KALI - Networking - Table of Contents

Table of Contents
Stage 1. - Check IP address (ifconfig)
Stage 2. - Check gateway (route -n)
Stage 3. - Check DNS (cat /etc/resolv.conf)
Stage 4. - Check network connectivity (ping google.com -c 4; traceroute google.com; curl

ifconfig.me)
Stage 5. - *Optional* Check proxy settings (echo $http_proxy)
Stage 6. - *Optional* Check virtual machine network adapter (NAT? Bridged?)
Code:
ifconfig; route -n; cat /etc/resolv.conf; ping
google.com -c 4; traceroute google.com; curl
ifconfig.me; echo $http_proxy
1.
For basic networking commands,
please see this
post:https://forums.kali.org/showthre
ad.p...ll=1#post32652
Stage 1. - IP address
To check our current IP
address, we can
use ifconfig. (or 'ip a' / 'ip link')
Note: you may want to use the '-a' flag
(ifconfig -a) to show all NICs (including the
ones that are down). For more information,
seehere.
Code:
root@kali ~$ ifconfig eth0
eth0 Link encap:Ethernet HWaddr 00:0b:29:9b:c9:a3
inet addr:192.168.1.48 Bcast:192.168.1.255
Mask:255.255.255.0
inet6 addr: fe81::21c:29aa:fe9c:b9a3/64
Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500
Metric:1
RX packets:293492 errors:0 dropped:0
overruns:0 frame:0
TX packets:135760 errors:0 dropped:0
overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:431811848 (411.8 MiB) TX
bytes:7409937 (7.0 MiB)
Interrupt:19 Base address:0x2000
root@kali ~$
DHCP vs Static IP
DHCP
If there is a DHCP service running on the network, you will
automatically be assigned a free available IP address from
its IP pool. Depending on its configuration, you may also be
assigned a gateway and/or DNS addresses too.
To obtain an IP address from the DHCP service from eth0

(default wired NIC), we can do the following:
Code:
root@kali ~$ dhclient eth0
root@kali ~$
Static
If you wish to manually control your IP address, we are
able to use 'ifconfig' again to alter our IP address (and
subnet).
In this example we will alter it to '192.168.0.10', and then

to '192.168.1.25' (with a /24 subnet).
Note: This guide only covers IPv4. IPv6 is out of scope.
Code:
root@kali ~$ ifconfig eth0 192.168.0.10
root@kali ~$ ifconfig eth0 192.168.1.25/24
root@kali ~$ ifconfig eth0
eth0 Link encap:Ethernet HWaddr 00:0c:29:9c:b9:a3
inet addr:192.168.1.25 Bcast:192.168.1.255
Mask:255.255.255.0
inet6 addr: fe80::20c:29ff:fe9c:b9a3/64
Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500
Metric:1
RX packets:294583 errors:0 dropped:0
overruns:0 frame:0
TX packets:135793 errors:0 dropped:0
overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:431879127 (411.8 MiB) TX
bytes:7413464 (7.0 MiB)
Interrupt:19 Base address:0x2000
root@kali ~$
In both of the examples above (DHCP & static), these

configurations are not persistent and may not be the same
upon a restart.
To change this, we can alter the '/etc/network/interfaces'
file.
First, lets create a backup.
Code:
root@kali ~$ cp -f /etc/network/interfaces{,.bak}
root@kali ~$
Afterwards you can use your favourite text editor (vim,

emacs, nano... gedit, geany, leafpad) to alter the file.
Code:
root@kali ~$ vim /etc/network/interfaces
If you want to use get an IP address from the DHCP on

'eth0', then correct the file to look like:
auto eth0
iface eth0 inet dhcp
...But if you would like for 'eth0' to use an static IP (and
set the subnet to /24 & gateway to 192.168.1.1), then
change the file to match:
iface eth0 inet static
address 192.168.1.25
netmask 255.255.255.0
gateway 192.168.1.1
Last edited by g0tmi1k; 2014-03-27 at 04:07 PM.
This is a Kali-Linux support forum - not general IT/infosec
help.
Useful Commands: OS, Networking, Hardware, Wi-Fi

