What is Kali Linux?
An operating system meant to handle penetration testing and auditing
ICMP
Internet Control Message Protocol is a network layer protocol mostly dedicated to diagnose communication issues
TCP
Transmission Control Protocol
is a fundamental transport layer protocol meant to reliably control the delivery of data packets.
DNS
Domain Name System is the phone book that translates web addresses into IP addresses
UDP
User Datagram Protocol is a fast paced transport layer protocol designed to prioritize speed over consistency.
MAC
Media Access Control address is a unique hardware identification for a NIC
NIC
Network Interface Controller
Is a hardware component that connects a computer to a network
DHCP
Dynamic Host Configuration Protocol is a network management, application layer protocol that assigns IPs, Subnet masks, DNSs, and default gateways.
Ping Syntax
Windows: ping [ip address]
Linux: ping -t (seconds) [ip address]
Localhost
Your own machine’s hostname or url that maps the DNS to an ip address
Ping uses
Ensure a network is active
Ensure IPS’s, firewalls, and routers block ICMP traffic
Ipconfig Syntax
Window: ipconfig [/options]
Linux: ipconfig [-opt]
Ipconfig options for Windows & Linux
/displaydns - show contents of a dns cache
/flushdns - erase contents of a dns cache
Ipconfig options for Linux
eth[n] - shows the configuration of the nth NIC on a Linux system
eth[n] (-)promisc - enables (or disables) the nth NIC to process all traffic it receives
eth[n] (-)allmulti - enables (or disables) multicast mode allowing NIC to process all multicast traffic
Netstat
Allows you to view stats for traffic going through a system
Ipconfig uses
Shows the TCP/IP configuration of a whole system. This includes the IP, subnet mask, default gateway, MAC address and DNS server address
Netstat Syntax
netstat (-opts) - displays a listing of all open connections
(-a) - includes UDP ports
(-r) - displays routing table
(-e) - displays details such as bytes
(-s) - displays stats of packets
(-n) - displays addresses and port numbers in numerical order
(-p) - displays stats of protocols
Netstat connection states
ESTABLISHED - data transfer phase
LISTEN - waiting for connection request
CLOSE_WAIT - waiting to terminate connection
TIME_WAIT - waiting for response to affirm connection
SYN_SENT - sent TCP-SYN packet waiting for TCP-ACK
SYN_RECIEVED - sent TCP-SYN-ACK waiting to affirm connection
Tracert use
Lists the routers between two systems by identifying the ip addresses, hostnames and rtt in each hop.
RTT
Round-Trip Time or time taken for a package to go to point A and back.
Tracert syntax
Windows: tracert [dns]
Linux: traceroute [dns]
Both: “… -d [dns]” forces not to resolve IPs to hostnames
ARP
Address Resolution Protocol is a Data Link layer protocol that maps MAC addresses to IP addresses
