EXP: Geekbuzz - Be a Network Spy : Top 5 Tools in the CLI | |
Geekbuzz - Be a Network Spy : Top 5 Tools in the CLI Want to know why your ping times suck in Battlefield 4? Be careful, you might actually enjoy learning how to troubleshoot your network in the command line. Monitor performance, bandwidth usage much more using simple code. | |
I feel like, again, the title promised more than the actual content provided. NMAP would be a top spy-tool I expected to see in a top-networking-tools list, a versatile portscanning-tool that actual hackers use to find a machine's weaknesses for an attack. | |
iftop looks handy. I'll give that a shot | |
ping: Some hosts turn off ICMP responses, since ping and friends can be used to mount cheap DoS attacks. So the lack of a ping response isn't clinching proof that a host is inaccessible. traceroute: Similar problem -- some hosts will discard packets whose TTL has dropped to zero, rather than returning an error to the originator. Also some hosts and/or routers in between don't want you to know how they're hooked together, so they'll nerf TTL errors as well. dig: RTFRFC. `dig` basically emits and receives DNS queries directly. If you don't know the DNS protocol or the database record structure it uses, there's a good chance you'll misinterpret the results. iftop: Huh, never heard of this one. Reminds me a bit of `iptraf`... whois: Not really all that useful for diagnosing network trouble. However, it can give you a rough idea of whose rogue network is sending you all those bruteforce SSH login attempts (*cough*hinet.net*cough*)... | |
^^ True, it's best practice to disable ICMP responses. Who is this video for? People who are comfortable with the command line already who already know about these very basic tools or raw notices that are too scared to even venture to the black-screen of doom. | |
Thanks for the well explained video! As a Windows user I knew already a lot of them or at least their Windows equivalents. There still seems to be a little gap in tools on Windows considering iftop. Or is it available for Windows with a different name? | |
Nixie mentioned Wireshark as a better tool for capturing network-traffic. Be aware though, that sniffing public wireless communications is a legally and morally gray area, if not entirely illegal in your country. Hacker-Ethic is the keyword here. | |
I know Wireshark already and it is illegal to use it in my country unless you have the permission of the network owner... Normally I prefer command line utilities if they are available, but Wireshark does a REALLY good job. | |
I found it quite useful, myself. I'm pretty comfortable with workaday UNIX commands, but very rarely venture into the world of networking. I knew ping was a thing, of course, and I was aware of traceroute and whois but didn't realize they were available as CLI utilities. iftop and dig were strictly new information. | |