Introduction to Unix and

Software Tools
[NCSC101]
Slides 3.2
Basic Networking Commands
(ping, telnet, ftp, sftp, ssh)

S AURA BH SRIVAS TAVA

A SS IS TANT PRO FESSOR
DE PARTME N T OF COMPU TE R S CIE N CE & E NG IN EE RIN G
IIT ( IS M) DHA NBA D
Elementary Networking Terminology (1/2)
Nodes / Hosts
◦ A node, often referred to as a host, is any device connected to a network
◦ The examples could be computers, printers, routers, or any other device capable of sending or receiving data

Localhost
◦ Localhost is a “self-referencing” synonym for a device in a networked environment
◦ For example, a program running locally on our machine may be described as “running on the localhost”

Ethernet
◦ Ethernet is a technology for networking devices that allows for the transmission of data over cables (wired)
◦ A device must have a specific hardware colloquially called “Ethernet port”, to be able to connect to the Ethernet

Wifi
◦ WiFi is a convenience name for a set of radio communication protocols that can be an alternative to Ethernet
◦ Typically, the communication speeds may be lower with WiFi protocols, as compared to a wired alternative

SAURABH SRIVASTAVA | DEPARTMENT OF COMPUTER SCIENCE & ENGINEERING | IIT (ISM) DHANBAD
Elementary Networking Terminology (2/2)
IP Address
◦ An Internet Protocol (IP) address is a unique string of numbers separated by periods (IPv4) or colons (IPv6)
◦ Each connected interface - WiFi or Ethernet - on the network must have a unique IP Address
◦ This address is the identification point for a host on a network (note that some hosts may have multiple identities)

MAC Address
◦ A Media Access Control (MAC) address is a hardware identification number for a communication interface
◦ It may be noted that while IP Addresses may (and usually frequently) change, MAC is supposed to be a constant

Port
◦ In networking, a port is a virtual data connection used by programs and services to exchange information
◦ They are represented as a combination of the IP Address of the respective host, and a unique, port number
◦ Different protocols and network applications simultaneously running on a host, require different port numbers
◦ Port numbers below 1024 are reserved for usage with different protocols; the rest may be used as required
◦ Such ports are called well-known ports or system ports (Example: 80 and 443 are used for HTTP and HTTPS)

SAURABH SRIVASTAVA | DEPARTMENT OF COMPUTER SCIENCE & ENGINEERING | IIT (ISM) DHANBAD
Using ping for checking Connection Speeds
The ping command is one of the first and most elementary commands in networking
◦ It is a diagnostic tool used to test the connectivity between two machines
◦ It uses the Internet Control Message Protocol (ICMP)
◦ It tests the connectivity between your machine (called “local-host”) and another machine (called “remote host”)

The ping command is based on a round-trip journey

◦ The ping command sends ICMP Echo Request packets to the target host
◦ It then waits for Echo Reply packets in response
◦ The time taken for the Echo Reply to come back is measured to give the round-trip time
◦ The higher the time, the poorer is the connection speed (it may be an oversimplification, but for now it is fine)

Syntax: ping [options] <destination>

◦ The destination can be an IP address or some domain (e.g., “google.com”)
◦ Example: ping google.com

SAURABH SRIVASTAVA | DEPARTMENT OF COMPUTER SCIENCE & ENGINEERING | IIT (ISM) DHANBAD
SAURABH SRIVASTAVA | DEPARTMENT OF COMPUTER SCIENCE & ENGINEERING | IIT (ISM) DHANBAD
The smaller the values in this column, the better is your connection
(apparently, I have a rather poor connection at this point)

SAURABH SRIVASTAVA | DEPARTMENT OF COMPUTER SCIENCE & ENGINEERING | IIT (ISM) DHANBAD
If a domain is not valid (we will discuss “domains” at depth in the
next lecture), ping will throw an error to let you know

SAURABH SRIVASTAVA | DEPARTMENT OF COMPUTER SCIENCE & ENGINEERING | IIT (ISM) DHANBAD
IP Addresses can be used in place of domains with ping

SAURABH SRIVASTAVA | DEPARTMENT OF COMPUTER SCIENCE & ENGINEERING | IIT (ISM) DHANBAD
A 100% packet loss usually means that the host is not “up” or is
refusing connections (acting like the villain of a James Bond movie :P)

SAURABH SRIVASTAVA | DEPARTMENT OF COMPUTER SCIENCE & ENGINEERING | IIT (ISM) DHANBAD
The telnet command (and protocol)
The ping command is usually used to check if a particular host is “up” or not
However, in many cases, a particular host may be willing to communicate over “certain ports only”
◦ For example, a server hosting a website, may only wish to communicate over port 80 and/or 443
◦ If an attempt is made to communicate with it over some other port number, it may not respond
◦ You may use telnet command (which uses the telnet protocol) for checking port connectivity on a remote host

Syntax: telnet <host> [port]

◦ The port number is optional; telnet does have a well-known port number – 23, which is the default value
◦ If the remote host supports the telnet protocol, it is like “logging into” the system and running commands
◦ However, the protocol transmits all information, including login credentials, in plaintext (unencrypted)
◦ It is thus, susceptible to an eavesdropping attack, performed by an adversary monitoring the network traffic

SAURABH SRIVASTAVA | DEPARTMENT OF COMPUTER SCIENCE & ENGINEERING | IIT (ISM) DHANBAD
Digression – The concept of Eavesdropping
In networking, eavesdropping refers to unauthorized interception of communication between two hosts
◦ An attacker listens in on data transmitted across the network without the consent of the communicating parties
◦ It is similar to someone overhearing a private conversation in a public space (thus is called, “eavesdropping”)

Some protocols send data over the network without encrypting them
◦ It is possible to collect this data by either tapping the communication line, or, by joining the network …
◦ … and analysing the data being transmitted on the network through packet-sniffing tools like Wireshark

It is, therefore, a better alternative to use protocols which encrypt data before sending it

SAURABH SRIVASTAVA | DEPARTMENT OF COMPUTER SCIENCE & ENGINEERING | IIT (ISM) DHANBAD
The telnet command (and protocol)
The ping command is usually used to check if a particular host is “up” or not
However, in many cases, a particular host may be willing to communicate over “certain ports only”
◦ For example, a server hosting a website, may only wish to communicate over port 80 and/or 443
◦ If an attempt is made to communicate with it over some other port number, it may not respond
◦ You may use telnet command (which uses the telnet protocol) for checking port connectivity on a remote host

Syntax: telnet <host> [port]

◦ The port number is optional; telnet does have a well-known port number – 23, which is the default value
◦ If the remote host supports the telnet protocol, it is like “logging into” the system and running commands
◦ However, the protocol transmits all information, including login credentials, in plaintext (unencrypted)
◦ It is thus, susceptible to an eavesdropping attack, performed by an adversary monitoring the network traffic

It is usually available on Windows machines as a command but is of theoretical interests for *nix users
◦ Usually, you will use ssh and nc (netcat) commands to do whatever telnet can do for you

SAURABH SRIVASTAVA | DEPARTMENT OF COMPUTER SCIENCE & ENGINEERING | IIT (ISM) DHANBAD
File Transfer with ftp and sftp (1/2)
Probably the most common form of data storage is in the forms of files
◦ There are two common protocols for transferring files between local and remote hosts

FTP (File Transfer Protocol)

◦ FTP is a standard network protocol used for the transfer of files over a network
◦ First, a communication session is established between the two hosts, and then other commands are issued
◦ Syntax for session creation: ftp <hostname or IP>

Common Commands after session establishment include:

◦ get <remote file>: To download a file from the remote host on to the local host
◦ put <local file>: To upload a file from the local host on to the remote host
◦ ls: Displays the files and sub-directories of the current directory on the remote host (similar to ls over bash)
◦ cd <directory path>: Changes the current directory on the remote host to the requested directory
◦ mget/mput <file pattern>: Multiple files version of get/put (e.g., mget *.txt)
◦ bye/exit: Closes the established session

