Networking

Chapter 16

In the realm of networking, Linux stands as an unparalleled powerhouse. Its versatility spans across the construction of various networking infrastructures and devices, from firewalls and routers to name servers and NAS (Network Attached Storage) systems.

As the networking domain sprawls expansively, so does the repertoire of commands available for its configuration and management. In this discussion, we'll narrow our focus to key commands, prioritizing the most commonly utilized ones. These commands encompass network monitoring tools, file transfer functionalities, and a comprehensive exploration of the ssh program, instrumental for remote logins.

This chapter aims to delve into the following aspects:

ping - Send an ICMP ECHO_REQUEST to network hosts
traceroute - Print the route packets trace to a network host
netstat - Print network connections, routing tables, interface statistics, masquerade connections, and multicast memberships
ftp - Internet file transfer program
wget - Non-interactive network downloader
ssh - OpenSSH SSH client (remote login program)

We'll proceed under the assumption of some familiarity with networking concepts. In today's digital era, a foundational comprehension of networking is indispensable for anyone utilizing a computer. To maximize the benefits of this chapter, a level of familiarity with the following terms is recommended:

IP (Internet Protocol) address
Host and domain names
URI (Uniform Resource Identifier)

For additional insights into these terms, please refer to the "Further Reading" section below, featuring informative articles that delve into these concepts.

Note

Certain commands we'll discuss might necessitate the installation of extra packages from your distribution's repositories, contingent on your specific distribution. Additionally, executing some commands may call for superuser privileges.

Examining And Monitoring A Network

Even if you don't hold the system administrator role, exploring the network's performance and functionality can often be advantageous.

`ping`

At its core, the fundamental network command is ping. This command dispatches an ICMP ECHO_REQUEST packet to a designated host, prompting most network devices to respond. This interaction verifies the network connection's functionality.

Note

Most network devices, Linux hosts included, can be configured to disregard these packets. This action is typically taken for security purposes, obscuring a host from potential attackers to some extent. Additionally, it's common for firewalls to be set up to block ICMP traffic.

As an illustration, to test connectivity with linuxcommand.org, we can employ the ping command in this manner:

[me@linuxmachine ~]$ ping linuxcommand.org

Once initiated, ping consistently dispatches packets at a set interval (typically one second by default) until halted:

[me@linuxmachine ~]$ ping linuxcommand.org
PING linuxcommand.org (216.105.38.11) 56(84) bytes of data.
64 bytes from secureprojects.sourceforge.net (216.105.38.11): icmp_seq=1 ttl=53 time=286 ms
64 bytes from secureprojects.sourceforge.net (216.105.38.11): icmp_seq=2 ttl=53 time=311 ms
64 bytes from secureprojects.sourceforge.net (216.105.38.11): icmp_seq=3 ttl=53 time=333 ms
64 bytes from secureprojects.sourceforge.net (216.105.38.11): icmp_seq=4 ttl=53 time=278 ms
64 bytes from secureprojects.sourceforge.net (216.105.38.11): icmp_seq=5 ttl=53 time=346 ms
64 bytes from secureprojects.sourceforge.net (216.105.38.11): icmp_seq=6 ttl=53 time=279 ms
64 bytes from secureprojects.sourceforge.net (216.105.38.11): icmp_seq=7 ttl=53 time=331 ms
64 bytes from secureprojects.sourceforge.net (216.105.38.11): icmp_seq=8 ttl=53 time=310 ms
^C
--- linuxcommand.org ping statistics ---
8 packets transmitted, 8 received, 0% packet loss, time 7013ms
rtt min/avg/max/mdev = 278.067/309.134/346.449/24.602 ms

Following interruption (in this scenario, after the sixth packet) by pressing Ctrl-c, ping displays performance statistics. An optimally functioning network should display zero percent packet loss. A successful "ping" indicates that the network components—interface cards, cabling, routing, and gateways—are functioning well overall.