Troubleshooting: Kali-Linux Installation, Repository, Wi-Fi
Cards (Official Docs)
Hardware: Recommended 802.11 Wireless Cards
Search: https://www.kali.org/search/
Documentation: http://docs.kali.org/ (Offline PDF version)
Bugs Reporting & Tool Requests: https://bugs.kali.org/
Kali Tool List, Versions & Man Pages: http://tools.kali.org/
2.
1. Stage 2. - Gateway
A network gateway is
responsible for connecting
two different networks
together.
If you're having issues
accessing resources outside
of your LAN subnet (e.g.
WAN (the Internet), but LAN
(local resources) is working),
there is a good chance there
is an issue with the gateway.
Depending on if a DHCP
service is used, as well as
how it has been configured,
it may push out a gateway
address.
You can view the current

routing path (which is
'192.168.1.2' on interface
'eth0') by doing:
Code:
root@kali ~$ route -n
Kernel IP routing table
Destination Gateway Genmask Flags
Metric Ref Use Iface
0.0.0.0 192.168.1.2 0.0.0.0 UG 0
0 0 eth0
192.168.1.0 0.0.0.0 255.255.255.0 U 0
0 0 eth0
root@kali ~$
If we wish to alter this to use '192.168.1.200' on 'eth0', we

can issue the follow command:
Code:
root@kali ~$ route add default gw 192.168.1.200 eth0
0.0.0.0 192.168.1.200 0.0.0.0 UG 0
0 0 eth0
0.0.0.0 192.168.1.2 0.0.0.0 UG 0
0 0 eth0
192.168.1.0 0.0.0.0 255.255.255.0 U 0
0 0 eth0
root@kali ~$
This will now try 192.168.1.200 first, if that isn't

successful, it will move onto 192.168.1.2.
If you wish to remove the option '192.168.1.2', you can
remove it by doing:
Code:
root@kali ~$ route delete default gw 192.168.1.2 eth0
0.0.0.0 192.168.1.200 0.0.0.0 UG 0
0 0 eth0
192.168.1.0 0.0.0.0 255.255.255.0 U 0
0 0 eth0
root@kali ~$

help.

2.
1. Stage 3. - DNS
DNS
Domain Name System (DNS) is what is used to lookup
'human readable' names (e.g. www.kali.org), into IP
addresses (allowing for machines to understand the
destination).
In the example below we can see our DNS is pointed to
'192.168.1.151'.
Code:
root@kali ~$ cat /etc/resolv.conf

domain localdomain
search localdomain
nameserver 192.168.1.151
root@kali ~$
Note: This guide only covers nameserver. Domain & search is out of scope.
Depending on if DHCP is used & how it is setup, it may

push out DNS values.
If we wish to alter them for any reason, first lets make a

backup:
Code:
root@kali ~$ cp -f /etc/resolv.conf{,.bak}
root@kali ~$

Code:
root@kali ~$ vim /etc/resolv.conf
There are various freely available DNS providers, such as:
OpenDNS:
o 208.67.222.222
o 208.67.220.220
Google:
o 8.8.8.8
o 8.8.4.4
Host file
Before any DNS name service is queried, Kali-Linux checks
the value in the 'hosts file' (/etc/hosts), to see if it contains
any known value. If it finds a local value here, it will not
query the first remote name server in /etc/resolv.conf.
Code:
root@kali ~$ cat /etc/hosts
127.0.0.1 localhost
127.0.1.1 kali
# The following lines are desirable for IPv6 capable

hosts
::1 localhost ip6-localhost ip6-loopback
ff02::1 ip6-allnodes
ff02::2 ip6-allrouters
root@kali ~$
Note: The format is <ipaddress> <hostname>.

If we wish to alter it, it is recommend that you first create
a backup..
Code:
root@kali ~$ cp -f /etc/hosts{,.bak}
root@kali ~$

Code:
root@kali ~$ vim /etc/hosts

help.

1. Stage 4. - Network Connectivity

Ping
The next stage is to test the
values that have been set
during stages #1-3, allowing
us to verify the network
connection.
A method to do this, is to
'ping' a remote device. We
can do this by sending out a
IMCP echo request, and then
waiting to see if we hear a
IMCP response back.
However, depending on the
remote device that was
choose to be pinged - if they
have a firewall in place and
how its configured, it may
not response back to a IMCP
request.
In the example below, we

used 'google.com'. The
response back was 4
successful replies. The result
of all of this, means we have
successfully been able to
communicate with the device
at 'google.com'.
Code:
root@kali ~$ ping -c 4 google.com
PING google.com (62.252.173.153) 56(84) bytes of data.
64 bytes from m409-mp1-cvx1c.lan.ntl.com
(62.252.173.153): icmp_req=1 ttl=128 time=16.3 ms
--- google.com ping statistics ---

