Labels

LPI E - common bin

LPI E - Scripting

4.3 Where Data is Stored

Review of Topics:
Various types of information stored on a Linux system
Part 2 of 2:  Part 1 - A Detailed Look

Overview of the Linux File System

The Linux file system is hierarchical, which means that it is arranged in a tree-like structure. At the top of the hierarchy is the root directory, represented by a forward slash (/). All other directories and files are located within this root directory.

/bin System Directory

One of the essential system directories is the /bin and /sbin directory, which contains essential system binaries. These are the executable programs that are necessary for the operating system to function correctly, such as ls, cd, and mkdir.

Here are some of the most common binaries you'll find in the bin directory: 

>>> Directory/Files Binaries <<<

  • ls: list files and directories in the current working directory or any other directory specified as an argument.
  • cp: copy files and directories.
  • mv: move or rename files and directories.
  • rm: remove files and directories.mkdir: The mkdir command is used to create new directories.
  • rmdir: remove empty directories.
  • cat: display the contents of files.
  • find: search for files and directories that match a given pattern.
  • tar: create and manipulate compressed archive files.
  • zip: create and manipulate compressed ZIP archive files.
  • curl: transfer data to or from a server using various protocols such as HTTP, FTP, and SMTP. 

>>> Text Manipulation Binaries <<<

  • echo: display text on the command line or redirect it to a file.
  • awk: process and manipulate text files using pattern matching and actions.
  • grep: search for a specific pattern in a file or multiple files.
  • sed: perform text transformations on files and streams.
  • cut: extract sections from each line of a file.
  • paste: merge lines from one or more files side-by-side.
  • cat: concatenate and display files.
  • head: display the first lines of a file.
  • tail: display the last lines of a file
  • tee: read from standard input and write to both standard output and a file.
  • tr: translate or delete characters in a text stream
  • fmt: format text files by breaking lines at specified intervals.
  • fold: wrap lines in a text file at a specified width.
  • sort: sort and order the contents of a file or output from another command. 

>>> User/Group Binaries <<<

  • id: display the current user ID (UID) and group ID (GID) or other users' IDs and GIDs
  • useradd: add a new user account
  • usermod: modify an existing user account
  • userdel: delete a user account
  • groupadd: add a new group
  • groupmod: modify an existing group
  • groupdel: delete a group
  • passwd: change a user's password
  • chmod: change the file permissions of a file or directory.
  • chown: change the owner and group of a file or directory.
  • chpasswd: change passwords for multiple users at once
  • chsh: change a user's default shell
  • chgrp: change the group ownership of a file or directory
  • newgrp: switch to a new group
  • groups: display a user's group memberships
  • whoami: display the username of the current user
  • su: switch user accounts
  • sg: execute a command with a specified group ID
  • gpasswd: manage the group password file
  • pwck: check the consistency of password files
  • grpck: check the consistency of group files
  • login: start a new session on a system
  • logout: log out of a session
  • idmapd: map user and group IDs between different systems in a network
  • pwconv: convert the password file to a shadow password file
  • grpconv: convert the group file to a shadow group file
  • lognamedisplay the current user's login name
  • suexec: Apache web server to execute CGI scripts as a different user or group

>>> Networking Binaries <<<

  • ping: test network connectivity by sending packets to a remote host and receiving a response.
  • ifconfig: configure and manage network interfaces.
  • route: display and manipulate the routing table used by the network stack.
  • iptables: configure the Linux kernel firewall, allowing you to set up rules for incoming and outgoing traffic.
  • netstat: display active network connections, open ports, and listening services.
  • tcpdump: capture and analyze network traffic in real-time.
  • dig: perform DNS (Domain Name System) lookups to obtain information about domain names, IP addresses, and other DNS records.
  • host: The host command is used to perform DNS lookups for domain names.
  • nslookup: query DNS servers to obtain information about domain names and IP addresses.
  • ssh: remotely connect to another computer over a secure network connection.
  • arp: display and manipulate the ARP (Address Resolution Protocol) cache, which maps IP addresses to MAC addresses.
  • ip: configure and manage network interfaces, routing, and network devices.
  • ifup: bring a network interface up and configure it with the specified settings.
  • ifdown: take a network interface down and remove its configuration.
  • iw: configure and manage wireless network interfaces.
  • iwconfig: display and configure wireless network interfaces.
  • ss: display detailed information about active network sockets.
  • nc: establish TCP/IP connections and listen for incoming connections.
  • nmap: scan and discover hosts and services on a network.
  • traceroute: trace the path of network packets from one computer to another over the internet.

