Networking and the Shell

Basics - IP Addresses (v4)

(I'm skipping IPv6, which
1- makes much more sense but
2 - also still isn't widely enough used to be an issue.

IP

A 4 part

2 digit Hexadecimal number

BUT

usually expressed in decimal, aka 0-255

0.0.0.0 - 255.255.255.255

IP

That's a lot!
and also
Not enough!

There's more than one network...

So we use Network Address Translation.
Where one EXTERNAL IP, can work for
MULTIPLE INTERNAL IPs
Like your router!

Reserved "home" address blocks

eg:

127.0.0.1 – home (similar are "local")
192.168.*.* - “local (possibly VPN)”
10.*.*.* - “local or VPN”

LAN, WAN, ... MAN?

LAN - Local area network
WAN - Wide area network
MAN?- Metropolitan area network

(aka lol, your neighborhood has to share a router)

VPN?

<deep breath> yes. The phrase lately means two related, but often different things:

1) Virtual Private Network.
Just as it sounds. Imagine a set of networked computers, but spread out across the internet. Traffic is encrypted and tunneled so it’s as if all the computers are together in an enclosed place....

VPN?

They could all access the net independently – or you could FORCE all traffic through a central location, for reasons.

..like monitoring – or

2) to OBSCURE the source for anonymity.
This is usually what is meant by that service you buy. Really, they should just call these what they are: “proxies”

So your router..

Sits in the middle and does the work of ..routing.
Even though the whole house address is 200.200.200.200
"The laptop (192.168.0.4) wants google.com (142.250.64.142)"
"But the desktop (192.168.06) wants Roblox" ...etc.

As we will see:

This explains why the INTERNAL command and
the EXTERNAL command to get your IP address may be different.

EG:

INTERNAL: "ifconfig" or "ip link"
EXTERNAL: e.g. "curl icanhazip.com"*
Note how the second one is reaching out to an external website..

What about names?

Two important concepts:
INTERNAL: Hosts file
EXTERNAL: The DNS system.

Names

You can just make up your own. Eg
/etc/hosts.

(easy way to adblock, e.g.)
0.0.0.0 annoyingads.com

DNS

Basically, a network of "phonebooks"

Go to google.com
DNS lookup happens, either locally cached or pick a web server 2.2.2.2 (that's real!)

Domain names vs. Hosting

This is why "hosting" and "domain names" can be different paid services.
Buying a Domain is just "controlling the name, eg. jrm4.com"
— where you just tell, e.g. namecheap, where that name should point to...

Hosting

Hosting - a computer (possibly virtual) on the internet

Paid hosting / VPS / Cloud Services

This is what you likely want for anything that
MUST be up all the time.

I pay for this for jrm4.com

Again, this is the literal "somebody elses computer"

Ports

Ports are to IP addresses, roughly, what extensions are to telephone numbers.
Well known defaults (often not specified)

21 – FTP		6888+ - Bittorrent
22 – SSH		655 – VPN
80 – Web/HTTP
443 – Web/HTTPS			BUT – you can usually redefine these
8080 – other web stuff 		however you want, depending.
5900 - VNC

COMBINE EVERYTHING FROM ABOVE:

Ifconfig vs. whatismyip.com will give you different addresses.
The LATTER is the ip address to the “world”
Use NAT / Port Forwarding to get to the “right” computer.
(Remember, your router is just another computer, it ALSO has an IP)
Usually, have entries like the following:

SERVICE NAME 	STARTPORT	ENDPORT	  IP ADDRESS
HTTP		443		443	  192.168.1.4
bittorrent	6888		6888      192.168.1.8
faceblaster7	7777		7777      192.168.1.20

Seriously, this can be a pain

As in, what if I want to HOST something from my house?

It must *find your IP address*

Either
PAY FOR/HAVE A PERMANENT ADDRESS
or
DEAL WITH AN IMPERMANENT ONE

Home hosting

Pay for a permanent IP address.

(and optionally attach a domain to it)

Home hosting

Deal with an IMPERMANENT IP ADDRESS

Tell people, and hope it doesn't changes
Use a Dynamic IP Service
Short-term, use a third-party tool like ngrok

What I do for some things:

Reverse Proxy.

This is how you can have multiple sites/computers/urls

all at one IP address.

"Backend"

Telnet

Talking to a computer online; typing

(in the clear)

SSH - Secure SHell

Basically "telnet," but Encrypted (Keys, Passwords, or both)
Now, the de facto standard, and applies to a lot of ideas (but mostly 2 and a half)

1) The actual shell
2) A “Tunnel” through which to pipe
ANYTHING securely
2.5) FTP replacement

SSH

Standard way to connect from one computer to another

ssh username@remotemachine.com

Important options:

-p Port
- X (X forwarding?)
-L tunnel creation

Tunnel What?

Anything that can go through the net;

File Transfers
VNC
Skype etc.
Web Connections/Proxy
(Pretend you're on campus when you're not)

SCP

Just like CP, but remote.

scp username@host.com:/home/user/localfile /home/username/remotefolder

Many Linux file managers have this built in

SSH

You can set it to work WITHOUT PASSWORDS;

and it's SAFER.

Whoa.

(This is all about public and private keys)

You may try this on Torch...

but your final likely won't work here..