# NETWORKING ## WiFi Use WiFi without a separate network manager with this simple guide. Needs "_dhcpcd_" or "_dhcpclient_", "_net-tools_" or "_iproute2_", "_wpa\_supplicant_", and the WiFi drivers for your wireless card (like "_iwlwifi_" and its "_ucode_"), which in part can be installed from a package usually named "_linux-firmware_", but they may not be complete (this provides "_ucode_" but not "_iwlwifi_"). __NOTE__: The "__" can be either "_wlp3s0_" or "_wlan0_". Change accordingly the following commands to suit your needs. * Create the configuration file (as "_root_", not "_sudo_"): `wpa_passphrase > /etc/wpa_supplicant.conf` * Delete non hashed password from "_/etc/wpa_supplicant.conf_", but not the hashed one. Each time you need to connect type the following command (as "_root_" or with "_sudo_"): * __EXAMPLE 1__: With "_net-tools_" and "_dhcpcd_": ``` ifconfig down ifconfig up wpa_supplicant -B -i -c /etc/wpa_supplicant.conf -Dwext dhcpcd ``` * __EXAMPLE 2__: With "_iproute2_" and "_dhclient_": ``` ip link set down ip link set up wpa_supplicant -B -i -c /etc/wpa_supplicant.conf -Dwext dhclient ``` You can save either example in a script to activate the Wi-Fi whenever you want. * Note: As an educational tip, the name of a network is also called "_SSID_" in other places. ## Next ### ufw `sudo ufw status` `sudo ufw enable` `sudo ufw disable` `sudo ufw default deny` `sudo ufw default allow` `sudo ufw allow PORT_NUMBER` * delete a rule `sudo ufw delete allow PORT_NUMBER` * allow everything for a specific address `sudo ufw allow from IP_ADDRESS` * allow a specific port for a specific address `sudo ufw allow from IP_ADDRESS to any port PORT_NUMBER` ### tcpdump * dump all `sudo tcpdump` * dump 5 packets `sudo tcpdump -c 5` * dump in ASCii format `sudo tcpdump -A` * dump in hexadecimal format `sudo tcpdump -xx` * dump from an specific interface `sudo tcpdump -i INTERFACE_NAME` * dump from a specific port `sudo tcpdump port PORT_NUMBER` * dump 5 packets in hexadecimal from an specific interface and a specific port `sudo tcpdump -c 5 -xx -i INTERFACE port PORT_NUMBER` ### netstat * show routing table, including gateway `netstat -nr` * show all ports `netstat -tulpn` * show network usage of devices `netstat -i` * show active connections `netstat -ta` * show active connections, but show ip addresses instead `netstat -tan` ### traceroute * show which route your connection takes between your computer to the destination `traceroute WEBNAME_OR_IP` ### nmap * scan a specific ip address (including devices) `nmap IP_NUMBER` * scan a specific website `nmap WEBSITE_NAME` * scan a specific ip address (including devices) with more information `nmap -v IP_NUMBER` * scan two ip address (including devices), 192.168.0.1 and 192.168.0.54 `nmap 192.168.0.1,54` * scan a range of ip address (including devices), from 192.168.0.1 to 192.168.0.100 `nmap 192.168.0.1-100` * scan all ip address (including devices) from network 192.168.0.0 `nmap 192.168.0.*` * scan address from a file `nmap -il ` * scan address and identify OS and running services `nmap -A IP_NUMBER` * check if target is up `nmap -sP IP_NUMBER` * check reason for services states `nmap --reason IP_NUMBER` * show host interfaces `nmap --iflist IP_NUMBER` ### SSH * login to remote host `ssh ADDRESS` * login to remote host as user USER `ssh USER@ADDRESS` * set ssh server configuration in /etc/ssh/sshd_config ``` Port 22 # default port PermitRootLogin without-password # change "without-password" to "no" AllowUsers USER_NAME # by allowing a specific user it restricts the others ``` * restart "ssh" service to activate changes ## /etc/network/interfaces ``` # use last 8 octets for hosts 255.255.255.0 ```