    >>> Networking Binaries <<<

Examples

👇 😰 👾 💁 👇

  • ping: The ping command is used to test network connectivity by sending packets to a remote host and receiving a response.
    • Check network connectivity to a specific host.
      • $ ping google.com
      • This command sends ICMP packets to a specified host and waits for a response. It repeats this process until it receives a response or is interrupted. This can be used to check if the host is reachable and responsive.
    • Check network connectivity using a specific packet size.
      • $ ping -s 1000 google.com
      • This command sends ICMP packets to a specified host with a specific size and waits for a response. It repeats this process until it receives a response or is interrupted. This can be used to check network connectivity with a specific packet size.
    • Send ping packets at a specific interval.
      • $ ping -i 5 google.com
      • This command sends ICMP packets to a specified host at a specific interval and waits for a response. It repeats this process until it receives a response or is interrupted. This can be used to check network connectivity with a specific interval.
    • Send a specific number of ping packets.
      • $ ping -c 10 google.com
      • This command sends a specified number of ICMP packets to a specified host and waits for a response. It can be used to check the connectivity and packet loss rate between the host and the target.
    • Sending packets with a specific payload size
      • $ ping -s 1000 <host>
      • This will use the -s flag to send packets with a payload size of 1000 bytes to the specified host.
  • ifconfig: The ifconfig command is used to configure and manage network interfaces.
    • To display information about all active network interfaces on your system:
      • $ ifconfig -a
      • In this example, the "-a" switch is used to display information about all network interfaces, including those that are down or not in use. 
    • Enable or disable a network interface
      • $ sudo ifconfig <interface> up
      • $ sudo ifconfig <interface> down
      • To enable a network interface, use the up parameter with the interface name.
      • To disable a network interface, use the down parameter with the interface name.
    • Assign a static IP address to a network interface
      • $ sudo ifconfig <interface> <ip_address> netmask <netmask>
      • $ sudo ifconfig eth0 192.168.1.10 netmask 255.255.255.0
      • Use the <interface> parameter to specify the name of the interface you want to configure. 
      • For example, sudo ifconfig eth0 192.168.1.100 netmask 255.255.255.0 will assign the IP address 192.168.1.100 to the eth0 interface with a netmask of 255.255.255.0.
    • Configure a network interface with multiple IP addresses
      • $ sudo ifconfig <interface>:<alias> <ip_address> netmask <netmask>
      • $ sudo ifconfig eth0:1 192.168.1.10 netmask 255.255.255.0
      • Use the <interface> parameter to specify the name of the interface you want to configure. 
      • For example, sudo ifconfig eth0 192.168.1.100 netmask 255.255.255.0 will assign the IP address 192.168.1.100 to the eth0 interface with a netmask of 255.255.255.0
  • route: The route command is used to display and manipulate the routing table used by the network stack.
    • To display the current routing table:
      • $ route -n
      • In this example, the "-n" switch is used to display the routing table in numerical format.
    • Add a default gateway.
      • $ sudo route add default gw <gateway_address>
      • The "gw" option is used to specify that this is a gateway entry, and "default" indicates that this is the default route.
    • Add a network route with a specific interface.
      • $ sudo route add -net <network_address> netmask <netmask> dev <interface>
      • sudo route add -net 192.168.1.0 netmask 255.255.255.0 dev eth0
      • This command adds a network route to the routing table with a specific interface. 
      • The <network_address> parameter specifies the IP address of the network you want to add a route for, and the <netmask> parameter specifies the network mask. The "dev" option specifies the interface that should be used for this route.
    • Delete a specific route from the routing table.
      • $ sudo route del -net <network_address> netmask <netmask> gw <gateway_address>
      • $ sudo route del -net 192.168.1.0 netmask 255.255.255.0 gw 192.168.1.1
      • The <network_address> parameter specifies the IP address of the network for which you want to delete the route, and the <netmask> parameter specifies the network mask. 
      • The <gateway_address> parameter specifies the IP address of the gateway through which the network is reachable. The "del" option is used to indicate that this is a deletion operation.
    • To add a new static route to a destination network:
      • $ sudo route add -net 192.168.2.0 netmask 255.255.255.0 gw 192.168.1.1
