###Common Network Utilities###
#Features:
 1. Determine if remote host is up/available: 'ping'
 2. Determine if local/remote service is available: 'telnet'
 3. Determine network sockets stats/connections: 'netstat'
 4. View L2 information: 'arp'
 5. View path taken by packets to remote system: 'traceroute'
 6. Hostname-to-IP and reverse resolution: 'nslookup', 'dig'
 7. Learn more information about IP and/or block: 'whois'

Tasks:
 1. Explore Packet Internet Grouper (PING)
  a. 'rpm -qf `/bin/ping`' - member of 'iputils' package
  b. 'ping -c 3 192.168.0.254 -s 32' sends 32-bytes + 8-bytes (ICMP overhead)
  c. 'ping -c 3 -i 3 192.168.0.254' - sends 3-packats of 56-bytes, every 3-seconds to target
Note: PING may be blocked by L3 devices on your network and/or the Internet

 2. Telnet - Don't use for TTY access to remote host. Use SSH. Use Telnet to test port-accessibility
  a. 'telnet 192.168.74.1 22' - Install if necessary using 'yum install telnet'

 3. Netstat - reveals TCP:UDP:Unix sockets - '/proc/net'
  a. 'netstat -a' - dumps ALL sockets with: service/port and hostname resolution
  b. 'netstat -an' - same as above, but suppresses name resolution
  c. 'netstat -ntl' - suppresses name resolution, shows ONLY TCP sockets, and listeners
  d. 'netstat -ntlp' - same as above, includes programs bound to ports
Note: Use '-p' option as root to reveal ALL programs
Note: ':::514' - means that ports bound to ALL IPv6 addresses configured on the host
Note: '0.0.0.0:514' - means that ports bound to ALL IPv4 addresses configured on the host
  e. 'netstat -i'
  f. 'netstat -nulp' - returns ALL UDP listeners
  g. 'netstat -rn' - returns kernel routing table

 4. ARP - Address Resolution Protocol
  a. 'arp -a || arp -e'
Note: ARP is usually self-managing.

 5. Traceroute - follows path taken by packets across the network (Intra/Internet)
  a. 'traceroute 192.168.75.1'
  b. 'traceroute www.linuxcbt.com'

 6. 'nslookup'
  a. 'nslookup www.linuxcbt.com'
DNS client tools use: '/etc/resolv.conf' to determine which DNS servers to query

 7. 'dig'
  a. 'dig www.linuxcbt.com'
  b. 'dig -x 71.6.195.206' - performs a reverse lookup
  c. 'dig linuxcbt.com mx'

 8. 'whois' - Finds IP/domain ownership information
  a. 'whois linuxcbt.com'



###IPv4 Configuration
Features:
 1. DHCP
 2. Static
 3. Virtual (Sub) Interfaces - supports single physical connected to multiple logical
i.e. 192.168.75.0/24 && 192.168.76.0/24 && 10.0.0.0/30

Tasks:
 1. Explore key: Directories & Files
  a. '/etc/sysconfig/network' - system-wide settings: i.e. hostname, gateway, enabled|disabled
  b. '/etc/sysconfig/networking' - 'system-config-network' tool controls this directory, Don't edit manually.

  c. '/etc/hosts' - local name DB - should contain a record for the localhost: i.e. 'localhost.localdomain'


127.0.0.1   localhost localhost.localdomain localhost4 localhost4.localdomain4
::1         localhost localhost.localdomain localhost6 localhost6.localdomain6

Note: Add hosts to '/etc/hosts', for which you cannot or should not resolve via DNS

  d. '/etc/sysconfig/network-scripts'
   d1. Interface configuration files - describes up/down config of interfaces: i.e. eth0
   d2. Control files - describes how interfaces are to be brought: up/down - scripts
   d3. Network function files - contain key network information required for the stack
   d4. 'ifup-ethx' - brings up ethernet interfaces: i.e. 'eth0', 'eth1', etc.
   d5. 'ifdown-ethx' - brings down ethernet interfaces: i.e. 'eth0', 'eth1', etc.

