This module covers how to manage network settings in a Linux environment. The management of IP addresses using the ip command-line tool in Linux can vary slightly depending on the system and distribution.
IP Address Management
Check Attached Network Interfaces
ip link show
or you can also check the ip address like this
ip addr or ip aThis command shows all network interfaces, such as wireless and wired interfaces. For example, if a laptop has a Wi-Fi card and an Ethernet port, they would appear as these types of interfaces.
Determining the IP address
ip addr add new_ip/network_mask dev interfaceReplace new_ip with the new static IP address, verkon_maski with the network mask, and rajapinta with the name of the interface.
Remove IP Address
sudo ip addr del old_ip/network_payment network dev interfaceYou can use this command to remove an IP address.
Remove / Enable Interface
This command shuts down (disables) a specific interface.
sudo ip link set dev eth0 downThis command starts (enables) a previously disabled interface.
sudo ip link set dev eth0 upDefine to use DHCP
sudo dhclient interfaceThis command initiates a DHCP request on the selected interface
However, these changes will only be effective until the system is restarted. If you want to make the changes permanent, you can edit network configuration files such as /etc/network/interfaces or use NetworkManager (nmcli or a graphical interface) to make long-term changes.
Routing table
Using the IP Route Command
The ip route command in Linux is used to display or modify the routing table. This command provides information on how the network is connected to different network adapters and routers.
The command can be used as follows:
ip route showThis displays the entire IP routing table.
Below is an explanation of the printed image:
- default: This means the default route that is used when there is no information about any other defined routes. It is usually designated for all traffic that does not match any other specific route.
- via 10.42.28.4: This indicates the address of the next hop or router that the route follows. All traffic that is not directly connected to this device (i.e., local network traffic) is directed through this address.
- dev eth0: This specifies which network adapter (in this case eth0) the traffic is sent or received on. eth0 is a common name for Ethernet network adapters.
- mtu 1400: This indicates the maximum packet size (Maximum Transmission Unit) for this route. MTU specifies the largest allowed size of a data packet that can be sent along this route without being fragmented into smaller parts. In this case, the maximum size is set to 1400 bytes.
In summary, this route means that all traffic that is not directly connected to this device (default) is routed through the network adapter eth0 to the router address 10.42.28.4, and the maximum size of data packets for this route is limited to 1400 bytes.
You can also use ip route add, ip route delete and other similar commands for adding, deleting or modifying routes.
ARP
ARP (Address Resolution Protocol) is a protocol that maps IP addresses to physical MAC addresses on a network. In a Linux environment, ARP can be managed in various ways, and here are some key tools and methods:
ARP command usage
You can inspect and manipulate the ARP table using the arp command. This command displays the current ARP table:
arp - nYou can also remove entries from the ARP table if necessary:
sudo arp -d <IP address>ARP management using the ip command
With the 'ip' command, you can view ARP records and make changes.
ip neighbor showYou can delete records using the following command:
sudo ip neigh delete <IP address>Using the arping tool
The arping tool allows you to send ARP queries to specific addresses and check if they are alive. Install arping if necessary through the package management system.
sudo arping -c 3 <IP address>Exercise
Answer the questions below.
You are assigned to fix the following network that supposedly isn't working. Choose the command that solves this problem.
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host proto kernel_lo
valid_lft forever preferred_lft forever
2901: eth0@if2902: <BROADCAST,MULTICAST,DOWN,LOWER_UP> mtu 1450 qdisc noqueue state DOWN group default qlen 1000
link/ether 22:b0:b4:b1:65:52 brd ff:ff:ff:ff:ff:ff link-netnsid 0
inet 10.42.28.181/32 scope global eth0
valid_lft forever preferred_lft forever
inet6 fe80::20b0:b4ff:feb1:6552/64 scope link proto kernel_ll
valid_lft forever preferred_lft foreverChoose the right one
Which of the commands is correct when you want to set the IP address 10.0.0.2 and netmask 255.255.255.0 for interface eth0?
Ready to become an ethical hacker?
Start today.
As a member of Hakatemia you get unlimited access to Hakatemia modules, exercises and tools, and you get access to the Hakatemia Discord channel where you can ask for help from both instructors and other Hakatemia members.