Network Management

Network management in Linux is accomplished through commands and configuration files. There are many commands available for network configuration and troubleshooting. This section will teach you how to configure the network on a Linux operating system.

Note: This section applies to Debian and derivative distributions.

Network Interface Configuration

Many GNU/Linux system administrators still prefer the traditional ifconfig command to configure network interface cards (NIC). It is a traditional command used to configure and manage network interfaces in Linux and Unix-based operating systems. Preferred by system administrators and network professionals for many years, this tool has been used to perform various network configuration tasks such as assigning IP addresses, setting netmasks, and activating or deactivating network interfaces.

Listing Available Devices

When the ifconfig command is called without parameters, it lists the available network devices (NIC, Network Interface Controller).

root@hackerbox:~$ ifconfig
eth0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500        
    inet 172.20.1.109  netmask 255.255.255.0  broadcast 172.20.1.255        
    inet6 fe80::5054:ff:fe10:72c3  prefixlen 64  scopeid 0x20<link>       
    ether 52:54:00:10:72:c3  txqueuelen 1000  (Ethernet)        
    RX packets 4542  bytes 352144 (343.8 KiB)        
    RX errors 2  dropped 0  overruns 0  frame 2        
    TX packets 1475  bytes 6213607 (5.9 MiB)        
    TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0        
    device interrupt 11  memory 0xfc840000-fc860000  
lo: flags=73<UP,LOOPBACK,RUNNING>  mtu 65536        
    inet 127.0.0.1  netmask 255.0.0.0        
    inet6 ::1  prefixlen 128  scopeid 0x10<host>        
    loop  txqueuelen 1000  (Local Loopback)        
    RX packets 16  bytes 1888 (1.8 KiB)        
    RX errors 0  dropped 0  overruns 0  frame 0        
    TX packets 16  bytes 1888 (1.8 KiB)        
    TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

In the output above, there are 2 network interfaces.

eth0: This is the Ethernet card interface. The UP flag indicates it is active. The IP address is 172.20.1.109. The MAC address is 52:54:00:10:72:c3.

lo: This is the Loopback interface. It is a virtual interface created to allow local networking, pointing to the 127.0.0.1 IP address.

To view a specific interface, provide the interface name as a parameter:

root@hackerbox:~$ ifconfig 
eth0eth0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500        
    inet 172.20.1.109  netmask 255.255.255.0  broadcast 172.20.1.255        
    inet6 fe80::5054:ff:fe10:72c3  prefixlen 64  scopeid 0x20<link>        
    ether 52:54:00:10:72:c3  txqueuelen 1000  (Ethernet)        
    RX packets 531168  bytes 41026391 (39.1 MiB)        
    RX errors 2  dropped 0  overruns 0  frame 2        
    TX packets 4130  bytes 499172576 (476.0 MiB)        
    TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0        
    device interrupt 11  memory 0xfc840000-fc860000  

To view interfaces that are DOWN (i.e., inactive), use the -a parameter.

root@hackerbox:~$ ifconfig -a
eth0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500        
    inet 172.20.1.109  netmask 255.255.255.0  broadcast 172.20.1.255        
    inet6 fe80::5054:ff:fe10:72c3  prefixlen 64  scopeid 0x20<link>        
    ether 52:54:00:10:72:c3  txqueuelen 1000  (Ethernet)        
    RX packets 4542  bytes 352144 (343.8 KiB)        
    RX errors 2  dropped 0  overruns 0  frame 2        
    TX packets 1475  bytes 6213607 (5.9 MiB)        
    TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0        
    device interrupt 11  memory 0xfc840000-fc860000  
lo: flags=73<UP,LOOPBACK,RUNNING>  mtu 65536        
    inet 127.0.0.1  netmask 255.0.0.0        
    inet6 ::1  prefixlen 128  scopeid 0x10<host>        
    loop  txqueuelen 1000  (Local Loopback)        
    RX packets 16  bytes 1888 (1.8 KiB)        
    RX errors 0  dropped 0  overruns 0  frame 0        
    TX packets 16  bytes 1888 (1.8 KiB)        
    TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

Since we don't have any inactive network interfaces, the output of the ifconfig -a command remains the same as the previous one.

Activating and Deactivating Interfaces

To bring an interface (e.g., eth0) up, use the ifconfig command as follows:

root@hackerbox:~$ ifconfig eth0 up	

To take an interface down, use the following command:

root@hackerbox:~$ ifconfig eth0 down	

Note: Performing these actions on the interface connected to your internet may affect your internet connection.