`traceroute`

The traceroute program (on some systems, the tracepath program may be used instead) generates a list of all the "hops" that network traffic traverses from the local system to a designated host. To visualize the route taken to reach slashdot.org, one would execute the following command:

[me@linuxmachine ~]$ traceroute slashdot.org

The output looks like this:

traceroute to slashdot.org (172.64.151.192), 64 hops max
  1   192.168.1.1  2.297ms  1.626ms  1.780ms 
  2   223.177.143.255  3.503ms  4.052ms  3.264ms 
  3   122.186.81.177  4.070ms  3.085ms  3.893ms 
  4   182.79.154.83  5.932ms  5.627ms  5.293ms 
  5   182.79.161.213  35.128ms  14.300ms  19.016ms 
  6   172.64.151.192  5.268ms  5.627ms  5.330ms

The generated output illustrates that reaching slashdot.org from our test system involves passing through sixteen routers. Routers that disclose identifying information reveal their hostnames, IP addresses, and performance data, presenting three samples of round-trip time between the local system and each router. In instances where routers don't divulge details (due to router settings, network congestion, firewalls, etc.), asterisks appear, as seen in the line representing hop number 2.

`netstat`

netstat serves as a tool to inspect diverse network configurations and statistics. By leveraging its numerous options, we gain access to a multitude of network setup features. Employing the -ie option allows us to scrutinize the network interfaces within our system:

[me@linuxmachine ~]$ netstat -ie
Kernel Interface table
enp0s31f6: flags=4099<UP,BROADCAST,MULTICAST>  mtu 1500
        ether e8:80:88:57:8f:58  txqueuelen 1000  (Ethernet)
        RX packets 0  bytes 0 (0.0 B)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 0  bytes 0 (0.0 B)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0
        device interrupt 16  memory 0xae300000-ae320000  

lo: flags=73<UP,LOOPBACK,RUNNING>  mtu 65536
        inet 127.0.0.1  netmask 255.0.0.0
        inet6 ::1  prefixlen 128  scopeid 0x10<host>
        loop  txqueuelen 1000  (Local Loopback)
        RX packets 24103  bytes 2331761 (2.3 MB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 24103  bytes 2331761 (2.3 MB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

wlp0s20f3: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
        inet 192.168.1.4  netmask 255.255.255.0  broadcast 192.168.1.255
        inet6 fe80::2c39:c5a3:638f:ebdf  prefixlen 64  scopeid 0x20<link>
        inet6 2401:4900:1c65:744f:dc4d:722d:de44:5dec  prefixlen 64  scopeid 0x0<global>
        inet6 2401:4900:1c65:744f:efd8:ad73:666b:d669  prefixlen 64  scopeid 0x0<global>
        ether 3c:e9:f7:75:5e:e0  txqueuelen 1000  (Ethernet)
        RX packets 289165  bytes 244746429 (244.7 MB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 179629  bytes 38504485 (38.5 MB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

In the example provided above, our test system showcases two network interfaces. The initial one, named enp0s31f6, functions as the WiFi interface, while the second, known as lo, represents the loopback interface—a virtual interface employed by the system for internal communication.

When conducting basic network diagnostics, it's essential to note the presence of the term "UP" at the outset of the fourth line for each interface, signaling that the network interface is activated. Additionally, verifying a valid IP address in the inet addr field on the second line is crucial. For systems utilizing DHCP (Dynamic Host Configuration Protocol), a valid IP address in this field confirms the DHCP functionality.

Utilizing the -r option enables the display of the kernel's network routing table. This table illustrates the configuration for routing packets between different networks:

[me@linuxmachine ~]$ netstat -r
Kernel IP routing table
Destination     Gateway         Genmask         Flags   MSS Window  irtt Iface
default         dsldevice.lan   0.0.0.0         UG        0 0          0 wlp0s20f3
link-local      0.0.0.0         255.255.0.0     U         0 0          0 wlp0s20f3
192.168.1.0     0.0.0.0         255.255.255.0   U         0 0          0 wlp0s20f3

In this straightforward example, we observe a standard routing table typical for a client machine situated within a LAN (Local Area Network) and shielded by a firewall/router. The initial line in the listing represents the destination 192.168.1.0. IP addresses ending in zero denote networks, encompassing multiple hosts rather than individual ones, signifying any host within the LAN. The subsequent field, Gateway, identifies the gateway (router) utilized to access the destination network from the current host. An asterisk in this field signifies that no gateway is required.

