default 8.0. Larger values will make
tables narrower. (Implementation not verified)
-ppl num
height of num pixels per line. Range of 4.0 to 64.0.
(Implementation not verified)

Screenshot:
CYBER SECURITY (2150002) Er. No.: 161120105045

7. Hostname:

Description:

Hostname is used to display the system's DNS name, and to display or set its hostname
or NIS domain name. GET NAME When called without any arguments, the program displays
the current names: hostname will print the name of the system as returned by the get hostname
function.

Option:

-a, --alias
Display the alias name of the host (if used). This option is deprecated and should not be used
anymore.
-A, --all-fqdns
Displays all FQDNs of the machine. This option enumerates all configured network
addresses on all configured network interfaces, and translates them to DNS domain names.
Addresses that cannot be translated (i.e. because they do not have an appropriate reverse IP
entry) are skipped. Note that different addresses may resolve to the same name, therefore the
output may contain duplicate entries. Do not make any assumptions about the order of the
output.

Screenshot:
CYBER SECURITY (2150002) Er. No.: 161120105045

8. Ifconfig:

Description:

Ifconfig is used to configure the kernel-resident network interfaces. It is used at boot

time to set up interfaces as necessary. After that, it is usually only needed when debugging or
when system tuning is needed.

Option: -

-a display all interfaces which are currently available, even if down

-s display a short list (like netstat -i)
-v be more verbose for some error conditions interface The name of the interface. This is
usually a driver name followed by a unit number, for example eth0 for the first Ethernet
interface. If your kernel supports alias interfaces, you can specify them with eth0:0 for the
first alias of eth0.

Screenshot: -
CYBER SECURITY (2150002) Er. No.: 161120105045

9. Speedometer:

Description:

Measure and display the rate of data across a network connection or data being stored in a
file.
Install speedometer in ubuntu
Check which version of python is the default by running
python -V
Then issue the following commands as root to install speedometer (choose the correct
Urwid package for your python version, ie. if python -V reports version 2.3.X then install
python2.3-urwid)
apt-get install python2.4-urwid Download the
speedometer.py(http://excess.org/speedometer/speedometer.py) source file.
As user issue the following commands in the directory that you downloaded the source file
sudo cp speedometer.py /usr/local/bin/speedometer
sudo chown root: /usr/local/bin/speedometer
sudo chmod 755 /usr/local/bin/speedometer

Taps:

[-f] filename [size] display download speed [with progress bar]

-f must be used if directly following another file tap without an expected size specified
-rx network-interface display bytes received on network-interface
-tx network-interface display bytes transmitted on network-interface.

Option:

-i interval-in-seconds eg. "5" or "0.25" default: "1"

-p use plain-text display (one tap only)
-b use old blocky display instead of smoothed display even when UTF-8 encoding is detected
-z report zero size on files that don't exist instead of waiting for them to be created.

Screenshot:
CYBER SECURITY (2150002) Er. No.: 161120105045
CYBER SECURITY (2150002) Er. No.: 161120105045

10. Arp:

Description:

Arp manipulates or displays the kernel's IPv4 network neighbour cache. It can add
entries to the table, delete one or display the current content. ARP stands for Address
Resolution Protocol, which is used to find the media access control address of a network
neighbour for a given IPv4 Address.

Option:

-v, --verbose
Tell the user what is going on by being verbose.
-n, --numeric
shows numerical addresses instead of trying to determine symbolic host, port or user names.
-H type, --hw-type type, -t type
When setting or reading the ARP cache, this optional parameter tells arp which class of
entries it should check for. The default value of this parameter is ether (i.e. hardware code
0x01 for IEEE 802.3 10Mbps Ethernet). Other values might include network technologies
such as ARCnet (arcnet) , PROnet (pronet) , AX.25 (ax25) and NET/ROM (netrom).

Screenshot:
CYBER SECURITY (2150002) Er. No.: 161120105045

11. Nslookup:

Description:

Nslookup is a program to query Internet domain name servers. Nslookup has two
modes: interactive and non-interactive. Interactive mode allows the user to query name servers
for information about various hosts and domains or to print a list of hosts in a domain.

Screenshot:
CYBER SECURITY (2150002) Er. No.: 161120105045

12. Traceroute:

Description:

Traceroute tracks the route packets taken from an IP network on their way to a given
host. It utilizes the IP protocol's time to live (TTL) field and attempts to elicit an ICMP
TIME_EXCEEDED response from each gateway along the path to the host.
traceroute6 is equivalent to traceroute -6 tcptraceroute is equivalent to traceroute –T lft , the
Layer Four Traceroute, performs a TCP traceroute, like traceroute -T , but attempts to provide
compatibility with the original such implementation, also called "lft".

Option:

--help Print help info and exit.

-4, -6 Explicitly force IPv4 or IPv6 tracerouting. By default, the program will try to resolve
the name given, and choose the appropriate protocol automatically. If resolving a host name
returns both IPv4 and IPv6 addresses, traceroute will use IPv4. returns both IPv4 and IPv6
addresses, traceroute will use IPv4.
-I Use ICMP ECHO for probes
-T Use TCP SYN for probes
-d Enable socket level debugging (when the Linux kernel supports it)
-F Do not fragment probe packets. (For IPv4 it also sets DF bit, which tells intermediate
routers not to fragment remotely as well).

Screenshot:
CYBER SECURITY (2150002) Er. No.: 161120105045

13. Ssh:

Description:

Ssh (SSH client) is a program for logging into a remote machine and for executing
commands on a remote machine. It is intended to replace rlogin and rsh, and provide secure
encrypted communications between two untrusted hosts over an insecure network. X11
connections and arbitrary TCP ports can also be forwarded over the secure channel.

Option:

-1 Forces ssh to try protocol version 1 only.

-2 Forces ssh to try protocol version 2 only.
-4 Forces ssh to use IPv4 addresses only.
-6 Forces ssh to use IPv6 addresses only.
-A Enables forwarding of the authentication agent connection.

Screenshot: