Skip to content

Network

VBrazhnik edited this page Jun 29, 2018 · 8 revisions

01. Get the list of the network interfaces of the machine without displaying any detail for these interfaces. Only the list of names.

Answer

ifconfig -l

Explanation

man ifconfig:

The ifconfig utility is used to assign an address to a network interface and/or configure network interface parameters.

The -l flag may be used to list all available interfaces on the system, with no other additional information. Use of this flag is mutually exclusive with all other flags and commands, except for -d (only list interfaces that are down) and -u (only list interfaces that are up).

02. Identify the IP address of the Ethernet interface

Two character prefixes based on the type of interface:

Prefix Type of interface
en ethernet
sl serial line IP (slip)
wl wlan
ww wwan

Answer

ipconfig getifaddr en0

Explanation

man ipconfig:

getifaddr interface-name prints to standard output the IP address for the first network service associated with the given interface. The output will be empty if no service is currently configured or active on the interface.

Alternative answer

ifconfig en0 | grep 'inet ' | awk '{print $2}'

Explanation

ifconfig en0 displays information about en0 interface.

grep 'inet ' prints lines which contain 'inet '.

awk '{print $2}' prints only second column from the input field.

03. Identify the MAC address of the Bluetooth PAN.

PAN = Personal Area Network

Answer

networksetup -getmacaddress 'Bluetooth PAN' | awk '{print $3}'

Explanation

man networksetup:

-getmacaddress hardwareport displays ethernet (or Wi-Fi) address for hardwareport or device specified.

04. Identify the default gateway in the routing table

Answer

netstat -nr | grep default | awk '{print $2}'

Explanation

man netstat:

-n — Show network addresses as numbers (normally netstat interprets addresses and attempts to display them symbolically).

-r — Show the routing tables.

Format of network addresses is not important in current task. But netstat command works slowly without -n flag.

grep default prints lines which contain 'default'.

awk '{print $2}' prints only second column from the input field.

05. Identify the IP address of the DNS that responds to the following url: slash16.org.

Answer

nslookup slash16.org | grep 'Server' | awk '{print $2}'

Explanation

Result of execution command nslookup slash16.org:

Server:		10.51.1.253
Address:	10.51.1.253#53

Non-authoritative answer:
Name:	slash16.org
Address: 52.84.197.107
Name:	slash16.org
Address: 52.84.197.10
Name:	slash16.org
Address: 52.84.197.139
Name:	slash16.org
Address: 52.84.197.41

The first line contains the IP address of the DNS that responded.

We need to get IP address only, so we also use these commands:

grep 'Server' prints lines which contain 'Server'.

awk '{print $2}' prints only second column from the input field.

06. Get the complete path of the file that contains the IP address of the DNS server you’re using.

Answer

/etc/resolv.conf

Explanation

man resolv.conf:

resolv.conf — resolver configuration file.

The resolver is a set of routines in the C library that provide access to the Internet Domain Name System (DNS). The resolver configuration file contains information that is read by the resolver routines the first time they are invoked by a process. The file is designed to be human readable and contains a list of keywords with values that provide various types of resolver information.

07. Query an external DNS server on the slash16.org domain name (ie. : google 8.8.8.8).

Answer

nslookup slash16.org 8.8.8.8

Explanation

man nslookup:

host [server] — Look up information for host using the current default server or using server, if specified.

08. Find the provider of slash16.org.

Answer

At first we need to find out IP address of slash16.org.

host slash16.org or nslookup slash16.org can provide this information to us.

Result of execution host slash16.org:

slash16.org has address 52.84.197.10
slash16.org has address 52.84.197.41
slash16.org has address 52.84.197.107
slash16.org has address 52.84.197.139
slash16.org mail is handled by 1 aspmx.l.google.com.
slash16.org mail is handled by 10 alt4.aspmx.l.google.com.
slash16.org mail is handled by 5 alt1.aspmx.l.google.com.
slash16.org mail is handled by 10 alt3.aspmx.l.google.com.
slash16.org mail is handled by 5 alt2.aspmx.l.google.com.

Result of execution nslookup slash16.org:

Server:		10.51.1.253
Address:	10.51.1.253#53

Non-authoritative answer:
Name:	slash16.org
Address: 52.84.197.139
Name:	slash16.org
Address: 52.84.197.41
Name:	slash16.org
Address: 52.84.197.107
Name:	slash16.org
Address: 52.84.197.10

We can use whois 52.84.197.41 in Terminal to find out the provider by IP address.

And also we can use online service ipinfo.io in browser.

The provided information is the same – Provider: Amazon.

09. Find the external IP of 42.fr.

Answer

163.172.250.11
163.172.250.12
163.172.250.13

Explanation

nslookup 42.fr and host 42.fr can provide this information to us.

10. Identify the network devices between your computer and the slash16.org domain.

Answer

traceroute slash16.org

Explanation

man traceroute:

traceroute — print the route packets take to network host.

11. Use the output of the previous command to find the name and IP address of the device that makes the link between you (local network) and the outside world.

Answer

The name and IP address of the device is 178.214.196.33.

Explanation

Result of executions traceroute slash16.org:

traceroute: Warning: slash16.org has multiple addresses; using 52.84.197.139
traceroute to slash16.org (52.84.197.139), 64 hops max, 52 byte packets
 1  178.214.196.33 (178.214.196.33)  0.816 ms  0.707 ms  0.602 ms
 2  v34.sh2.kv.wnet.ua (217.20.183.34)  0.646 ms  0.595 ms  0.577 ms
 3  ae1.hostlviv.lv.wnet.ua (217.20.162.25)  17.163 ms  8.142 ms  7.237 ms
 4  amazon.plix.pl (195.182.218.5)  13.563 ms  14.080 ms  13.211 ms
 5  52.93.18.22 (52.93.18.22)  23.210 ms
    52.93.18.102 (52.93.18.102)  14.561 ms
    52.93.18.38 (52.93.18.38)  19.636 ms
 6  52.93.18.161 (52.93.18.161)  15.683 ms
    52.93.18.167 (52.93.18.167)  14.371 ms
    52.93.18.173 (52.93.18.173)  14.028 ms
 7  * * *
 8  * * *
 9  * * *
10  * * *
11  * * *
12  server-52-84-197-139.waw50.r.cloudfront.net (52.84.197.139)  13.353 ms  13.248 ms  14.632 ms

12. Check that the server with the 10.51.1.253 IP address is reachable from your computer.

Answer

ping 10.51.1.253

13. Figure out the server type.

Answer

It is DNS server.

Explanation

At the fifth question we found out that the IP address 10.51.1.253 point to DNS server.

Also the following entry in /etc/resolv.conf file can additionally proof this information:

nameserver 10.51.1.253

14. Use the Reverse DNS to find out the name of the server linked to the 10.51.1.81 IP address.

Answer

ldap-proxy.42.fr

Explanation

We can use host 10.51.1.81 to find out this information. Result of execution:

81.1.51.10.in-addr.arpa domain name pointer ldap-proxy.42.fr.

15. What file contains the local DNS entries?

Answer

/etc/hosts

16. Make the intra.42.fr address reroute to 46.19.122.85.

Answer

I need to add the following line to /etc/hosts file:

46.19.122.85 intra.42.fr