Basics of Network Mapping and Useful Networking Tools.

[Legion]

The Basics of Network Mapping and Useful Networking Tools. (Postponed due to Family Reasons.)

A tool list compiled by me Legion and members of the Linus Tech Tips Community for the benefit of people who wish to learn more about networks

This isn’t a comprehensive guide on how to completely lock down your network. If you want the quickest way to be secure on your PC disconnect it from the internet.

 

Contents

CMD Based tools – These are collection of tools found on Windows PC’s every user should know about them.

Ping

IPCONFIG

Tracert

Netstat

nMap/ZenMap

Wireshark

MetaSploit. = Not done

Putty= Not done

VirusTotal=Not done

Autopsy=Not done (useful tool not really for networking so will most likely be last.)

 

CMD Based tools – These are collection of tools found on Windows PC’s every user should know about them.

How to open CMD

Win + R and type CMD or search

Ping

That’s right this little thing you have most likely seen a ping count in games. This is the measure of latency between an echo / response. It is a great utility for beginners and professionals alike.

Using the Information displayed you can measure if you are having packet loss or jitter.

IPCONFIG

The very first steps in mapping your network. You should know what interfaces are on your PC and which IP they use. Private networks tend to have long lease times so these addresses should not change frequently. Take note of mac/physical addresses as these will be great for setting up whitelists and for identifying connections on your network.

Mac Addresses are broken down as the first 3 bytes identify the organisation and the last 3 bytes for the individual card.

 

IP/Subnet/Gateway Explained (rather boring and needs to be written better)

IP Address

IP Address is the identifier of our machine on at the IP layer.

192.169.1.32 is the address assigned to the pc above.

Subnet Masks

A subnet mask determines how many hosts a network can support.

255.255.255.0 = 11111111. 11111111.11111111.00000000 in Binary

These octets are also written in short hand.

/24  11111111.11111111.11111111.00000000 = 256 addresses

/23  11111111.11111111.11111110.00000000 = 512 addresses

/25  11111111.11111111.11111111.10000000 = 128 addresses

(in reality You will lose two addresses for a network and broadcast address. So /24 would actually result in 254 useable addresses.)

Basically the more zero’s the more hosts.

Gateway

Default Gateway is the exit point for your network.

In this case it means 192.168.1.254 is the router. All traffic going outside our network will pass through it.

Tracert

A useful tool for examing the route your traffic is taking and how many hops between you and a server. 

Netstat

This tool lists all active ports on a PC along with various other information

 

All these command line tools have various modifiers for instance ping 192.168.1.254 –t will create a never ending ping command which usually ends after 4 pings.

 

nMap/ZenMap

Now we can see what ports are open what machine addresses we expect to see on our network it is time to map our network.

nMap is an old tool but it is excellent for free software. It is an expansive tool set but for the minute I will just show you how to create a topology diagram of your network

 

under target type nmap –sS –O network address/subnet mask.

Our network had a subnet mask of 255.255.255.0 and the first usuable address would be 192.168.1.1  This command will go through the range of addresses on our network and display the results.

We can display the results in a topology diagram and see a graphical representation of our network. We can use this information to match what addresses we already knew on our network and discover any devices that shouldn’t be there.

 

Wireshark

Wireshark is a utility for capturing packets and has a wide range of uses.The following is an example of a bittorrent transmission

To take your own captures

 

MetaSploit.

 

Putty

 

VirusTotal

Kismet/KisMac

inSSIDer

 

Autopsy

 

I will add more over time and clean up the thread as no doubt I could explain things clearer but I'm exhausted and if I don't start this I'll never finish

I'm hoping to compile a list of networking programs from various users that will help beginners or novices get an idea on just what they can do with a networking software. So recommendations would be appreciated.

Will update with links for downloads tomorrow ^^

[DigitalHermit]

I'm going to bookmark this for future reference...

 

Also, @Legion, willl you add Linux terminal commands for mac/Linux users?

[Legion]

I'm going to bookmark this for future reference...

 

Also, @Legion, willl you add Linux terminal commands for mac/Linux users?

 

I will reinstall mint. I can add them but I like to take screenshots for people to see what they should be looking for. But I'll add them . Although if someone with access to terminal can take the screens needed I'll add them either.

[Legion]

Kali Linux would be easier for network auditing. 

 

I guess I'll go get the iso I've a limited experience with in though.

[DigitalHermit]

I will reinstall mint. I can add them but I like to take screenshots for people to see what they should be looking for. But I'll add them . Although if someone with access to terminal can take the screens needed I'll add them either.

 

I'll see what I can do, but I'm not too sure about how well I can do it... It's mostly the same (manual pages excluded)...

 

P.S.

I'm part of a volunteer group that maintains a part of the network in my university and we just got things up and running (from the neglected wreck that it was)... These tools would help our group greatly...

[Legion]

 (from the neglected wreck that it was)...

 

Sounds like my old office

[DigitalHermit]

Sounds like my old office

 

At least you're getting paid for the job... All I get is OJT credits and some pizza (the main reason why I don't complain)...

[KTFO|SGTmoody]

I have some videos on how to do stuff like this somewhere on one of my many HDD's

If i uploaded them somewhere would they be useful for this?

[skywake]

List needs to include iperf for all the WiFi/Powerline speed testing stuffs

[Legion]

I have some videos on how to do stuff like this somewhere on one of my many HDD's

If i uploaded them somewhere would they be useful for this?

 

Anything to help would be great. I just want to compile a list for beginners everything is welcome