# NETWORKING ## WiFi Use WiFi without a separate network manager with this simple guide. Needs "_dhcpcd_" or "_dhcpclient_", "_net-tools_" or "_iproute2_", "_wpa\_supplicant_", and the WiFi drivers for your wireless card (like "_iwlwifi_" and its "_ucode_"), which in part can be installed from a package usually named "_linux-firmware_", but they may not be complete (this provides "_ucode_" but not "_iwlwifi_"). __NOTE__: The "__" can be either "_wlp3s0_" or "_wlan0_". Change accordingly the following commands to suit your needs. * Create the configuration file (as "_root_", not "_sudo_"): `wpa_passphrase > /etc/wpa_supplicant.conf` * Delete non hashed password from "_/etc/wpa_supplicant.conf_", but not the hashed one. Each time you need to connect type the following command (as "_root_" or with "_sudo_"): * __EXAMPLE 1__: With "_net-tools_" and "_dhcpcd_": ``` ifconfig down ifconfig up wpa_supplicant -B -i -c /etc/wpa_supplicant.conf -Dwext dhcpcd ``` * __EXAMPLE 2__: With "_iproute2_" and "_dhclient_": ``` ip link set down ip link set up wpa_supplicant -B -i -c /etc/wpa_supplicant.conf -Dwext dhclient ``` You can save either example in a script to activate the Wi-Fi whenever you want. * Note: As an educational tip, the name of a network is also called "_SSID_" in other places. ## Next ### using ufw sudo ufw status sudo ufw enable sudo ufw disable sudo ufw default deny sudo ufw default allow sudo ufw allow PORT_NUMBER * delete a rule sudo ufw delete allow PORT_NUMBER * allow everything for a specific address sudo ufw allow from IP_ADDRESS * allow a specific port for a specific address sudo ufw allow from IP_ADDRESS to any port PORT_NUMBER ### tcpdump * dump all sudo tcpdump * dump 5 packets sudo tcpdump -c 5 * dump in ASCii format sudo tcpdump -A * dump in hexadecimal format sudo tcpdump -xx * dump from an specific interface sudo tcpdump -i INTERFACE_NAME * dump from a specific port sudo tcpdump port PORT_NUMBER * dump 5 packets in hexadecimal from an specific interface and a specific port sudo tcpdump -c 5 -xx -i INTERFACE port PORT_NUMBER ### netstat * show routing table, including gateway netstat -nr * show all ports netstat -tulpn * show network usage of devices netstat -i * show active connections netstat -ta * show active connections, but show ip addresses instead netstat -tan ### traceroute * show which route your connection takes between your computer to the destination traceroute WEBNAME_OR_IP ### nmap * scan a specific ip address (including devices) nmap IP_NUMBER * scan a specific website nmap WEBSITE_NAME * scan a specific ip address (including devices) with more information nmap -v IP_NUMBER * scan two ip address (including devices), 192.168.0.1 and 192.168.0.54 nmap 192.168.0.1,54 * scan a range of ip address (including devices), from 192.168.0.1 to 192.168.0.100 nmap 192.168.0.1-100 * scan all ip address (including devices) from network 192.168.0.0 nmap 192.168.0.* * scan address from a file nmap -il FILE * scan address and identify OS and running services nmap -A IP_NUMBER * check if target is up nmap -sP IP_NUMBER * check reason for services states nmap --reason IP_NUMBER * show host interfaces nmap --iflist IP_NUMBER ### SSH * login to remote host ssh ADDRESS * login to remote host as user USER ssh USER@ADDRESS * set ssh server configuration in /etc/ssh/sshd_config Port 22 # default port PermitRootLogin without-password # change "without-password" to "no" AllowUsers USER_NAME # by allowing a specific user it restricts the others * restart "ssh" service to activate changes # use last 8 octets for hosts 255.255.255.0