gothseidank
/
network-cheatsheet
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
11 Commits
1 Branch
0 Tags
527 KiB
Tag: Branch: Tree: 6cdee8e091
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '6cdee8e091'
${ noResults }
network-cheatsheet/index.html

310 lines
23 KiB
Raw Normal View History Unescape

Initial commit
5 years ago
<!DOCTYPE html>
<html lang="en">
<head>
Github logo and mobile scaling line
5 years ago
<meta name="viewport" content="width=device-width, initial-scale=1.0">
Initial commit
5 years ago
<link rel="stylesheet" href="/raster2.css">
<link rel="stylesheet" href="/css.css">
<script src="tooltip.js"></script>
<title>networking cheat sheet</title>
</head>
<body>
Fixed doubled entry, wrong tooltip
5 years ago
<r-grid columns="1" columns-l="1">
Mobile improvement
5 years ago
<r-cell span="row">
<a href="https://github.com/domeniko-gentner/network-cheatsheet"><img src="/github.png" alt="github logo"></a>
<h1>networking cheat sheet</h1>
</r-cell>
</r-grid>
<r-grid columns="1" class="wrapper">
<r-cell class="panel">
<h2>Ethernet Frame</h2>
Fixed doubled entry, wrong tooltip
5 years ago
<r-grid columns="9" class="ethernet-frame-grid">
Mobile improvement
5 years ago
<r-cell span="1" data-tooltip title="7 bytes<br>for synchronization" class="ethernet-frame-cell">
<p class="frame-text">Preamble</p>
</r-cell>
<r-cell span="1" data-tooltip title="1 byte<br>Marks end of preamble and start of frame. Always 1." class="ethernet-frame-cell">
<p class="frame-text">SFD</p>
</r-cell>
<r-cell span="1" data-tooltip title="6 bytes<br>destination address" class="ethernet-frame-cell">
<p class="frame-text">Dest. MAC</p>
</r-cell>
<r-cell span="1" data-tooltip title="6 bytes<br>source address" class="ethernet-frame-cell">
<p class="frame-text">Source MAC</p>
</r-cell>
<r-cell span="1" data-tooltip title="4 bytes<br>802.1Q, last 12 bits are VLAN ID, optional" class="ethernet-frame-cell">
<p class="frame-text">[VLAN]</p>
</r-cell>
<r-cell span="1" data-tooltip title="2 bytes<br>0x8808: Flow Control<br>0x8809: LACP<br>0x8000: IPV4,<br>0x8100: Tagged VLAN<br>0x8060: ARP<br>0x86DD: IPV6" class="ethernet-frame-cell">
<p class="frame-text">EtherType</p>
</r-cell>
<r-cell span="1" data-tooltip title="46-1500 bytes<br>can be bigger for jumbo frames" class="ethernet-frame-cell">
<p class="frame-text">Payload</p>
</r-cell>
<r-cell span="1" data-tooltip title="4 bytes<br>FCS/Checksum of the frame" class="ethernet-frame-cell">
<p class="frame-text">FCS</p>
</r-cell>
<r-cell span="1" data-tooltip title="4 bytes<br>gap between frames<br>uses a timed pause equal to 4 bytes" class="ethernet-frame-cell">
<p class="frame-text">GAP</p>
</r-cell>
</r-grid>
</r-cell>
<r-cell class="panel">
<h2>IPV4 Header</h2>
<r-grid columns="8" class="ethernet-frame-grid">
<r-cell span="1-2" data-tooltip title="4 bits<br>Protocol version, equals 4" class="ethernet-frame-cell">
<p class="frame-text">IP version</p>
</r-cell>
<r-cell span="3-4" data-tooltip title="4 bits<br>Number of 32 bit words in the header<br>5 x 32b = 160b = 20B" class="ethernet-frame-cell">
<p class="frame-text">Header Length</p>
</r-cell>
<r-cell span="1" data-tooltip title="6 bits<br>Service Type (QOS)<br>Expedited Forwarding: 101110<br>Best Effort: 000000" class="ethernet-frame-cell">
<p class="frame-text">DSCP</p>
</r-cell>
<r-cell span="1" data-tooltip title="2 bits<br>Explicit Congestion Notification<br>Requires support on both ends" class="ethernet-frame-cell">
<p class="frame-text">ECN</p>
</r-cell>
<r-cell span="7-8" data-tooltip title="16 bits<br>Total Length of the header<br>Min size: 20B<br>Max size: 65535B" class="ethernet-frame-cell">
<p class="frame-text">Total Length</p>
</r-cell>
</r-grid>
<r-grid columns="8" class="ethernet-frame-grid">
<r-cell span="1-4" data-tooltip title="16 bits<br>Unique ID, identifies datagram parts.<br>" class="ethernet-frame-cell">
<p class="frame-text">Identification</p>
</r-cell>
<r-cell span="1" data-tooltip title="3 bits<br>First: must be zero<br>Second: no fragments<br>Third: more fragments follow" class="ethernet-frame-cell">
<p class="frame-text">Flags</p>
</r-cell>
<r-cell span="6-8" data-tooltip title="13 bits<br>Byte offset of a fragment, relative to first" class="ethernet-frame-cell">
<p class="frame-text">Fragment Offset</p>
</r-cell>
</r-grid>
<r-grid columns="8" class="ethernet-frame-grid">
<r-cell span="1-2" data-tooltip title="8 bits<br>Amount of hops the package lives" class="ethernet-frame-cell">
<p class="frame-text">TTL</p>
</r-cell>
<r-cell span="3-4" data-tooltip title="8 bits<br>Transport Layer Protocol<br>0x01: ICMP<br>0x06: TCP<br>0x11: UDP<br>0x12: MUX<br>" class="ethernet-frame-cell">
<p class="frame-text">Protocol</p>
</r-cell>
<r-cell span="5-8" data-tooltip title="16 bits" class="ethernet-frame-cell">
<p class="frame-text">Header Checksum</p>
</r-cell>
</r-grid>
<r-grid columns="8" class="ethernet-frame-grid">
<r-cell span="row" data-tooltip title="32 bits<br>Source IPv4 Address" class="ethernet-frame-cell">
<p class="frame-text">Source address</p>
</r-cell>
</r-grid>
<r-grid columns="8" class="ethernet-frame-grid">
<r-cell span="1-8" data-tooltip title="32 bits<br>Destination IPv4 Address" class="ethernet-frame-cell">
<p class="frame-text">Destination address</p>
</r-cell>
</r-grid>
<r-grid columns="8" class="ethernet-frame-grid">
<r-cell span="1-8" data-tooltip title="32 bits<br>Various options, rarely used" class="ethernet-frame-cell">
<p class="frame-text">Options</p>
</r-cell>
</r-grid>
</r-cell><!-- IPV4 Header -->
<r-cell class="panel">
<h2>IPv6 Header</h2>
<r-grid columns="8" class="ethernet-frame-grid">
<r-cell span="1-2" data-tooltip title="4 bits<br>IP Version -> 0110 = 6" class="ethernet-frame-cell">
<p class="frame-text">Version</p>
</r-cell>
<r-cell span="3-4" data-tooltip title="8 bits<br>See DSCP and ECN on IPV4" class="ethernet-frame-cell">
<p class="frame-text">Traffic Class</p>
</r-cell>
<r-cell span="5-8" data-tooltip title="20 bits<br>Sequential Flow" class="ethernet-frame-cell">
<p class="frame-text">Flow Label</p>
</r-cell>
</r-grid>
<r-grid columns="8" class="ethernet-frame-grid">
<r-cell span="1-4" data-tooltip title="16 bits<br>Payload length may exceed 65535, in which case it is 0" class="ethernet-frame-cell">
<p class="frame-text">Payload Length</p>
</r-cell>
<r-cell span="5-6" data-tooltip title="8 bits<br>indicates protocol, same identifiers as V4" class="ethernet-frame-cell">
<p class="frame-text">Next header</p>
</r-cell>
<r-cell span="7-8" data-tooltip title="8 bits<br>indicates protocol, same identifiers as V4" class="ethernet-frame-cell">
<p class="frame-text">TTL</p>
</r-cell>
</r-grid>
<r-grid columns="8" class="ethernet-frame-grid">
