Nikhil Bhaskar- July 6, 2021
How to Scan and Analysis the network performance in Linux.
A network scanner is a tool or application that scans the network for the security mis-configurations in the network devices. The network scanner tool also detects and categorizes all devices in a network by their IPs, MAC addresses, vendor & port.It helps to detect all the active hosts & checks all the network’s vulnerability.
We can also analysis the network performance using some tools & applications.The network performance analysis is helps to monitor the network devices.
Network Scanning and Performance Analysis Tools
Netstat Command
- It is a command line tool that shows useful information such as network connections, routing tables,& interface statistics.
Install Netstat on Linux.
apt-get install net-tools
List All Connections
netstat- a
List only TCP or UDP Connections.
netstat -at
or
netstat -au
Display Pid and Uid.
netstat -nlpt
Here is the command output.
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 127.0.0.1:587 0.0.0.0:* LISTEN 180054/sendmail: MT
tcp 0 0 0.0.0.0:2222 0.0.0.0:* LISTEN 1184/mwagent
tcp 0 0 0.0.0.0:80 0.0.0.0:* LISTEN 179995/nginx: maste
tcp 0 0 127.0.0.1:5939 0.0.0.0:* LISTEN 1240/teamviewerd
ss Command:
- It is a command line utility to investigate sockets. It displays information similar to netstat.
ss -ta
Here is the command output.
State Recv-Q Send-Q Local Address:Port Peer Address:Port Process
LISTEN 0 10 127.0.0.1:submission 0.0.0.0:*
LISTEN 0 5 0.0.0.0:2222 0.0.0.0:*
LISTEN 0 511 0.0.0.0:http 0.0.0.0:*
LISTEN 0 128 127.0.0.1:5939 0.0.0.0:*
LISTEN 0 10 172.17.24.4:domain 0.0.0.0:*
LISTEN 0 10 172.17.0.1:domain 0.0.0.0:*
LISTEN 0 10 127.0.0.1:domain 0.0.0.0:*
LISTEN 0 4096 127.0.0.53%lo:domain 0.0.0.0:*
LISTEN 0 128 0.0.0.0:ssh 0.0.0.0:*
LISTEN 0 128 0.0.0.0:telnet 0.0.0.0:*
LISTEN 0 5 127.0.0.1:ipp 0.0.0.0:*
LISTEN 0 10 127.0.0.1:smtp 0.0.0.0:*
Display listening and connected ports of TCP, UDP and Unix.
ss -ta
&
ss -ua
&
ss -xa
Netcat (NC) Command:
- It is a command line utility used for any task related to TCP, UDP, or UNIX-domain sockets.
Install Netcat.
apt-get install Netcat
Scan a list of ports(single port, multiple port or range of ports).
nc -v -w 2 z ip-address 22
or
nc -v -w 2 z ip-address 22 80
or
nc -v -w 2 z ip-address 20-25
Network Mapper (Nmap) Command:
- It is used to perform security scans, network audit and finding open ports on remote hosts.
Install Nmap.
apt-get install nmap
Scan hostname or ip address.
nmap google.com
or
nmap ip-address
Scan ip-address range.
nmap ip-address-100
Detect Firewall
nmap -sA ip-address
find a active host
nmap -sP 172.11.18.*
Nmap Version
nmap -V
Scan TCP Ports
nmap 8.8.8.8
Scan UDP Ports
nmap -sU 8.8.8.8