Assigning an IP Address

To assign an IP address to a network interface or update an existing IP address using the ifconfig command, directly write the interface name and the desired IP address:

root@hackerbox:~$ ifconfig eth0 172.20.1.110	
root@hackerbox:~$ ifconfig -a
eth0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500        inet 172.20.1.110  netmask 255.255.255.0  broadcast 172.20.1.255        
    inet6 fe80::5054:ff:fe10:72c3  prefixlen 64  scopeid 0x20<link>        
    ether 52:54:00:10:72:c3  txqueuelen 1000  (Ethernet)        
    RX packets 4542  bytes 352144 (343.8 KiB)        
    RX errors 2  dropped 0  overruns 0  frame 2        
    TX packets 1475  bytes 6213607 (5.9 MiB)        
    TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0        
    device interrupt 11  memory 0xfc840000-fc860000  
lo: flags=73<UP,LOOPBACK,RUNNING>  mtu 65536        
    inet 127.0.0.1  netmask 255.0.0.0        
    inet6 ::1  prefixlen 128  scopeid 0x10<host>        
    loop  txqueuelen 1000  (Local Loopback)        
    RX packets 16  bytes 1888 (1.8 KiB)        
    RX errors 0  dropped 0  overruns 0  frame 0        
    TX packets 16  bytes 1888 (1.8 KiB)        
    TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

In the example above, the IP address of the eth0 interface was changed to 172.20.1.110.

Assigning a Netmask

To set the netmask of a network interface, use the following command:

root@hackerbox:~$ ifconfig eth0 netmask 255.255.255.0

Promiscuous Mode

If your Ethernet card supports it, you can enable promiscuous mode to process packets intended for other devices on the same network.

To enable promiscuous mode:

root@hackerbox:~$ ifconfig eth0 promisc

To disable promiscuous mode:

root@hackerbox:~$ ifconfig eth0 -promisc

Changing the MAC Address

You can change the MAC address of your device. Be aware that this might cause confusion in the network's ARP tables, so use it carefully.

root@hackerbox:~$ ifconfig eth0 hw ether AA:BB:CC:DD:EE:FF

DNS Settings

In Linux, DNS settings are located in the /etc/resolv.conf file. You can update the DNS settings within this file using a text editor like nano.

root@hackerbox:~$ nano /etc/resolv.conf

The file content will look something like this:

nameserver 172.20.1.1

You can add the DNS servers you want to use, line by line, in this format. For example, to use Cloudflare's DNS servers system-wide, update the file as shown:

nameserver 1.1.1.1nameserver 1.0.0.1

SSH (Secure Shell)

SSH is a protocol used to securely connect to another computer over a network and execute commands. SSH is widely used, especially for accessing and managing remote computers. The

sshcommand is used to create an SSH connection.

Installing and Starting the SSH Service

First, you may need to install the SSH service. On a Debian-based system, you can install the

openssh-serverpackage using the following command:

sudo apt-get update
sudo apt-get install openssh-server

Once the installation is complete, you can start the service:

sudo systemctl start ssh

To ensure the SSH service starts automatically when the system boots:

sudo systemctl enable ssh

Connecting to a Remote Server with SSH

You can use the ssh command to connect to a remote server:

ssh user@ip_address

For example, if your username is root and the server address is 192.168.1.100:

ssh root@192.168.1.100

After running this command, you will be prompted to enter the password of the remote server.

Creating an SSH Key Pair

In addition to password-based login, you can connect without a password (and more securely) by using an SSH key pair. You can create an SSH key by using the ssh-keygencommand:

ssh-keygen

After running this command, you will need to copy the generated public key to the remote server:

ssh-copy-id user@ip_address

For example:

ssh-copy-id root@192.168.1.100

Once this process is complete, you can connect using SSH without entering a password.

SSH Configuration File

The SSH configuration settings are usually found in the /etc/ssh/sshd_config file. Various SSH settings can be configured in this file, such as changing the SSH port or disabling root logins:

sudo nano /etc/ssh/sshd_config

In the file content, you can find and edit the Port setting to change the port number:

Port 2222

After making changes, you will need to restart the SSH service:

sudo systemctl restart ssh

In this section, we learned the basics of using SSH. Now, you can establish secure connections over the network and manage remote servers using SSH.

These changes have comprehensively updated your network management section.