<r-cell span="row" data-tooltip title="128 bits<br>Source Address" class="ethernet-frame-cell">
<p class="frame-text">Source Address</p>
</r-cell>
</r-grid>
<r-grid columns="8" class="ethernet-frame-grid">
<r-cell span="row" data-tooltip title="128 bits<br>Destination Address" class="ethernet-frame-cell">
<p class="frame-text">Destination address</p>
</r-cell>
</r-grid>
</r-cell><!-- IPV6 Header -->
<r-cell class="panel">
<h2>TCP Header</h2>
<r-grid columns="16" class="ethernet-frame-grid">
<r-cell span="1-8" data-tooltip title="16 bits<br>Port segment was sent from" class="ethernet-frame-cell">
<p class="frame-text">Source port</p>
</r-cell>
<r-cell span="9-16" data-tooltip title="16 bits<br>Port segmnent is sent to" class="ethernet-frame-cell">
<p class="frame-text">Destination port</p>
</r-cell>
</r-grid>
<r-grid columns="1" class="ethernet-frame-grid">
<r-cell span="row" data-tooltip title="32 bits<br>If SYN flag is set, this is the initial packet.<br>If SYN is not set, data is at number+1" class="ethernet-frame-cell">
<p class="frame-text">Sequence number</p>
</r-cell>
</r-grid>
<r-grid columns="1" class="ethernet-frame-grid">
<r-cell span="row" data-tooltip title="32 bits<br>If the ACK flag is set,<br>then the value of this field is the next<br>sequence number that the sender of the ACK is expecting." class="ethernet-frame-cell">
<p class="frame-text">Acknowledgment number</p>
</r-cell>
</r-grid>
<r-grid columns="16" class="ethernet-frame-grid">
<r-cell span="1-2" data-tooltip title="4 bits<br>Number of 32 bit words that define the size of the header." class="ethernet-frame-cell">
<p class="frame-text">Data offset</p>
</r-cell>
<r-cell span="3-4" data-tooltip title="3 bits<br>Reserved for future use." class="ethernet-frame-cell">
<p class="frame-text">Reserved</p>
</r-cell>
<r-cell span="5-9" data-tooltip title="9 bits<br>SYN: synchronize, start of connection<br>ACK: acknowledge, confirm connection<br>RST: reset connection<br>FIN: last package from sender<br>URG: urgent bit is significant<br>CWR: congestion window reduced" class="ethernet-frame-cell">
<p class="frame-text">Flags</p>
</r-cell>
<r-cell span="10-16" data-tooltip title="16 bits<br>Number of bytes the sender of this segment is willing to receive" class="ethernet-frame-cell">
<p class="frame-text">Window size</p>
</r-cell>
</r-grid>
<r-grid columns="2" class="ethernet-frame-grid">
<r-cell span="1" data-tooltip title="16 bits<br>Used for error checking. TCP can resend invalid segments." class="ethernet-frame-cell">
<p class="frame-text">Checksum</p>
</r-cell>
<r-cell span="1" data-tooltip title="16 bits<br>If the URG flag is set, then this 16-bit field is an offset from the sequence number indicating the last urgent data byte." class="ethernet-frame-cell">
<p class="frame-text">Urgent pointer</p>
</r-cell>
</r-grid>
<r-grid columns="1" class="ethernet-frame-grid">
<r-cell span="row" data-tooltip title="0-320 bits<br>Optional options. Must be divisable by 32, otherwise 0 padding at the end." class="ethernet-frame-cell">
<p class="frame-text">Options</p>
</r-cell>
</r-grid>
</r-cell><!-- TCP Header -->
<r-cell class="panel">
<h2>UDP Header</h2>
<r-grid columns="2" class="ethernet-frame-grid">
<r-cell span="1" data-tooltip title="16 bits<br>Port the datagram is sent from (optional in IPv6)." class="ethernet-frame-cell">