      • In this example, we are adding a new static route to the destination network "192.168.2.0" with the netmask "255.255.255.0" and gateway "192.168.1.1". The "sudo" command is used to run the command with root privileges.
  • iptables: The iptables command is used to configure the Linux kernel firewall, allowing you to set up rules for incoming and outgoing traffic.
    • To list all the current rules in the firewall:
      • $ sudo iptables -L
      • In this example, the "-L" switch is used to list all the current rules in the firewall. The "sudo" command is used to run the command with root privileges.
    • Open port 80 for incoming traffic.
      • $ sudo iptables -A INPUT -p tcp --dport 80 -j ACCEPT
      • This command adds a rule to the INPUT chain of iptables to accept incoming TCP traffic on port 80, which is commonly used for HTTP traffic.
    • Block all incoming traffic on port 22.
      • $ sudo iptables -A INPUT -p tcp --dport 22 -j DROP
      • This command adds a rule to the INPUT chain of iptables to drop all incoming TCP traffic on port 22, which is commonly used for SSH traffic.
    • Configure iptables to allow SSH traffic only from a specific IP address.
      • $ sudo iptables -A INPUT -p tcp --dport 22 -s <source_IP_address> -j ACCEPT
      • $ sudo iptables -A INPUT -p tcp --dport 22 -s 192.168.0.10 -j ACCEPT
      • This command adds a rule to the INPUT chain of iptables to accept incoming TCP traffic on port 22 only from the specified source IP address.
    • Configure iptables to allow outgoing traffic on port 80 and 443.
      • $ sudo iptables -A OUTPUT -p tcp --dport 80,443 -j ACCEPT
      • This command adds a rule to the OUTPUT chain of iptables to accept outgoing TCP traffic on port 80 and 443, which are commonly used for HTTP and HTTPS traffic.
    • To block incoming traffic from a specific IP address:
      • $ sudo iptables -A INPUT -s 192.168.1.100 -j DROP
      • In this example, we are blocking incoming traffic from the IP address "192.168.1.100" by adding a new rule to the INPUT chain with the "-A" switch. The "-s" parameter is used to specify the source IP address, and the "-j DROP" parameter is used to drop the incoming packets from that IP address. The "sudo" command is used to run the command with root privileges.
  • netstat: The netstat command is used to display active network connections, open ports, and listening services.
    • To display all active network connections on your system:
      • $ netstat -a
      • In this example, the "-a" switch is used to display all active network connections, including those that are listening and established.
    • To display network statistics for a specific protocol:
      • $ netstat -s -p tcp
      • In this example, we are using the "-s" switch to display statistics for various protocols, and the "-p" parameter to specify the TCP protocol. This command will display statistics for TCP connections, such as the number of active and passive connections, retransmissions, errors, and more.
    • To display all active network connections on your system:
      • $ netstat -ant
      • In this example, the "-a" switch shows all sockets (both listening and non-listening), "-n" displays the numerical addresses, and "-t" filters to show only TCP connections.
    • To display network statistics for a specific protocol:
      • $ netstat -s -t
      • In this example, we are using the "-s" switch to display statistics for various protocols, and the "-t" parameter to specify the TCP protocol. This command will display statistics for TCP connections, such as the number of active and passive connections, retransmissions, errors, and more.
  • tcpdump: The tcpdump command is used to capture and analyze network traffic in real-time.
    • To capture and display all traffic on a specific network interface:
      • $ sudo tcpdump -i eth0
      • In this example, the "-i" switch is used to specify the network interface to capture traffic on (in this case, "eth0"). The "sudo" command is used to run the command with root privileges.
    • To capture and save network traffic to a file:
      • $ sudo tcpdump -i eth0 -w capture.pcap
      • In this example, we are using the "-w" switch to specify a filename for the capture file, which will be saved in the current directory. The "-i" switch is used to specify the network interface to capture traffic on. The "sudo" command is used to run the command with root privileges, the capture file format can be changed to other supported formats (such as "pcapng") using the "-F" switch.
  • dig: The dig command is used to perform DNS (Domain Name System) lookups to obtain information about domain names, IP addresses, and other DNS records.
    • To perform a DNS lookup and display the results:
      • $ dig example.com
      • In this example, we are performing a DNS lookup for the domain name "example.com". The command will display information such as the IP address(es) associated with the domain name, as well as other DNS-related information.