The concluding line features the destination default, applicable to any traffic directed towards a network not explicitly listed in the table. In our instance, the defined gateway is a router bearing the address 192.168.1.1, presumably responsible for managing the traffic destined for the specified destination.

While netstat offers numerous options, our exploration has covered only a few. Refer to the netstat manual page for a comprehensive list of available functionalities.

Transporting Files Over A Network

What purpose does a network serve if we can't efficiently transfer files across it? Numerous programs specialize in moving data over networks. Presently, we'll delve into two of these programs, with several more to be explored in subsequent sections.

`ftp`

One of the revered "classic" programs, ftp derives its name from the File Transfer Protocol it operates on. Widely used across the Internet for file downloads, fpt enjoys support from most—if not all—web browsers, often identified by URIs starting with the ftp:// protocol. Before the era of web browsers, the ftp program reigned supreme. It facilitates communication with fpt servers, machines housing files available for upload and download over a network.

The original version of ftp lacks security measures, transmitting account names and passwords in plain text, making them susceptible to interception by anyone monitoring the network. Consequently, the vast majority of Internet-based ftp operations occur through anonymous FTP servers. An anonymous server permits login using the username "anonymous" and a meaningless password.

In the example below, we demonstrate a standard session using the ftp program to download a readme.txt file stored at /pub/example/readme.txt in a demo FTP server named test.rebex.net:

[me@linuxmachine ~]$ ftp test.rebex.net
Connected to test.rebex.net.
220 Rebex FTP Server ready.
Name (test.rebex.net:dev): demo
331 Password required for 'demo'.
Password: 
230 User 'demo' logged in.
Remote system type is Win32NT.
ftp> ls
229 Entering Extended Passive Mode (|||1041|)
125 Data connection already open; starting 'BINARY' transfer.
drwx------ 2 demo users          0 Mar 31  2023 pub
-rw------- 1 demo users        379 Sep 19 13:12 readme.txt
226 Transfer complete.
ftp> cd pub
250 Directory changed to "/pub".
ftp> ls
229 Entering Extended Passive Mode (|||1046|)
125 Data connection already open; starting 'BINARY' transfer.
drwx------ 2 demo users          0 Mar 31  2023 example
226 Transfer complete.
ftp> cd example
250 Directory changed to "/pub/example".
ftp> ls
229 Entering Extended Passive Mode (|||1034|)
125 Data connection already open; starting 'BINARY' transfer.
-r-------- 1 demo users      19156 Feb 16  2007 imap-console-client.png
-rw------- 1 demo users      36672 Mar 19  2007 KeyGenerator.png
-rw------- 1 demo users      24029 Mar 19  2007 KeyGeneratorSmall.png
-r-------- 1 demo users      16471 Feb 16  2007 mail-editor.png
-r-------- 1 demo users      35414 Feb 16  2007 mail-send-winforms.png
-r-------- 1 demo users      49011 Feb 16  2007 mime-explorer.png
-rw------- 1 demo users      58024 Mar 19  2007 pocketftp.png
-rw------- 1 demo users      20197 Mar 19  2007 pocketftpSmall.png
-r-------- 1 demo users      20472 Feb 16  2007 pop3-browser.png
-r-------- 1 demo users      11205 Feb 16  2007 pop3-console-client.png
-rw------- 1 demo users        379 Sep 19 13:12 readme.txt
-rw------- 1 demo users      11546 Mar 19  2007 ResumableTransfer.png
-rw------- 1 demo users       2635 Mar 19  2007 winceclient.png
-rw------- 1 demo users       6146 Mar 19  2007 winceclientSmall.png
-rw------- 1 demo users      80000 Mar 19  2007 WinFormClient.png
-rw------- 1 demo users      17911 Mar 19  2007 WinFormClientSmall.png
226 Transfer complete.
ftp> lcd Desktop
Local directory now: /home/dev/Desktop
ftp> get readme.txt
local: readme.txt remote: readme.txt
229 Entering Extended Passive Mode (|||1046|)
125 Data connection already open; starting 'BINARY' transfer.
100% |***********************************|   379        4.25 MiB/s    00:00 ETA
226 Transfer complete.
379 bytes received in 00:00 (1.47 KiB/s)
ftp> bye
221 Closing session.

