host is a simple tool for looking up DNS records. Usage: host [-aCdlriTwv] [-c class] [-N ndots] [-t type] [-W time] [-R number] [-m flag] hostname [server] host -t ns domain.com - get nameservers host -t mx domain.com - get mx records host www.domain.com - get IP address Continue Reading

To analyse a capture file tcpdump -r capture_file.pcap general monitoring -i any = listen on any interface -i eth0 = listen on eth0 interface -n = do not resolve hostnames -q = quiet (less verbose) -t = timestamp -tttt = maximally readable timestamp -v,vv,vvv = verbosity -A = display in ASCII -X = display in Hex -w = write to file -r = read a capture file tcp = capture TCP only (tcpdump -i eth0 tcp) filter for source destination IP tcpdump -n src host 192.168.3.45 -r dumpfile.pcap tcpdump -n dst host 192.168.3.45 -r dumpfile.pcap filter for port number tcpdump Continue Reading

awk is a pattern scanning and processing language. However it can be used more simply as a command line filter that operates at the field level rather than the line level like grep does. A typical awk statement: awk -F: '{print $3}' This is in two sections. The first is awk -F: which means use a colon as the field separator if you used -F" ", that would mean use a space as the field separator The second part is: '{print $3}' This is saying to print the 3rd field as defined by the field seperator by -F For example, the passwd file gives us entries such as this Continue Reading

netcat Netcat is a tool that reads or writes to/from TCP and UDP network sockets. It can act as a client or server or scanner. The simplest possible use is: As a network client nc 10.0.0.1 25  - netcat will attempt to connect (as a client by default) to port 25 (using TCP by default) on that IP address. It accepts a number of options: -v = verbose - give more information -vv = very verbose -n = no DNS lookup As a listener nc -nlvp 5555 - will bind to local port 5555 and listen for incoming connections -l = listen mode -p = port number You can then use another instance Continue Reading