    • Use dig to query for a specific DNS record type for a domain name.
      • $ dig example.com A
      • This command will query for the IPv4 address (A record) of the domain name example.com.
      • $ dig google.com MX
      • This command will query for the mail exchange (MX record) of the domain name google.com.
      • $ dig yahoo.com NS
      • This command will query for the name servers (NS record) of the domain name yahoo.com.
      • $ dig facebook.com SOA 
      • This command will query for the start of authority (SOA record) of the domain name facebook.com.
    • To perform a reverse DNS lookup and display the results:
      • $ dig -x 8.8.8.8
  • host: The host command is used to perform DNS lookups for domain names.
    • To perform a DNS lookup and display the results:
      • $ host example.com
      • In this example, we are performing a DNS lookup for the domain name "example.com". The command will display information such as the IP address(es) associated with the domain name, as well as other DNS-related information.
    • To perform a reverse DNS lookup and display the results:
      • $ host 8.8.8.8
      • In this example, we are performing a reverse DNS lookup for the IP address "8.8.8.8". The command will display information such as the domain name associated with the IP address, as well as other DNS-related information.
  • nslookup: The nslookup command is used to query DNS servers to obtain information about domain names and IP addresses.
    • To perform a DNS lookup and display only the IP address of the queried domain:
      • $ nslookup -q=A example.com | grep 'Address:' | awk '{print $2}'
      • In this example, we are using the "-q" switch to specify the query type as "A", which retrieves the IPv4 address of the queried domain. We then use the "grep" and "awk" commands to extract and display only the IP address from the output.
    • To perform a DNS lookup and display the DNS server used for the query:
      • $ nslookup -debug example.com | grep 'SERVER:'
      • In this example, we are using the "-debug" switch to enable debug mode, which displays additional information about the DNS query process. We then use the "grep" command to filter and display the line that shows the DNS server used for the query.
  • ssh: The ssh command is used to remotely connect to another computer over a secure network connection.
    • To connect to a remote server with username and password:
      • $ ssh username@remote_host
      • In this example, we are using the "ssh" command to connect to a remote server with the specified username and hostname. The command will prompt for the password of the specified username.
    • To copy a file from a remote server to the local machine:
      • $ scp username@remote_host:/path/to/remote/file /path/to/local/directory
      • In this example, we are using the "scp" command (which is part of the ssh suite) to copy a file from a remote server to the local machine. The command requires the username and hostname of the remote server, as well as the full path to the remote file and the directory on the local machine where the file should be saved.
    • To forward a local port to a remote server through an SSH tunnel:
      • $ ssh -L local_port:remote_host:remote_port username@ssh_server
      • In this example, we are using the "-L" switch to create a local port forwarding tunnel from the specified local port to the remote host and port. The SSH connection is made through the SSH server with the specified username.
    • To execute a remote command over SSH without logging in:
      • $ ssh -t username@remote_host "sudo command_to_run"
      • In this example, we are using the "-t" switch to force SSH to allocate a pseudo-terminal, which allows us to execute a command on the remote host without actually logging in. We are also using the "sudo" command to run a command with superuser privileges on the remote host.
  • arp: The arp command is used to display and manipulate the ARP (Address Resolution Protocol) cache, which maps IP addresses to MAC addresses.
    • To display the ARP cache:
      • $ arp -a
      • In this example, we are using the "arp" command with the "-a" switch to display the ARP cache, which contains a mapping of IP addresses to physical addresses (MAC addresses) of devices on the local network.
    • To add a static ARP entry:
      • $ arp -s IP_address MAC_address
      • In this example, we are using the "arp" command with the "-s" switch to add a static ARP entry for the specified IP address and MAC address. This can be useful for devices that are frequently accessed and whose IP address and MAC address are not likely to change.
    • To delete an ARP cache entry:
      • $ arp -d IP_address
      • In this example, we are using the "arp" command with the "-d" switch to delete the ARP cache entry for the specified IP address. This can be useful if there is a problem with the ARP cache and it needs to be cleared.