Here is an explanation of the commands entered during this session:

Command

Meaning

ftp test.rebex.net

Invoke the ftp program and have it connect to the FTP server test.rebex.net.

demo

Login name. After the login prompt, a password prompt will appear. Some servers will accept a blank password, others will require a password in the form of an email address. In that case, try something like “[email protected]”.

cd pub

cd example

Change to the directory on the remote system containing the desired file. Note that on most anonymous FTP servers, the files for public downloading are found somewhere under the pub directory.

ls

List the directory on the remote system.

lcd Desktop

Change the directory on the local system to ~/Desktop. In the example, the ftp program was invoked when the working directory was ~. This command changes the working directory to ~/Desktop.

get readme.txt

Tell the remote system to transfer the file readme.txt to the local system. Since the working directory on the local system was changed to ~/Desktop, the file will be downloaded there.

bye

Log off the remote server and end the ftp program session. The commands quit and exit may also be used.

Entering "help" at the "ftp>" prompt reveals a roster of available commands supported by FTP. When using ftp on a server with adequate permissions granted, it becomes feasible to execute numerous standard file management actions. Although slightly cumbersome, it remains a functional method.

`lftp` – A Better `ftp`

ftp isn't the sole command-line ftp client available. In reality, there are numerous alternatives. Among the more renowned and widely used options is lftp, developed by Alexander Lukyanov. It operates similarly to the traditional ftp program but offers a multitude of added convenience features. These include support for multiple protocols (including HTTP), automatic retries for failed downloads, background processes, tab completion for path names, and an array of other functionalities.

`wget`

An additional widely-used command-line tool for downloading files is wget. It proves beneficial for retrieving content from web and ftp sites. It facilitates the download of individual files, multiple files, and even entire websites. For instance, to download the initial page of linuxcommand.org, one could execute the following command:

[me@linuxmachine ~]$ wget http://linuxcommand.org/index.php
--2023-12-22 23:32:26--  http://linuxcommand.org/index.php
Resolving linuxcommand.org (linuxcommand.org)... 216.105.38.11
Connecting to linuxcommand.org (linuxcommand.org)|216.105.38.11|:80... connected.
HTTP request sent, awaiting response... 200 OK
Length: 3929 (3.8K) [text/html]
Saving to: ‘index.php’

index.php           100%[===================>]   3.84K  --.-KB/s    in 0s      

2023-12-22 23:32:27 (131 MB/s) - ‘index.php’ saved [3929/3929]

With its diverse array of options, wget can perform recursive downloads, download files in the background (permitting ongoing downloads even after logging off), and resume downloads of partially completed files. These capabilities are comprehensively detailed in its superior-quality manual page.

Secure Communication With Remote Hosts

For an extensive period, Unix-like operating systems have offered remote administration capabilities over networks. In earlier times, prior to the widespread usage of the Internet, a couple of prevalent programs were employed for remote host logins: rlogin and telnet. However, these programs share a critical vulnerability akin to the ftp program; they transmit all communications, including login credentials, in plain text. Consequently, in the Internet era, they are deemed entirely unsuitable for use.

`ssh`

To tackle this challenge, a new protocol known as SSH (Secure Shell) was developed. SSH effectively resolves two fundamental issues surrounding secure communication with a remote host. Firstly, it authenticates the legitimacy of the remote host, thwarting potential "man-in-the-middle" attacks. Secondly, it encrypts all communications exchanged between the local and remote hosts.

SSH comprises two components. An SSH server operates on the remote host, actively listening for incoming connections on port 22. Concurrently, an SSH client is employed on the local system to establish communication with the remote server.

Most Linux distributions include an implementation of SSH called OpenSSH, originating from the OpenBSD project. Certain distributions, like Red Hat, package both the client and server by default, whereas others, such as Ubuntu, solely provide the client. To enable a system to accept remote connections, the OpenSSH-server package must be installed, configured, and running. Additionally, if the system is active or protected by a firewall, it must permit incoming network connections on TCP port 22.

Tip

If you lack a remote system for connecting but wish to experiment with these examples, ensure the OpenSSH-server package is installed on your system. Then, employ "localhost" as the name of the remote host. This approach enables your machine to establish network connections internally, interacting with itself.