SAURABH SRIVASTAVA | DEPARTMENT OF COMPUTER SCIENCE & ENGINEERING | IIT (ISM) DHANBAD
File Transfer with ftp and sftp (2/2)
While not yet completely obsolete, ftp is usually not a preferred option used for file transfer
◦ The major problem with ftp is the same as that with telnet – it transfers data in plaintext
◦ This includes the credentials, issued commands as well as the contents of the transferred files
◦ Similar to telnet, it is also susceptible to eavesdropping attacks

The modern version of ftp, used commonly in the *nix environment is sftp (secure ftp)
◦ The process of using sftp is identical to that for using ftp – establish a session and issue commands
◦ The common commands we saw for ftp (e.g., get, put, mget and mput) are also used with sftp
◦ The sftp command gels well with the ssh command (we will discuss it next)

Both ftp as well as sftp require that a specific process is executing on the remote host
◦ This process “listens” for connection requests on a specific port (typically executing on ports 20-22)
◦ On linux machines, a common package that you can install for enabling sftp is the openssh-server
◦ The same package can also enable communication through ssh as well

SAURABH SRIVASTAVA | DEPARTMENT OF COMPUTER SCIENCE & ENGINEERING | IIT (ISM) DHANBAD
Secure Remote Access with ssh
SSH (Secure Shell) is a cryptographic network protocol
◦ It is used for securely operating network services over an unsecured network
◦ It is primarily used for remote login to servers, providing strong authentication and encrypted communications
◦ It is the most widely practiced protocol for getting a shell-based access to a remote host
◦ The modalities are like what they are for ftp/sftp – establish a connection and issue commands as required

Basic Syntax: ssh [user@]<hostname or IP address>

◦ The user here refers to the user account on the remote host which will be used for authentication
◦ If you do not supply the user value, it will be defaulted to the current user on the local host
◦ After providing the password of the remote user account, the connection between the hosts is established
◦ You then get access to a shell session executing on the remote host, where you can issue any shell commands
◦ This is what you have been doing in your lab sessions through PuTTy

Both ssh and sftp can be configured to use a more secure approach using a Public-Private keypair
◦ But at this level, it is beyond our scope to discuss the same, so for now, you should use username/password

SAURABH SRIVASTAVA | DEPARTMENT OF COMPUTER SCIENCE & ENGINEERING | IIT (ISM) DHANBAD
The first time you use either ssh or sftp for a particular remote host, you may see a message like the
one shown above (we will not cover the details of this in the current course)

SAURABH SRIVASTAVA | DEPARTMENT OF COMPUTER SCIENCE & ENGINEERING | IIT (ISM) DHANBAD
As shown, since we did not provide a username, the currently logged in user on the local host – ubuntu – is
assumed as the host on the remote machine as well (there is no such account though, so we cancelled it)

SAURABH SRIVASTAVA | DEPARTMENT OF COMPUTER SCIENCE & ENGINEERING | IIT (ISM) DHANBAD
We have now logged in using the user saurabh on the remote machine

SAURABH SRIVASTAVA | DEPARTMENT OF COMPUTER SCIENCE & ENGINEERING | IIT (ISM) DHANBAD
We can now issue shell commands on the terminal, as if, we were doing so
directly on the remote host

SAURABH SRIVASTAVA | DEPARTMENT OF COMPUTER SCIENCE & ENGINEERING | IIT (ISM) DHANBAD
sftp can be used with an almost identical command

SAURABH SRIVASTAVA | DEPARTMENT OF COMPUTER SCIENCE & ENGINEERING | IIT (ISM) DHANBAD
The ftp/sftp commands can then be issued

SAURABH SRIVASTAVA | DEPARTMENT OF COMPUTER SCIENCE & ENGINEERING | IIT (ISM) DHANBAD
Homework !!
Find out the port numbers currently in use on your Linux machine
◦ Can you also find out which process is using that port?

SAURABH SRIVASTAVA | DEPARTMENT OF COMPUTER SCIENCE & ENGINEERING | IIT (ISM) DHANBAD