    • To display the ARP cache for a specific network interface:
      • $ arp -i interface_name -a
      • In this example, we are using the "-i" switch to specify the network interface for which we want to display the ARP cache. This can be useful in situations where there are multiple network interfaces and we only want to view the ARP cache for a specific interface.
  • ip: The ip command is used to configure and manage network interfaces, routing, and network devices.
    • To display the network interfaces:
      • $ ip addr show
      • In this example, we are using the "ip" command with the "addr show" parameters to display the network interfaces on the system along with their IP addresses, netmasks, and other configuration details.
    • To bring up a network interface:
      • $ ip link set interface_name up
      • In this example, we are using the "ip" command with the "link set" parameters to bring up a network interface. Replace "interface_name" with the name of the network interface you want to bring up.
    • To add a new network interface:
      • $ ip link add dev interface_name type interface_type
      • In this example, we are using the "ip" command with the "link add" parameters to add a new network interface. Replace "interface_name" with the name you want to give to the new interface, and "interface_type" with the type of interface you want to create (e.g. "ethernet", "bridge", etc.).
    • To create a new virtual Ethernet interface:
      • $ ip link add link physical_interface_name name virtual_interface_name type macvlan
      • In this example, we are using the "ip" command to create a new virtual Ethernet interface that is a clone of a physical Ethernet interface. Replace "physical_interface_name" with the name of the physical Ethernet interface you want to clone, and "virtual_interface_name" with the name you want to give to the new virtual interface. The "macvlan"
  • ifup: The ifup command is used to bring a network interface up and configure it with the specified settings.
    • To bring up a network interface:
      • $ sudo ifup interface_name
      • In this example, we are using the "ifup" command with the name of the network interface to bring it up. Replace "interface_name" with the name of the network interface you want to bring up.
    • To display the available network interfaces:
      • $ ifup -a --no-act
      • In this example, we are using the "ifup" command with the "-a" and "--no-act" switches to display the available network interfaces without actually bringing them up. The "-a" switch tells the command to apply the action to all interfaces, and the "--no-act" switch prevents the command from actually performing the action.
    • To bring up a network interface with a static IP address:
      • $ sudo ifup interface_name=static address ip_address netmask netmask_value gateway gateway_address
      • In this example, we are using the "ifup" command with the "interface_name=static" parameter to bring up a network interface with a static IP address. Replace "interface_name" with the name of the network interface you want to bring up, "ip_address" with the desired IP address, "netmask_value" with the netmask value, and "gateway_address" with the desired gateway address.
    • To bring up a network interface with custom configuration options:
      • $ sudo ifup interface_name --options="option1 value1 option2 value2"
  • ifdown: The ifdown command is used to take a network interface down and remove its configuration.
    • To bring down a network interface:
      • $ sudo ifdown interface_name
      • In this example, we are using the "ifdown" command with the name of the network interface to bring it down. Replace "interface_name" with the name of the network interface you want to bring down.
    • To display the available network interfaces:if
      • $ ifdown -a --no-act
      • In this example, we are using the "ifdown" command with the "-a" and "--no-act" switches to display the available network interfaces without actually bringing them down. The "-a" switch tells the command to apply the action to all interfaces, and the "--no-act" switch prevents the command from actually performing the action.
    • To bring down a network interface and release its IP address:
      • $ sudo ifdown interface_name && sudo dhclient -r interface_name
      • In this example, we are using the "ifdown" command with the name of the network interface to bring it down, and then using the "dhclient" command to release its IP address. Replace "interface_name" with the name of the network interface you want to bring down.
    • To bring down a network interface and delete its configuration file:
      • $ sudo ifdown interface_name && sudo rm /etc/network/interfaces.d/interface_name.cfg
      • In this example, we are using the "ifdown" command with the name of the network interface to bring it down, and then using the "rm" command to delete its configuration file. Replace "interface_name" with the name of the network interface you want to bring down, and replace "interface_name.cfg" with the name of its configuration file.