The SSH client program utilized for connecting to remote SSH servers is appropriately named ssh. To establish a connection with a remote host named remote-sys, the ssh client program is employed in the following manner:

[me@linuxmachine ~]$ ssh remote-sys
The authenticity of host 'remote-sys (192.168.1.4)' can't be
established.
RSA key fingerprint is
41:ed:7a:df:23:19:bf:3c:a5:17:bc:61:b3:7f:d9:bb.
Are you sure you want to continue connecting (yes/no)?

During the initial connection attempt, a message appears, signaling that the authenticity of the remote host is yet to be established. This occurs as the client program encounters the remote host for the first time. To acknowledge and accept the remote host's credentials, simply input "yes" when prompted. Following this, the user is prompted to enter his/her password once the connection is established:

Warning: Permanently added 'remote-sys,192.168.1.4' (RSA) to the list
of known hosts.
me@remote-sys's password:

Upon successful entry of the password, the shell prompt from the remote system is displayed:

Last login: Sat Aug 30 13:00:48 2008
[me@remote-sys ~]$

The remote shell session persists until the user enters the exit command at the remote shell prompt, thereby concluding the remote connection. Subsequently, the local shell session resumes, and the local shell prompt becomes visible once more.

Moreover, connecting to remote systems with an alternative username is feasible. For instance, if the local user me possesses an account named bob on a remote system, user me could access the bob account on the remote system using the following method:

[me@linuxmachine ~]$ ssh bob@remote-sys
bob@remote-sys's password:
Last login: Sat Aug 30 13:03:21 2008
[bob@remote-sys ~]$

As mentioned earlier, ssh authenticates the remote host's legitimacy. If the remote host fails to authenticate successfully, the following message emerges:

[me@linuxmachine ~]$ ssh remote-sys
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@ WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED! @
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY!
Someone could be eavesdropping on you right now (man-in-the-middle
attack)!
It is also possible that the RSA host key has just been changed.
The fingerprint for the RSA key sent by the remote host is
41:ed:7a:df:23:19:bf:3c:a5:17:bc:61:b3:7f:d9:bb.
Please contact your system administrator.
Add correct host key in /home/me/.ssh/known_hosts to get rid of this
message.
Offending key in /home/me/.ssh/known_hosts:1
RSA host key for remote-sys has changed and you have requested strict
checking.
Host key verification failed.

This message stems from one of two potential scenarios. Firstly, it could indicate an attempted "man-in-the-middle" attack, although this occurrence is rare considering ssh's notification system. The more probable cause is a change in the remote system, such as a reinstallation of its operating system or SSH server. However, for the sake of security, the possibility of a security breach should not be dismissed outright. It's advisable to consult the remote system's administrator whenever encountering this message.

Once it's established that the message is due to a benign cause, it becomes safe to rectify the issue on the client side. This can be accomplished by using a text editor (such as vim) to remove the outdated key from the ~/.ssh/known_hosts file. Referencing the example message above, this action appears as follows:

Offending key in /home/me/.ssh/known_hosts:1

This indicates that the first line within the known_hosts file holds the problematic key. Removing this line from the file will enable the ssh program to accept fresh authentication credentials from the remote system.

Apart from establishing a shell session on a remote system, ssh also enables the execution of a singular command on a remote system. For instance, to execute the free command on a remote host named remote-sys and exhibit the results on the local system:

[me@linuxmachine ~]$ ssh remote-sys free
me@twin4's password:
             total     used     free     shared     buffers     cached
Mem:         775536    507184   268352   0          110068      154596
-/+ buffers/cache:     242520   533016
Swap:       1572856    0        1572856
[me@linuxmachine ~]$

This technique can be employed in more intriguing ways, as demonstrated in this example where we execute an ls command on the remote system and redirect the output to a file on the local system:

[me@linuxmachine ~]$ ssh remote-sys 'ls *' > dirlist.txt
me@twin4's password:
[me@linuxmachine ~]$

Observe the utilization of single quotes in the aforementioned command. This is deliberate to prevent pathname expansion from occurring on the local machine; instead, it directs the operation to be performed on the remote system. Similarly, if our intention were to redirect the output to a file on the remote machine, we could enclose the redirection operator and filename within the single quotes:

[me@linuxmachine ~]$ ssh remote-sys 'ls * > dirlist.txt'

Tunneling With SSH

When establishing an SSH connection with a remote host, an encrypted tunnel is established between the local and remote systems. Ordinarily, this tunnel securely transmits commands typed on the local system to the remote system and returns the results safely. Beyond this fundamental functionality, the SSH protocol permits various types of network traffic to traverse the encrypted tunnel, effectively creating a kind of VPN (Virtual Private Network) linking the local and remote systems.

