networking cheat sheet

Ethernet Frame

Preamble

SFD

Dest. MAC

Source MAC

[VLAN]

EtherType

Payload

FCS

GAP

IPV4 Header

IP version

Header Length

DSCP

ECN

Total Length

Identification

Flags

Fragment Offset

TTL

Protocol

Header Checksum

Source address

Destination address

Options

IPv6 Header

Version

Traffic Class

Flow Label

Payload Length

Next header

TTL

Source Address

Destination address

TCP Header

Source port

Destination port

Sequence number

Acknowledgment number

Data offset

Reserved

Flags

Window size

Checksum

Urgent pointer

Options

UDP Header

Source Port

Destination port

Length

Checksum

tcpdump

flags

-i name

Capture named interfaces, any for all

-c integer

Capture amount of packages

-D

Show available interfaces

-n

Do not resolve host-names

-nn

Do not resolve host-names or services (ports)

tcp

Capture tcp

udp

Capture udp, also works with others such as arp

host IP

Capture data to or from this host only

src IP

Capture data from this host only

dst IP

Capture data sent to this host only

net CIDR

Capture data to or from this subnet

port number

Use service name instead of port

port not num|name

Exclude port or service in report

tcp flags

[S] SYNC

[.|A] ACKNOWLEDGE

[R] RESET

[F] FINISHED

[P] PUSH

Flags can be displayed combined, [S.] means sync and acknowledge

nmap

Scan host

LIST

Scan list

CIDR

Scan subnet

-iL file

Scan targets from file

-iR number

Random hosts of amount

--exclude

Exclude hosts

-iL file

Scan targets from file

-sU

UDP port scan

-n

No DNS resolution

-p-

Scan ALL ports from 0 to 65353

-p n[-n]

Scan port or range

-p U:n,T:n

Scan mixed ports, UDP and TCP

-F

Fast scan 100 ports

-sV

Try to detect service

mtr

Run route to host

-z

Resolve ASN

-c num

Run num cycles

-r

Report mode, useful with -c

-w

Do not truncate network names aka wide mode

-n

No RDNS

-u

use UDP instead of ICMP

-T

use TCP instead of ICMP

-f num

set first TTL, useful for skipping own router

-i float

set interval, default is 1 second

iptables

-vL

Shows rules hit counters

-A chain

Append rule to chain

-I chain num

Insert rule to chain at position

-s CIDR

Packages from source

-d CIDR

Packages to destination

-j target

Apply target to rule

-m extension

Use an extension to match packet

-L

List all rules, use -t for specific tables

chains

A chain defines a set of rules. They do not need either a source nor a destination. They can be applied to those later.

OUTPUT - When a package is sent

INPUT - When a package is received

FORWARD - When a package is forwarded

USER DEFINED - You can define a user defined chain and apply it to any source/destination.

Fibre cables color coding

OM1/2 multi-mode

OM3 multi-mode

OM4 multi-mode

OM5 multi-mode

OS1/2 single-mode PC with a blue plug

OS1/2 single-mode APC with a green plug