{"id":9692,"date":"2025-02-25T01:05:00","date_gmt":"2025-02-25T06:05:00","guid":{"rendered":"https:\/\/www.both.org\/?p=9692"},"modified":"2025-02-21T08:34:44","modified_gmt":"2025-02-21T13:34:44","slug":"linux-tools-for-network-administrators","status":"publish","type":"post","link":"https:\/\/www.both.org\/?p=9692","title":{"rendered":"Linux tools for network administrators"},"content":{"rendered":"
\r\n
\r\n \r\n <\/i>\r\n <\/a>\r\n <\/span>\r\n<\/div><\/div>\n


My initial reaction to Linux was that I did not fully understand its range of tools. At that time, I was the technology director for a small K-12 public school district with limited resources but a growing number of classrooms, learning labs, and administrative offices. I came from a social science background, and although I was willing to learn, I was acutely aware of how little I knew. It did not take too long to understand what powerful tools enabled me to discover our network and learn the intricacies of TCP\/IP.<\/p>\n\n\n\n

Here\u2019s a list of ten tools that became a significant part of my repertoire. I used them to teach others about network computing and the power of Linux.<\/p>\n\n\n\n

The ping<\/strong> command is one of the most frequently used by sysadmins. It utilizes ICMP packets to verify whether two machines are connected.<\/p>\n\n\n\n

$ ping 192.168.86.1\n<\/code><\/pre>\n\n\n\n
I learned that I could also ping<\/strong> a domain.<\/p>\n\n\n\n
$ ping donwatkins.info<\/pre>\n\n\n\n
The traceroute<\/strong> command displays the route from your current machine to the remote server\/system, showing each hop.<\/p>\n\n\n\n
$ traceroute donwatkins.info
<\/pre>\n\n\n\n
Traceroute can identify the network path, detect latency, locate network issues, and visualize network topology. Here is the result of the traceroute<\/strong> command:<\/p>\n\n\n\n
1   192.168.1.1  1.114ms  0.234ms  0.125ms \n2   67.252.48.1  21.260ms  12.357ms  20.123ms \n3   24.58.217.101  29.425ms  32.921ms  32.608ms \n4   24.58.38.176  10.866ms  11.450ms  10.017ms \n5   24.58.32.62  25.848ms  25.377ms  15.594ms \n6   66.109.6.2  24.275ms  *  30.399ms <\/code><\/pre>\n\n\n\n
The mtr<\/strong> command is a combination of ping<\/strong> and traceroute<\/strong>. It is used to track packet loss. MTR is a versatile and dynamic tool that provides sysadmins with valuable insights into network performance and helps them identify and resolve issues efficiently.<\/p>\n\n\n\n
$ mtr donwatkins.info<\/code><\/pre>\n\n\n\n
You can use the ifconfig<\/strong> tool to find your IP address<\/strong>. It provides TCP\/IP information for all your network addresses, including the loopback address.<\/p>\n\n\n\n
$ ifconfig <\/code><\/pre>\n\n\n\n
The netstat<\/strong> (network statistics) command-line tool provides detailed information about network connections, routing tables, interface statistics, masquerade connections, and multicast memberships on a system. If you want to see your system’s network activity, consider using the following command.<\/p>\n\n\n\n
$ netstat -a<\/code><\/pre>\n\n\n\n
If you are looking for DNS information, dig<\/strong> is the tool you should use. It is a flexible tool for interrogating DNS name servers. It performs DNS lookups and displays the answers returned from the name server(s) that were queried.<\/p>\n\n\n\n
$ dig donwatkins.info<\/code><\/pre>\n\n\n\n
One of my favorite tools for discovering what traffic is coming across my network is tcpdump. It<\/strong> is a powerful command-line packet analyzer used for network traffic monitoring and analysis. It captures and displays the packets being transmitted or received over your network. You need administrative privileges to run the command.<\/p>\n\n\n\n
$ sudo tcpdump <\/code><\/pre>\n\n\n\n
The whois command queries databases that store registered domain names and related information. This command is useful if you need information about a specific domain, such as its registrar.<\/p>\n\n\n\n
$ whois donwatkins.info<\/code><\/pre>\n\n\n\n
If you are looking for a powerful and versatile tool for network discovery and security auditing, then Nmap is for you. It can discover devices on a network, identify their IP addresses, and collect information about them, creating a detailed network inventory. Be sure to check the Nmap project website for excellent documentation<\/a> on its use. I use nmap<\/strong> to scan my router to see which ports are open. <\/p>\n\n\n\n
$ nmap 192.168.1.1<\/code><\/pre>\n\n\n\n
One of my favorite network monitoring tools is ntopng<\/strong>. It is a web-based application for monitoring network traffic released under the GPLv3 license. Ntopng<\/a> is the modern version of the original tool, ntop,<\/strong> created by Luca Deri<\/a> in 1998. It has been significantly improved in performance, usability, and features.<\/p>\n\n\n\n
I am a graphical learner, and Etherape helped me <\/a>visualize TCP\/IP traffic across our network. It is easy to install on .deb or .rpm-based systems.<\/p>\n\n\n\n
$ sudo apt install etherape\nor \n$ sudo dnf install etherape<\/code><\/pre>\n\n\n\n
Only an administrator can run Etherape, so you must add sudo to your command when executing it.<\/p>\n\n\n\n
$ sudo etherape<\/code><\/pre>\n\n\n\n
Be sure to consult the documentation and Linux manual pages for all these commands to explore all the different options open to you as a Linux system administrator.<\/p>\n","protected":false},"excerpt":{"rendered":"
My initial reaction to Linux was that I did not fully understand its range of tools. At that<\/p>\n","protected":false},"author":32,"featured_media":7668,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_lmt_disableupdate":"","_lmt_disable":"","footnotes":""},"categories":[5],"tags":[],"class_list":["post-9692","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-linux"],"modified_by":"David Both","_links":{"self":[{"href":"https:\/\/www.both.org\/index.php?rest_route=\/wp\/v2\/posts\/9692","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.both.org\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.both.org\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.both.org\/index.php?rest_route=\/wp\/v2\/users\/32"}],"replies":[{"embeddable":true,"href":"https:\/\/www.both.org\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=9692"}],"version-history":[{"count":10,"href":"https:\/\/www.both.org\/index.php?rest_route=\/wp\/v2\/posts\/9692\/revisions"}],"predecessor-version":[{"id":9704,"href":"https:\/\/www.both.org\/index.php?rest_route=\/wp\/v2\/posts\/9692\/revisions\/9704"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.both.org\/index.php?rest_route=\/wp\/v2\/media\/7668"}],"wp:attachment":[{"href":"https:\/\/www.both.org\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=9692"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.both.org\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=9692"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.both.org\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=9692"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}