<p class="frame-text">Source Port</p>
</r-cell>
<r-cell span="1" data-tooltip title="16 bits<br>Port the datagram is sent to." class="ethernet-frame-cell">
<p class="frame-text">Destination port</p>
</r-cell>
</r-grid>
<r-grid columns="2" class="ethernet-frame-grid">
<r-cell span="1" data-tooltip title="16 bits<br>Min Length: 8 bytes<br>Max length: 65535 bytes." class="ethernet-frame-cell">
<p class="frame-text">Length</p>
</r-cell>
<r-cell span="1" data-tooltip title="16 bits<br>Used for error recognition. Optional in V4, mandatatory in V6. All zeroes if unused." class="ethernet-frame-cell">
<p class="frame-text">Checksum</p>
</r-cell>
</r-grid>
</r-cell><!-- UDP Header -->
<r-cell>
Fixed doubled entry, wrong tooltip
5 years ago
<r-grid columns="10" class="panel">
Mobile improvement
5 years ago
<r-cell span="row"><h2>tcpdump</h2></r-cell>
<r-cell span="row"><h3>flags</h3></r-cell>
<r-cell span="1" data-tooltip title="tcpdump -i eth0">-i name</r-cell><r-cell span="2-5">Capture named interfaces, any for all</r-cell>
<r-cell span="6-6" data-tooltip title="tcpdump -c10">-c integer</r-cell><r-cell span="7-10">Capture amount of packages</r-cell>
<r-cell span="1" data-tooltip title="tcpdump -D">-D</r-cell><r-cell span="2-5">Show available interfaces</r-cell>
<r-cell span="6-6" data-tooltip title="tcpdump -n -c10 -i any">-n</r-cell><r-cell span="7-10">Do not resolve host-names</r-cell>
<r-cell span="1" data-tooltip title="tcpdump -nn -c10 -i eth0">-nn</r-cell><r-cell span="2-5">Do not resolve host-names or services (ports)</r-cell>
<r-cell span="6-6" data-tooltip title="tcpdump -n -c10 -i eth0 tcp">tcp</r-cell><r-cell span="7-10">Capture tcp</r-cell>
<r-cell span="1" data-tooltip title="tcpdump -n -c10 -i eth0 tcp">udp</r-cell><r-cell span="2-5">Capture udp, also works with others such as arp</r-cell>
<r-cell span="6-6" data-tooltip title="tcpdump -n -c10 -i eth0 host 10.10.10.10 and [not] udp">host IP</r-cell><r-cell span="7-10">Capture data to or from this host only</r-cell>
<r-cell span="1" data-tooltip title="tcpdump -n -c10 -i eth0 src 10.10.10.10 and tcp">src IP</r-cell><r-cell span="2-5">Capture data from this host only</r-cell>
<r-cell span="6-6" data-tooltip title="tcpdump -n -c10 -i eth0 dst 10.10.10.10">dst IP</r-cell><r-cell span="7-10">Capture data sent to this host only</r-cell>
<r-cell span="1" data-tooltip title="tcpdump -n -c10 -i eth0 net 10.10.10.0/24">net CIDR</r-cell><r-cell span="2-5">Capture data to or from this subnet</r-cell>
<r-cell span="6-6" data-tooltip title="tcpdump -n -c10 -i eth0 host 10.10.10.10 and port 53">port number</r-cell><r-cell span="7-10">Use service name instead of port</r-cell>
Added cable types, iptables
5 years ago
<r-cell span="1" data-tooltip title="tcpdump -n -i eth0 port not ssh">port not num|name</r-cell><r-cell span="2-5">Exclude port or service in report</r-cell>
Mobile improvement
5 years ago
<r-cell span="row"><h3>tcp flags</h3></r-cell>
<r-cell span="1-2">[S]&nbsp;SYNC</r-cell>
<r-cell span="3-4">[.|A]&nbsp;ACKNOWLEDGE</r-cell>
<r-cell span="5-6">[R]&nbsp;RESET</r-cell>
<r-cell span="7-8">[F]&nbsp;FINISHED</r-cell>
<r-cell span="9-10">[P]&nbsp;PUSH</r-cell>
<r-cell span="row">Flags can be displayed combined, [S.] means sync and acknowledge</r-cell>
</r-grid><!-- tcpdump -->
Fixed doubled entry, wrong tooltip
5 years ago
</r-cell>
<r-cell>
<r-grid columns="10" class="panel">