One prevalent use of this feature is enabling the transmission of X Window system traffic. On a system operating an X server (i.e., a machine displaying a GUI), it's feasible to initiate and operate an X client program (a graphical application) on a remote system and have its graphical display visible on the local system. Executing this is straightforward; consider the following example: Suppose we're situated at a Linux system named linuxmachine, running an X server, and desiring to execute the xload program on a remote system named remote-sys while viewing its graphical output locally. This can be achieved as follows:

[me@linuxbox ~]$ ssh -X remote-sys
me@remote-sys's password:
Last login: Mon Sep 08 13:23:11 2008
[me@remote-sys ~]$ xload

Upon executing the xload command on the remote system, its window materializes on the local system. On certain systems, you might need to employ the -Y option rather than the -X option for this functionality.

`scp` And `sftp`

The OpenSSH package incorporates two programs leveraging an SSH-encrypted tunnel to transfer files across the network. The first, scp (secure copy), functions akin to the well-known cp program for file copying. Notably, the source or destination pathnames can precede the name of a remote host, followed by a colon character. For instance, to copy a document named document.txt from our home directory on the remote system, remote-sys, to the present working directory on our local system, the procedure is as follows:

[me@linuxmachine ~]$ scp remote-sys:document.txt .
me@remote-sys's password:
document.txt 100% 5581 5.5KB/s 00:00
[me@linuxmachine ~]$

Similar to ssh, you can prepend a username to the remote host's name if the account name on the remote host differs from that on the local system:

[me@linuxmachine ~]$ scp bob@remote-sys:document.txt .

The other SSH file-copying tool is sftp, serving as a secure substitute for the traditional ftp program. sftp operates similarly to the initial ftp program; however, instead of transmitting data in plaintext, it utilizes an SSH encrypted tunnel. Notably, sftp offers a significant advantage over standard ftp—it doesn't mandate an FTP server to be operational on the remote host. All it necessitates is the presence of an SSH server. Consequently, any remote machine capable of connecting via the SSH client can also serve as an FTP-like server. Here's an example session:

[me@linuxmachine ~]$ sftp remote-sys
Connecting to remote-sys...
me@remote-sys's password:
sftp> ls
ubuntu-8.04-desktop-i386.iso
sftp> lcd Desktop
sftp> get ubuntu-8.04-desktop-i386.iso
Fetching /home/me/ubuntu-8.04-desktop-i386.iso to ubuntu-8.04-
desktop-i386.iso
/home/me/ubuntu-8.04-desktop-i386.iso 100% 699MB 7.4MB/s 01:35
sftp> bye

Tip

Numerous graphical file managers in Linux distributions offer support for the SFTP protocol. Utilizing file managers like Nautilus (GNOME) or Konqueror (KDE), users can input a URI starting with sftp:// in the location bar to manage files stored on a remote system running an SSH server.

Summary

Throughout this chapter, we've explored the array of networking tools commonly available on Linux systems. Given Linux's extensive use in servers and networking devices, numerous additional tools can be incorporated by installing extra software. However, even with the foundational set of tools, users can accomplish a multitude of valuable network-related tasks.

PreviousStorage Media NextSearching For Files

Last updated 1 year ago

Note

Examining And Monitoring A Network

ping

Note

traceroute

netstat

Transporting Files Over A Network

ftp

lftp – A Better ftp

wget

Secure Communication With Remote Hosts

ssh

Tip

Tunneling With SSH

scp And sftp

Tip

Summary

`ping`

`traceroute`

`netstat`

`ftp`

`lftp` – A Better `ftp`

`wget`

`ssh`

`scp` And `sftp`