List All MACs on the Local Network
Per the manpage:
The
arptool manipulates or displays the kernel’s IPv4 network neighbor cache. It can add entries to the table, delete one or display the current content. ARP stands for Address Resolution Protocol, which is used to find the media access control address of a network neighbor for a given IPv4 Address.
You can use the arp command to list all of the devices
on the local network. It is often useful to find the identities of
hidden devices on your network. For example, if you just
plugged a Raspberry Pi into your local network and need to find its IP
address in order to connect to it via SSH.
# arp -i eth0 -a
? (192.168.1.90) at 42:b9:72:xx:xx:x0 [ether] on eth0
? (192.168.1.70) at 54:04:a6:xx:xx:xd [ether] on eth0
Fios_Quantum_Gateway.fios-router.home (192.168.1.1) at 20:c0:47:xx:xx:x1 [ether] on eth0
? (192.168.1.99) at 34:64:a9:xx:xx:xd [ether] on eth0
? (192.168.1.60) at dc:a6:32:xx:xx:x3 [ether] on eth0
(I’ve masked some of the fields above)
Tags: cli, arp, networking, motd
Netstat
My most frequently used netstat command with parameters
for checking port (active internet) connections is:
$ netstat -tulpn
You can also pipe the output to grep to filter for
specific ports or addresses.
Here is a brief listing of some of the many options:
$ netstat [options]
| Option | Action |
|---|---|
| -a | Display the state of all sockets, not just the active. |
| -c | Continuously display information, updating every second. |
| -i | Include network device statistics. |
| -n | Display all network addresses as numbers. |
| -o | Display additional information. |
| -r | Display routing tables. |
| -t | Display only the TCP sockets. |
| -u | Display only the UDP sockets. |
| -v | Print the netstat version number and exit. |
| -w | List only the raw sockets. |
| -x | Display only the Unix sockets. |
Tags: cli, networking, netstat, motd
Find the IP Addresses of KVM Virtual Machines (Command Line)
To find details about the virtual network you can use these commands:
root@slacker:~# virsh net-list
Name State Autostart Persistent
--------------------------------------------
default active yes yes
root@slacker:~# virsh net-info default
Name: default
UUID: 14a90f27-9a85-42ca-b434-6ce6c142690c
Active: yes
Persistent: yes
Autostart: yes
Bridge: virbr0
root@slacker:~# virsh net-dhcp-leases default
Expiry Time MAC address Protocol IP address Hostname Client ID or DUID
------------------------------------------------------------------------------------------------------------
2023-07-22 16:18:45 52:54:00:dd:7b:62 ipv4 192.168.122.216/24 centos7-bbk -
You will find the IP address and hostname listed in the last command’s output.
Optionally, to find the network interfaces’s addresses for a running domain called centos7-bbk:
root@slacker:~# virsh list
Id Name State
-----------------------------
3 centos7-bbk running
root@slacker:~# virsh domifaddr centos7-bbk
Name MAC address Protocol Address
-------------------------------------------------------------------------------
vnet2 52:54:00:dd:7b:62 ipv4 192.168.122.216/24
root@slacker:~#
Tags: cli, kvm, virsh, networking, motd
List TCP Connections Sorted By Host and Most Connections
Assuming your system still has netstat installed (Slackware 15.0 does :^), you can summarize the TCP connections on you host using the following command:
$ netstat -ntu|awk '{print $5}'|cut -d: -f1 -s|sort|uniq -c|sort -nk1 -r
3 52.50.230.xxx
3 104.18.27.xxx
3 104.18.26.xxx
2 205.166.94.xx
2 192.168.1.xx
2 142.251.40.xxx
2 104.18.13.xx
1 74.120.9.xxx
1 66.255.245.xxx
1 54.154.65.xxx
1 52.96.182.xxx
1 45.56.116.xxx
1 45.33.73.xxx
1 34.117.65.xx
1 20.190.135.xx
1 192.168.122.xxx
1 192.168.1.xx
1 172.253.63.xxx
1 162.159.61.x
1 162.125.21.x
1 142.251.40.xxx
1 142.251.32.xxx
1 142.251.16.xxx
1 127.0.0.x
Tags: cli, networking, netstat, motd
Test If a Port is Open with Bash
If netcat isn’t available on your machine and you don’t have the priviledge to install it you can use this trick to test if a port is open or not. It will throw a connection refused message if a port is closed.
$ : </dev/tcp/127.0.0.1/80
And you can use it in a script like this:
(: </dev/tcp/127.0.0.1/80) &>/dev/null && echo "OPEN" || echo "CLOSED"
Tags: cli, networking, bash, motd
Recover Your Wi-Fi Password from Windows CLI
In case you misplaced your wi-fi password you can recover it very easily using 2 commands on Windoze:
Open the Terminal or PowerShell
PS C:\Users\user> netsh wlan show profile
The output will be similar to this. You need to obtain the User Profile of the connection that you’re interested in:
Profiles on interface Wi-Fi:
Group policy profiles (read only)
---------------------------------
<None>
User profiles
-------------
All User Profile : ROUTER21
All User Profile : 4YWD8-5G
All User Profile : 4YWD8
OK, so we know we have 3 profiles. Run the next command with the profile you’re interested in:
PS C:\Users\user> netsh wlan show profile name="ROUTER21" key=clear
You’ll get a bunch of output, but what you’re interested in is the field named Key Content in the Security settings section which holds the wi-fi password in cleartext:
Profile ROUTER21 on interface Wi-Fi:
:
blah blah blah
:
Connectivity settings
---------------------
Number of SSIDs : 1
SSID name : "ROUTER21"
Network type : Infrastructure
Radio type : [ Any Radio Type ]
Vendor extension : Not present
Security settings
-----------------
Authentication : WPA2-Personal
Cipher : CCMP
Authentication : WPA2-Personal
Cipher : GCMP
Security key : Present
Key Content : mywifitpassword
:
blah blah blah
:
:
Tags: cli, wi-fi, networking, motd