  e. 'ifconfig' - enumerates configuration of interfaces
Note: At minumum, a routeable, connected system has at least 2 interfaces:
 1. 'lo' - loopback - 127.0.0.1
 2. 'eth0' - Etnernet0 - Your Routeable IP/Net

   e1. 'ifconfig'

eth0      Link encap:Ethernet  HWaddr 00:21:86:94:CA:BE 
      inet addr:192.168.0.23  Bcast:192.168.0.255  Mask:255.255.255.0
          inet6 addr: fe80::221:86ff:fe94:cabe/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:255885 errors:0 dropped:0 overruns:0 frame:0
          TX packets:143724 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:234119225 (223.2 MiB)  TX bytes:15969698 (15.2 MiB)
          Memory:fe200000-fe220000

lo        Link encap:Local Loopback 
          inet addr:127.0.0.1  Mask:255.0.0.0
          inet6 addr: ::1/128 Scope:Host
          UP LOOPBACK RUNNING  MTU:16436  Metric:1
          RX packets:40823 errors:0 dropped:0 overruns:0 frame:0
          TX packets:40823 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:130967469 (124.9 MiB)  TX bytes:130967469 (124.9 MiB)

   e2. 'ifconfig eth0:1 192.168.75.22 netmask 255.255.255.0'
    e2.1. 'ping -c 3 -I 192.168.74.22 192.168.75.21' - sources traffic as: 192.168.75.22

   e3. 'ifconfig eth0:2 192.168.75.23 netmask 255.255.255.0'


   e4. Preserve changes across system restart/ 'NetworkManager' service restart
    e4.1. 'cp -v /etc/sysconfig/network-scripts/ifcfg-eth0 ifcfg-eth0:1'

  f. 'ifcfg eth0:3 add 192.168.75.24/24' - Does duplicate address detection & sends ARP to hosts on the same Net as the interface
   f1. 'ifcfg eth0:1 delete 192.168.75.22/24' - removes the sub-interface
   f2. 'ifconfig eth0:2 del 192.168.75.23' - removes the sub-interface


###IPv6 Configuration###
Features:
 1. Self-configuring - Prefix (/64), is auto-derived from Router
 2. Can be configured via: Neigbor discovery auto-config by router, DHCPv6, Statically (manually)


Tasks:
 1. 'less /etc/sysconfig/network-scripts-ifup-ipv6' - peruse config
 2. Preuse Router Config
  a. '2002:4687:DB25:2:21A:2FFF:FEE3:F240'
2002:4687:DB25:2 - left-most 64-bits describes the subnet: /64 prefix - globally unique
:21A:2FFF:FEE3:F240 - right-most 64-bits describes the host. Includes 48-bit unique MAC address

 3. PING6 various devices
  a. 'ping6 -c 3 -I eth0 2002:4687:DB25:2:21A:2FFF:FEE3:F240'
  b. 'ping 2002:4687:DB25:2:21A:2FFF:FEE3:F240' - form the router , PING6 RHEL-6 box

 4. Use browser to access Apache via: IPv6
  a. 'http://[2002:4687:DB25:2:21A:2FFF:FEE3:F240]/' - escape IPv6 address with '[]' || use /etc/hosts' || DNS

Note: IPv6 is auto-configured, by default, so long as Router or DHCPv6 provides a usable prefix.
Note: Update host configuration: i.e. '/etc/hosts' and/or DHS to reflect name-to-IPv6 mappings
Note: Test with desired applications: i.e. 'ssh', 'http client', etc.


###Very Secure File Transfer Protocol Caemon (VSFTPD)###
Features:
 1. Anonymous (Default) and user-based FTP sessions
 2. SSL support (provided by SSH) no need for VSFTPD
 3. Does not permit 'root' access, by default
 4. Does not currently support IPv4 & IPv6 simultaneously with the same daemon


Tasks:
 1. Install using: 'yum'
 2. Enable 'vsftpd' in multi-user runlevels
  a. 'chkconfig vsftpd on'
 3. start 'vsftpd'
  a. 'service vsftpd start'
 4. Disable Anonymous access
 5. Test local user access and update SELinux configuration
  a. 'getsebool -a | grep ftp' - dumps FTP-related SELinux booleans
  b. 'setsebool -P ftp_home_dir=1'
Note: RHEL6 enables SELinux in 'enforcing' mode, requiring a slight change to the booleans to permit VSFTPD or any FTPD daemon to transition user into their: $HOME directory

 6. Enable Dual-Loggin
  a. 'dual_log_enable=YES'
 7 Enable server time for display of files/directories
  a. 'use_localtime=YES'
Note: 'man vsftpd.conf' for usefull directive that apply to your application


###LFTP###
Features:
 1. Interactive (Shell-like) & Non-interactive modes
 2. Scriptable
 3. Servers supported: FTP, FTPS, SSH(SFTP), HTTP, etc.
 4. Mirroring of content: forward (download) & reverse (upload)
 5. Regular expressions
 6. Job Engine

Tasks:
 1. Use 'lftp' to connect to VSFTPD
  a. 'lftp localhost' && open -u 'linuxcbt'
Note: LFTP batches authentication commands and submits when control-channel commands such as 'ls' are received