Rectangle 27 3

Setting up password-free authenticaton

To set up password-free authentication start by generating a pair of keys:

$ ssh-keygen

Then:

$ ssh-copy-id -i root@ip_address

This copies the public key into the authorized_hosts of the other machine. It will ask for the password of the host system.

Now, enter the remote system directly with:

$ ssh root@ip_address


Note Linux networking authentication
Rectangle 27 2

Getting the connection speed from the terminal

To get your internet speed from the terminal there is a tool called speedtest-cli and we can set it up as below:

$ pip install speedtest-cli

We should get something like this:

$ ./speedtest-cli
Retrieving speedtest.net configuration...
Retrieving speedtest.net server list...
Testing from Comcast Cable (x.x.x.x)...
Selecting best server based on ping...
Hosted by xxx [12.03 km]: 44.028 ms
Testing download speed....................
Download: 32.29 Mbit/s
Testing upload speed....................
Upload: 5.18 Mbit/s

Note Linux connection speed test
Rectangle 27 2

Bandwidth monitoring tools

Here are some tools provided by the Ubuntu repos for network monitoring:

iftop - display bandwidth usage on an interface by host.

bmon -  portable bandwidth monitor and rate estimator, shows multiple interfaces at once.

slurm - network load monitor equipped with colored graphs.

tcptrack - reveals how much bandwidth is being used by what protocol (service/port), and destination the transmission is taking place to.

Each can be used for Specific monitoring or basic statistics.

Note Linux monitoring tools
Rectangle 27 2

Use tcpdump to listen to network interface traffic.

tcpdump is a useful utility to print out descriptions of contents of packets flowing through network interface card which match a given boolean expression.

sudo tcpdump -i wlan -v 'tcp port 80' 

The -i specifies the interface to listen on. The -v option specifies verbosity of packet information such as time to live, identification, total length and options in ip packet. The expression specifies a pcap-filter used to decide which packets to print. Here we listen for tcp traffic with either source or destination port set to 80.

See man pcap-filter for details on filters.

Note Linux network monitoring tcpdump
Rectangle 27 1

What is IPTables?

IPTables is the firewall solution that ships with the linux kernel.

List current rules:

iptables -L -n

List natting rules:

iptables -l -n -t nat

Block traffic from a specific IP:

iptables -I INPUT -s 10.10.10.10 -j DROP

Allow traffic to a specific IP:

iptables -I INPUT -s 10.10.10.10 -j ACCEPT

Allow traffic to a specific port:

iptables -I INPUT -p -tcp -m tcp --dport 31415 -j ACCEPT 

The difference between the -I and -A flag is that the -I inserts a specific rule at the beginning of the chain as opposed to the -A flag that appends.


Note Linux iptables Must Know
Rectangle 27 1

Limit the wget download rate

You can limit the download rate of the wget command to avoid band saturation.

wget --limit-rate 128k http://server.com/file

--limit-rate enables this, and should be followed by the rate limit plus k for kbit or m for mbit.

Note Linux wget limit
Rectangle 27 1

List your IPv6 configuration

To see the IPv6 configuration on a linux server using the ip tool:

ip -6 addr show dev <interface>
ip -6 addr show dev eth0

Or, using the ifconfig tool:
ifconfig <interface> | grep "inet6"
ifconfig eth0 | grep "inet6"
Note Linux ipv6 how to
Rectangle 27 0

Find the services running on your host

We can get a detailed information of the services that are running on our host by issuing:

$ netstat -tulpn

This gives us the service list specified by the port they're using (tcp or udp) and also the process that is using that specific port:

$ netstat -tulpn
Active Internet connections (only servers)

Proto tcp

Recv-Q 0

Send-Q 0

Local Address 0.0.0.0:22

Foreign Address 0.0.0.0:*

State LISTEN

PID/Program name 1157/sshd

Note Linux netstat how to