Linux Networking Flashcards
Using tcpdump, how can you isolate a specific interface port and source ip?
tcpdump -i eth0 port 8080 src 10.0.0.1
Using tcpdump, how can you isolate a specific protocol?
tcpdump icmp
You can only isolate transport layer protocols like icmp, tcp, udp
How are the OSI and TCP/IP models composed and how do they compare?
OSI Model TCP/IP Protocols
Application Application http,smtp,telnet,ftp
Presentation Application http,smtp,telnet,ftp
Session Application http,smtp,telnet,ftp
Transport Transport tcp, udp
Network Internet arp, ip, igmp, icmp
Data Link Network Interface / Network Access Layer
Physical Network Interface / Network Access Layer
https://www.iperiusbackup.net/wp-content/uploads/2019/09/image4.jpg
What type of networks are there (not in terms of topology) and which devices can we find in each one?
LANs: switches, nic
WANs: routers, firewalls
What is ARP used for?
ARP (Address Resolution Protocol) is used to discover the link layer address (mac address) given a network layer address (ip)
What are some components of an IP header?
Version, header length, total length, identifier, flags, fragmentation offset, time to live, protocol, source address, destination address, header checksum
What is TTL?
Time to live is a number that represents the maximum number of routers a packet is allowed to pass trough before dying. It is helpfull in preventing a packet from being stuck in an infinite loop
Which command allows you to check the route a packet to a specific destination ip will follow?
traceroute (ip), -n flag removes wait time for dns resolutions
What commands allows you to see the route table?
route -n or ip route
What is the difference between static and dynamic routing?
Static routing is define manually for specific destinations, whilst dynamic ports are defined by algorithms that find the optimal path to specific destinations
What commands allow you to define a default gateway?
sudo ip route add default via (ip)
or
sudo route add default gw (ip)
How do you define default gateway in a permanent manner?
On ubuntu neplan yml file can be used (/etc/netplan/something.yaml) as follows: network: version: 2 renderer: networkd ethernets: enp2s0: addresses: [192.168.1.10/24] gateway4: 192.168.1.1 nameservers: addresses: [1.1.1.1, 1.0.0.1]
And running sudo netplan apply followed by a reboot
What does a tcp header contain?
Source and destination ports Sequence number Acknowledgement number flags window size checksum options
What are the 3 states of a tcp connection that is being established, and how is each state reached?
SYN_SENT, SYN_RECEIVED, ESTABLISHED
syn_sent is reached when the first syn message is sent to the destination
syn_received is reached when the syn/ack is recieved from the target
established is reached when the final ack is sent to the target
How does a tcp connection termination work?
Tcp connection is terminated by the source sending a FIN signal and the destination responding with ACK, after which the same processed is repeated for the destination, so the destination sends a FIN signal and awaits and ack before setting the connection as terminated