4 packets transmitted, 4 received, 0% packet loss, time
3006ms
rtt min/avg/max/mdev = 16.166/41.539/73.633/25.757 ms
root@kali ~$
Errors in the following example indicate that there might be

an issue with the DNS (either it is set to a bad value or the
address that was requested doesn't exists - such as the
case in this example):
Code:
root@kali ~$ ping -c 4
google232323232l32hj3k23k23k2jk32.com
ping: unknown host
google232323232l32hj3k23k23k2jk32.com
root@kali ~$
This is a demonstration when there is an issue with the

route (the gateway address):
Code:
root@kali ~$ ping -c 4 google.com
PING google.com (62.252.173.153) 56(84) bytes of data.
From 192.168.91.250 icmp_seq=1 Destination Host
Unreachable
Unreachable
Unreachable
Unreachable
--- google.com ping statistics ---

4 packets transmitted, 0 received, +4 errors, 100%
packet loss, time 3048ms
pipe 3
root@kali ~$
Traceroute
This shows the amount of 'hops' (each router/gateway the
packet is passed through), which have been taken to reach
the remote machine (as well as display the path it took).
Note: Each device is separate and may have a firewall
enabled on it, which as a result, will not display their
result.
Code:
root@kali ~$ traceroute www.kali.org
traceroute to www.kali.org (50.116.53.73), 30 hops max,
60 byte packets
1 * * *
2 10.20.252.1 (10.20.252.1) 15.346 ms 15.253 ms
15.143 ms
3 * * *
4 brnt-bb-1c-ae4-0.network.virginmedia.net
(213.106.244.69) 20.310 ms 20.378 ms 18.794 ms
5 brhm-bb-1c-et-410-0.network.virginmedia.net
(62.253.175.210) 20.126 ms brhm-bb-1c-et-700-
0.network.virginmedia.net (62.253.175.206) 21.258 ms
21.514 ms
6 * * *
7 linx.peer.nac.net (195.66.224.94) 92.073 ms
92.301 ms 89.861 ms
8 0.e3-2.tbr2.tl9.nac.net (209.123.11.145) 88.845 ms
90.246 ms 0.e3-2.tbr1.tl9.nac.net (209.123.11.141)
89.182 ms
9 0.e1-4.tbr2.mmu.nac.net (209.123.10.77) 91.806 ms
0.e1-4.tbr1.mmu.nac.net (209.123.10.101) 91.278 ms
0.e1-4.tbr2.mmu.nac.net (209.123.10.77) 93.700 ms
10 vlan805.esd1.mmu.nac.net (209.123.10.34) 94.203 ms
87.709 ms vlan803.esd2.mmu.nac.net (209.123.10.30)
87.830 ms
11 207.99.53.42 (207.99.53.42) 90.761 ms 207.99.53.46
(207.99.53.46) 91.333 ms 91.299 ms
12 cloudproxy81.sucuri.net (50.116.53.73) 149.309 ms
146.124 ms 146.148 ms
root@kali ~$

help.

2.
1. Stage 5. - Proxy settings
Depending on your the
network that your connecting
to, you may need to connect
to a proxy to be able to gain
WAN access.
Please double check with
your network administrator if
you're required to do so.
Depending on the program

that you wish to use, you
may need to alter its settings
to match the proxy.
Bash
To configure 'bash' to use the
proxy values (allowing you to
use the network diagnostics
mentioned above - ping &
traceroute), you can do so by
the following commands.
In this example the:
o domain is 'mycompanyname'.
o username is 'g0tmi1k'
o password is 'password2'
o ip is '192.168.1.123'
o port is '8080'
Code:
root@kali ~$ export
http_proxy=http://mycompanyname\g0tmi1k:password2@192.1
68.1.123:8080/
root@kali ~$ export
ftp_proxy=http://mycompanyname\g0tmi1k:password2@192.16
8.1.123:8080/
root@kali ~$
Note: if there isn't any proxy authentication, you can just do 'export http_proxy=http://192.168.1.123:8080/'
Persistent
To make these settings persistent, so you do not need to
keep doing it after every restart, you can alter
'/etc/bash.bashrc' to include the very same comments that
was typed in before.
If we wish to alter it, it is recommend to create a backup

first.
Code:
root@kali ~$ cp -f /etc/bash.bashrc{,.bak}
root@kali ~$

Code:
root@kali ~$ vim /etc/bash.bashrc
Apt
The recommend way to keep Kali-Linux up-to-date is by
updating it using the repository. Kali-Linux uses 'apt' for its
package manager. To configure apt to use the proxy values,
we need to alter '/etc/apt/apt.conf'.
We will create a backup copy of the file encase we need to

restore it for any reason.
Code:
root@kali ~$ cp -f /etc/apt.conf{,.bak}
root@kali ~$

Code:
root@kali ~$ vim /etc/apt.conf
It needs to be edited to include the following lines:

Code:
# Proxy config
Acquire::http::Proxy
"http://mycompanyname\g0tmi1k:password2@192.168.1.123:8
080";
Note: These are the same values from before.

help.