  • iw: The iw command is used to configure and manage wireless network interfaces.
    • To list the available wireless network interfaces:
      • $ iw dev
      • In this example, we are using the "iw" command with the "dev" switch to list the available wireless network interfaces.
    • To show information about a wireless network interface:
      • $ iw dev interface_name info
      • In this example, we are using the "iw" command with the "dev" switch and the name of the wireless network interface to show information about that interface. Replace "interface_name" with the name of the wireless network interface you want to show information about.
    • To scan for available wireless networks:
      • $ iw dev interface_name scan
      • In this example, we are using the "iw" command with the "dev" switch and the name of the wireless network interface to scan for available wireless networks. Replace "interface_name" with the name of the wireless network interface you want to scan.
    • To set the frequency of a wireless network interface:
      • $ sudo iw dev interface_name set freq frequency
      • In this example, we are using the "iw" command with the "dev" switch, the name of the wireless network interface, and the "set" switch to set the frequency of the wireless network interface. Replace "interface_name" with the name of the wireless network interface you want to set the frequency for, and replace "frequency" with the desired frequency in MHz. The "sudo" command is used to run the command with root privileges.
  • iwconfig: The iwconfig command is used to display and configure wireless network interfaces.
    • To display information about wireless interfaces:
      • $ iwconfig
      • In this example, we are using the "iwconfig" command without any switches or parameters to display information about wireless interfaces.
    • To configure a wireless interface:
      • $ sudo iwconfig interface_name key s:password
      • In this example, we are using the "iwconfig" command with the name of the wireless interface and the "key" switch to configure the wireless interface with a password. Replace "interface_name" with the name of the wireless interface you want to configure and replace "password" with the desired password. The "s:" before the password specifies that the password is a string.
    • To set the transmission power of a wireless interface:
      • $ sudo iwconfig interface_name txpower power_level
      • In this example, we are using the "iwconfig" command with the name of the wireless interface and the "txpower" switch to set the transmission power of the wireless interface. Replace "interface_name" with the name of the wireless interface you want to configure and replace "power_level" with the desired power level in dBm. The "sudo" command is used to run the command with root privileges.
    • To set the mode of a wireless interface:
      • $ sudo iwconfig interface_name mode mode_type
      • In this example, we are using the "iwconfig" command with the name of the wireless interface and the "mode" switch to set the mode of the wireless interface. Replace "interface_name" with the name of the wireless interface you want to configure and replace "mode_type" with the desired mode type (e.g., "Ad-Hoc", "Managed", "Master", etc.). The "sudo" command is used to run the command with root privileges.
  • ss: The ss command is used to display detailed information about active network sockets.
    • To display all TCP connections using "ss", use the following command:
      • $ ss -t
      • This will show all TCP connections, including their state (ESTABLISHED, SYN_SENT, etc.), local and remote IP addresses, and port numbers.
    • To display all listening TCP ports using "ss", use the following command:
      • $ ss -tl
      • This will show all TCP ports that are currently in the listening state, along with their state, local IP address, and port number.
    • To display socket statistics for all protocols using "ss", use the following command:
      • $ ss -s
      • This will show statistics for all the protocols, including TCP, UDP, RAW, and more. The output will show the number of active connections, the number of connections in each state, and more.
    • To display detailed information about a specific connection using "ss", use the following command:
      • $ ss -t -i <interface> dst <destination-ip> sport <source-port> dport <destination-port>
      • Replace <interface>, <destination-ip>, <source-port>, and <destination-port> with the relevant values. This will show detailed information about the specified connection, including its state, local and remote IP addresses, and port numbers.
  • nc: The nc command is used to establish TCP/IP connections and listen for incoming connections.
    • To connect to a TCP or UDP port using "nc", use the following command:
      • $ nc <host> <port>
      • Replace <host> and <port> with the relevant values. This will connect to the specified host and port using the TCP or UDP protocol.
    • To listen on a TCP or UDP port using "nc", use the following command:
      • $ nc -l <port>
      • Replace <port> with the relevant value. This will listen on the specified port for incoming TCP or UDP connections.
    • To send and receive data in hex format using "nc", use the following command:
      • $ nc -X <hex-options> <host> <port>
      • Replace <hex-options>, <host>, and <port> with the relevant values. This will enable sending and receiving data in hex format, which can be useful for testing network protocols or encoding/decoding data.
    • To create a proxy server using "nc", use the following command:
      • $ nc -l <local-port> | nc <proxy-host> <proxy-port> | nc <remote-host> <remote-port>
      • Replace <local-port>, <proxy-host>, <proxy-port>, <remote-host>, and <remote-port> with the relevant values. This will create a proxy server that listens on the specified local port, forwards incoming data to the proxy host and port, and then forwards it to the remote host and port. This can be useful for tunneling traffic through a firewall or bypassing network restrictions.
  • nmap: The nmap command is used to scan and discover hosts and services on a network.
    • To perform a simple scan of a target IP address, use the following command:
      • $ nmap 192.168.1.1
      • This will perform a basic scan of the target IP address and show open ports and services.
    • To perform a scan of a range of IP addresses, use the following command:
      • $ nmap 192.168.1.1-192.168.1.100
      • This will perform a scan of all IP addresses in the range from 192.168.1.1 to 192.168.1.100.
    • To perform an advanced scan with detailed information about the target, use the following command:
      • $ nmap -A -T4 192.168.1.1
      • This will perform an advanced scan with OS detection, version detection, and script scanning.
    • To perform a stealth scan with TCP SYN packets, use the following command:
      • $ nmap -sS 192.168.1.1
      • This will perform a stealth scan with TCP SYN packets, which can help evade detection by some intrusion detection systems.
  • traceroute: The traceroute command is used to trace the path of network packets from one computer to another over the internet.
    • We want to trace the route to a website and see the hops it takes to reach the destination.
      • $ traceroute google.com
      • This command will send packets to Google.com and display the route it takes to reach the destination.
    • We want to increase the number of hops to display for a traceroute.
      • $ traceroute -m 30 google.com
      • This command will send packets to Google.com and display the route it takes to reach the destination, up to a maximum of 30 hops.
    • We want to perform a traceroute with specific protocol and port.
      • $ traceroute -T -p 443 google.com
      • This command will send TCP packets with port 443 to Google.com and display the route it takes to reach the destination.
    • We want to perform a traceroute with specific packet size and display the DNS names of intermediate hops.
      • $ traceroute -n -I -s 1500 -w 1 google.com
      • This command will send ICMP packets with size 1500 to Google.com and display the DNS names of intermediate hops along with the IP addresses. The -n switch disables DNS resolution and -w sets the timeout for each probe to 1 second. The -I switch sets the packet type to ICMP, which is used for traceroute by default.

 


Disclaimer:


The samples provided here are intended to serve as a general guide and reference for individuals preparing for the LPI Linux certifications. These samples are not meant to represent the exact questions that may appear on the actual exam. The LPI certification exams are constantly updated and revised, and the questions on each exam are carefully crafted to assess a candidate's knowledge and skills.

Therefore, while we have made every effort to ensure the accuracy and relevance of the samples provided, we cannot guarantee that they will reflect the content or difficulty level of the actual exam. Additionally, we do not endorse or have any affiliation with the Linux Professional Institute (LPI).

We strongly recommend that candidates use these samples as an additional resource for their exam preparation, in combination with other study materials and practice tests. Ultimately, success on the LPI Linux certification exams will depend on an individual's knowledge, experience, and understanding of the exam objectives.

By using these samples, you agree that neither the provider of these sample questions nor any of its affiliates or employees shall be liable for any damages arising from your use or reliance on these sample questions or any information provided herein.   

Email Post
Labels:

Comments

Post a Comment

Popular Posts