Mobile improvement
5 years ago
<r-cell span="row"><h2>nmap</h2></r-cell>
<r-cell span="1" data-tooltip title="nmap 10.10.10.1">IP</r-cell><r-cell span="2-5">Scan host</r-cell>
<r-cell span="6-6" data-tooltip title="nmap 10.10.10.1 10.10.10.2">LIST</r-cell><r-cell span="7-10">Scan list</r-cell>
<r-cell span="1" data-tooltip title="nmap 10.10.10.0/24">CIDR</r-cell><r-cell span="2-5">Scan subnet</r-cell>
<r-cell span="6-6" data-tooltip title="nmap -iL targets.txt">-iL file</r-cell><r-cell span="7-10">Scan targets from file</r-cell>
<r-cell span="1" data-tooltip title="nmap 10.10.10.0/24 -iR 100">-iR number</r-cell><r-cell span="2-5">Random hosts of amount</r-cell>
<r-cell span="6-6" data-tooltip title="nmap 10.10.10.0/24 --exclude 10.10.10.1 10.10.10.253">--exclude</r-cell><r-cell span="7-10">Exclude hosts</r-cell>
<r-cell span="1" data-tooltip title="nmap -iL targets.txt">-iL file</r-cell><r-cell span="2-5">Scan targets from file</r-cell>
<r-cell span="6-6" data-tooltip title="nmap -sU 10.10.10.1">-sU</r-cell><r-cell span="7-10">UDP port scan</r-cell>
<r-cell span="1" data-tooltip title="nmap -sU -n 10.10.10.1">-n</r-cell><r-cell span="2-5">No DNS resolution</r-cell>
<r-cell span="6-6" data-tooltip title="nmap -p- 10.10.10.1">-p-</r-cell><r-cell span="7-10">Scan ALL ports from 0 to 65353</r-cell>
<r-cell span="1" data-tooltip title="nmap -p 1-1023 -sU 10.10.10.1">-p n[-n]</r-cell><r-cell span="2-5">Scan port or range</r-cell>
<r-cell span="6-6" data-tooltip title="nmap -p U:53,T:80 10.10.10.1">-p U:n,T:n</r-cell><r-cell span="7-10">Scan mixed ports, UDP and TCP</r-cell>
<r-cell span="1" data-tooltip title="nmap -F 10.10.10.1">-F</r-cell><r-cell span="2-5">Fast scan 100 ports</r-cell>
<r-cell span="6-6" data-tooltip title="nmap -sV -p 443 10.10.10.1">-sV</r-cell><r-cell span="7-10">Try to detect service</r-cell>
</r-grid><!-- nmap -->
Fixed doubled entry, wrong tooltip
5 years ago
</r-cell>
<r-cell>
<r-grid columns="10" class="panel">
Mobile improvement
5 years ago
<r-cell span="row"><h2>mtr</h2></r-cell>
<r-cell span="1" data-tooltip title="mtr 10.10.10.1">IP</r-cell><r-cell span="2-5">Run route to host</r-cell>
<r-cell span="6-6" data-tooltip title="mtr -z 10.10.10.1">-z</r-cell><r-cell span="7-10">Resolve ASN</r-cell>
<r-cell span="1" data-tooltip title="mtr -c1 10.10.10.1">-c num</r-cell><r-cell span="2-5">Run num cycles</r-cell>
<r-cell span="6-6" data-tooltip title="mtr -r -z -c1 10.10.10.1">-r</r-cell><r-cell span="7-10">Report mode, useful with -c</r-cell>
Fixed doubled entry, wrong tooltip
5 years ago
<r-cell span="1" data-tooltip title="mtr -w 10.10.10.1">-w</r-cell><r-cell span="2-5">Do not truncate network names aka wide mode</r-cell>
Mobile improvement
5 years ago
<r-cell span="6-6" data-tooltip title="mtr -r -z -n -c1 10.10.10.1">-n</r-cell><r-cell span="7-10">No RDNS</r-cell>
<r-cell span="1" data-tooltip title="mtr -U 10.10.10.1">-u</r-cell><r-cell span="2-5">use UDP instead of ICMP</r-cell>
<r-cell span="6-6" data-tooltip title="mtr -T 10.10.10.1">-T</r-cell><r-cell span="7-10">use TCP instead of ICMP</r-cell>
<r-cell span="1" data-tooltip title="mtr -f2 10.10.10.1">-f num</r-cell><r-cell span="2-5">set first TTL, useful for skipping own router</r-cell>
Fixed doubled entry, wrong tooltip
5 years ago
<r-cell span="6-6" data-tooltip title="mtr -i 0.2 10.10.10.1">-i float</r-cell><r-cell span="7-10">set interval, default is 1 second</r-cell>
