Troubleshooting Cmd Tools with Switches/Options Flashcards
Ifconfig
Displays basic TCP/IP information and network information, including MAC address of the NIC
ifconfig -a
Displays TCP/IP information associated with every interface on a Linux device; can be used with other parameters (see Figure 3-26)
ifconfig down
Marks the interface, or network connection, as unavailable to the network
ifconfig up
Reinitializes the interface after it has been taken down (via the ifconfig
down command), so that it is once again available to the network
man ifconfig
Displays the manual pages, called man pages, for the ifconfig command, which tells you how to use the command and about command parameters (similar to the ipconfig /? command in Windows)
dig google.com
Performs a DNS lookup on a domain name
dig @8.8.8.8 google.com
Specifies a name server in the google.com domain
dig @8.8.8.8 google.com MX
Requests a list of all A records in the google.com domain on a specific name server
dig google.com ANY
Requests a list of all record types in the google.com domain
dig –x 74.125.21.102
Performs a reverse lookup on a Google I P address
man dig
Displays the man page for the dig command
Netstat
Lists all active TCP/IP connections on the local machine, including the Transport layer protocol used, messages sent, and received, IP address, and state of those connections
netstat -n
Lists current connections, including IP addresses and ports
netstat -f
Lists current connections, including IP addresses, ports, and FQDNs
netstat -a
Lists all current TCP connections and all listening TCP and UDP ports
netstat -e
Displays statistics about messages sent over a network interface, including errors and discards
netstat -s
Displays statistics about each message transmitted by a host, separated according to protocol type (TCP, UDP, IP, or ICMP)
netstat -r
Displays routing table information
netstat -o
Lists the PID (process identifier) for each process using a connection and information about the connection
netstat -b
Lists the name of each process using a connection and information about that connection
pathping -n google.com
Instructs the command to not resolve IP addresses to host names
pathping -h 12 google.com
Specifies the maximum number of hops these messages should take when attempting to reach a host
pathping -p 2000 google.com
Identifies the wait time between pings
pathping -q 4 google.com
Limits the number of queries per hop; must be followed by a variable to indicate the number of queries allowed
tcpdump not port 22 or
tcpdump no port 23
Filters out SSH or Telnet packets, which is helpful when running tcpdump on a remotely access network device
tcpdump -n
Instructs the command to not resolve IP addresses to host names
tcpdump –c 50
Limits the number of captured packets to 50
tcpdump -i any
Listens to all network interfaces on a device
tcpdump -D
Lists all interfaces available for capture
tcpdump port http
Filters out all traffic except HTTP
tcpdump -w capture.cap
Saves the file output to a file named capture.cap
tcpdump -r capture.cap
Reads the file capture.cap and outputs the data in the terminal window
Unused physical and virtual ports on switches and other network devices should be disabled
Use the shutdown command on Cisco, Huawei, and Arista routers and switches; Use the no shutdown command to enable them again
Another Cisco command (also used on Arista devices) to secure switch access ports
Switchport port-security (or just port-security on Huawei switches); Essentially a MAC filtering functions that also protects against MAC flooding
Switchport security on a Juniper switch
The mac-limit command restricts the number of MAC addresses allowed in the MAC address table; Allowed MAC addresses are configured with the allowed-mac command
Newer versions of Linux
/var/log/messages
Older versions of UNIX
/var/log/syslog
Solaris versions of UNIX
var/adm/messages