1. Stage 6. - Virtual machine network
adapter
If your using Kali-Linux in a
virtual machine - you may
wish to double check the
settings on the virtual
network adapter.
Note: There are various virtual machines solutions, however
this guide will only cover: VMware
Fusion/Player/Workstation & Virtual Box
o - This will join the current network

Bridged
that the host is connected too. The VM will
have its own IP address. Plus will have
access to the host, and any other virtual
machine.
o NAT (or 'Share with my Mac' if fusion) - This
will create a private virtual network on the
host. Toexternal machines, it will appear to
have the same IP as the host, allowing
them to have access to the same resources
as the host, as well as the host, and any
other virtual machine.
o Host-only - This will create a private virtual
network on the host. It will not have
external access, but it will have access to
the host any other virtual machines set to
the same adapter mode.
o LAN segment (VMware Player/Workstation) / Internal
Network (VirtualBox) - This will create a private
virtual network on the host. It will not have
external access and it will not have access
to the host. It will only have access to any
other virtual machines set to the same
adapter mode and segment.
Summary: if you wish for the guest OS to have Internet
access, the network adapter needs to be set
to NATor bridged.
NAT is the safer option, unless the guest OS needs its own
IP address on the same network as the host, then you
would select bridged.
help.


KALI - Networking - Table of Contents

Загружено:

Сведения о документе

Авторское право

Доступные форматы

Поделиться этим документом

Поделиться или встроить документ

Параметры публикации

Этот документ был вам полезен?

Это неприемлемый материал?

Авторское право:

Доступные форматы

KALI - Networking - Table of Contents

Загружено:

Авторское право:

Доступные форматы

Table of Contents

Stage 1. - Check IP address (ifconfig)

Stage 2. - Check gateway (route -n)

Stage 3. - Check DNS (cat /etc/resolv.conf)

Stage 4. - Check network connectivity (ping google.com -c 4; traceroute google.com; curl

Stage 5. - *Optional* Check proxy settings (echo $http_proxy)

Stage 6. - *Optional* Check virtual machine network adapter (NAT? Bridged?)

To obtain an IP address from the DHCP service from eth0

In this example we will alter it to '192.168.0.10', and then

In both of the examples above (DHCP & static), these

Afterwards you can use your favourite text editor (vim,

If you want to use get an IP address from the DHCP on

Useful Commands: OS, Networking, Hardware, Wi-Fi

You can view the current

If we wish to alter this to use '192.168.1.200' on 'eth0', we

This will now try 192.168.1.200 first, if that isn't

Last edited by g0tmi1k; 2014-03-27 at 03:55 PM.

Useful Commands: OS, Networking, Hardware, Wi-Fi

root@kali ~$ cat /etc/resolv.conf

Depending on if DHCP is used & how it is setup, it may

If we wish to alter them for any reason, first lets make a

Afterwards you can use your favourite text editor (vim,

# The following lines are desirable for IPv6 capable

Note: The format is <ipaddress> <hostname>.

Afterwards you can use your favourite text editor (vim,

Last edited by g0tmi1k; 2014-03-27 at 03:57 PM.

Useful Commands: OS, Networking, Hardware, Wi-Fi

1. Stage 4. - Network Connectivity

In the example below, we

--- google.com ping statistics ---

Errors in the following example indicate that there might be

This is a demonstration when there is an issue with the

--- google.com ping statistics ---

Last edited by g0tmi1k; 2014-03-27 at 04:22 PM.

Useful Commands: OS, Networking, Hardware, Wi-Fi

Depending on the program

If we wish to alter it, it is recommend to create a backup

Afterwards you can use your favourite text editor (vim,

We will create a backup copy of the file encase we need to

Afterwards you can use your favourite text editor (vim,

It needs to be edited to include the following lines:

Note: These are the same values from before.

Useful Commands: OS, Networking, Hardware, Wi-Fi

o - This will join the current network

Useful Commands: OS, Networking, Hardware, Wi-Fi

Вам также может понравиться

Stage 5. - Optional Check proxy settings (echo $http_proxy)

Stage 6. - Optional Check virtual machine network adapter (NAT? Bridged?)