Mobile improvement
5 years ago
</r-grid><!-- mtr -->
</r-cell>
Added cable types, iptables
5 years ago
<r-cell>
<r-grid columns="10" class="panel">
<r-cell span="row"><h2>iptables</h2></r-cell>
<r-cell span="1" data-tooltip title="iptables -vL">-vL</r-cell><r-cell span="2-5">Shows rules hit counters</r-cell>
<r-cell span="1" data-tooltip title="iptables -A OUTPUT">-A chain</r-cell><r-cell span="7-10">Append rule to chain</r-cell>
<r-cell span="1" data-tooltip title="iptables -I INPUT 2">-I chain num</r-cell><r-cell span="2-5">Insert rule to chain at position</r-cell>
Errata
5 years ago
<r-cell span="1" data-tooltip title="iptables -I OUTPUT -s 10.10.10.0/24">-s CIDR</r-cell><r-cell span="7-10">Packages from source</r-cell>
<r-cell span="1" data-tooltip title="iptables -I INPUT -d 10.10.10.0/24">-d CIDR</r-cell><r-cell span="2-5">Packages to destination</r-cell>
Added cable types, iptables
5 years ago
<r-cell span="1" data-tooltip title="iptables -I INPUT -d 10.10.10.0/24 -j DROP">-j target</r-cell><r-cell span="7-10">Apply target to rule</r-cell>
<r-cell span="1" data-tooltip title="iptables -I INPUT -m mac --mac-source 00:00:00:FF:FF:FF">-m extension</r-cell><r-cell span="2-5">Use an extension to match packet</r-cell>
<r-cell span="1" data-tooltip title="iptables -L [-t tablename]">-L</r-cell><r-cell span="7-10">List all rules, use -t for specific tables</r-cell>
<r-cell span="row"><h3>chains</h3></r-cell>
<r-cell span="row">A chain defines a set of rules. They do not need either a source nor a destination. They can be applied to those later.</r-cell>
<r-cell data-tooltip title="Sent in this context means,<br>directly sent via the interface<br>this rule applies to" span="1-2">OUTPUT - When a package is sent</r-cell>
<r-cell span="3-4">INPUT - When a package is received</r-cell>
<r-cell data-tooltip title="Example: Using another virtual interface<br>for e.g. a virtual machine." span="5-6">FORWARD - When a package is forwarded</r-cell>
<r-cell span="7-10">USER DEFINED - You can define a user defined chain and apply it to any source/destination.</r-cell>
</r-grid>
</r-cell>
<r-cell>
<r-grid columns="10" class="panel">
<r-cell span="row"><h2>Fibre cables color coding</h2></r-cell>
<r-cell span="1" style="background-color: orange;">&nbsp;</r-cell><r-cell span="2-10">OM1/2 multi-mode</r-cell>
<r-cell span="1" style="background-color: aqua;">&nbsp;</r-cell><r-cell span="2-10">OM3 multi-mode</r-cell>
<r-cell span="1" style="background-color: #c4618c;">&nbsp;</r-cell><r-cell span="2-10">OM4 multi-mode</r-cell>
<r-cell span="1" style="background-color: lime">&nbsp;</r-cell><r-cell span="2-10">OM5 multi-mode</r-cell>
<r-cell span="1" style="background-color: yellow">&nbsp;</r-cell><r-cell span="2-10">OS1/2 single-mode PC with a blue plug</r-cell>
<r-cell span="1" style="background-color: yellow">&nbsp;</r-cell><r-cell span="2-10">OS1/2 single-mode APC with a green plug</r-cell>
</r-grid>
</r-cell>
Errata
5 years ago
<!-- <r-cell>-->
<!-- <r-grid columns="10" class="panel">-->
<!-- <r-cell span="row"><h2>SFP</h2></r-cell>-->
<!-- </r-grid>-->
<!-- </r-cell>-->
Mobile improvement
5 years ago
<r-cell class="footer">
<p>Provided by <a href="https://tuxstash.de">tuxstash.de</a></p>
</r-cell>
</r-grid>
Initial commit
5 years ago
</body>
</html>