Networking and the Shell
Basics - IP Addresses (v4)
(I'm skipping IPv6, which
1- makes much more sense but
2 - also still isn't widely enough used to be an issue.
IP
A 4 part
- 2 digit Hexadecimal number
- usually expressed in decimal, aka 0-255
IP
That's a lot!
and also
Not enough!
There's more than one network...
So we use Network Address Translation.
Where one EXTERNAL IP, can work for
MULTIPLE INTERNAL IPs
Like your router!
Reserved "home" address blocks
eg:
- 127.0.0.1 – home (similar are "local")
- 192.168.*.* - “local (possibly VPN)”
- 10.*.*.* - “local or VPN”
So your router..
Sits in the middle and does the work of ..routing.
Even though the whole house address is 200.200.200.200
"The laptop (192.168.0.4) wants google.com (142.250.64.142)"
"But the desktop (192.168.06) wants Roblox" ...etc.
As we will see:
This explains why the INTERNAL command and
the EXTERNAL command to get your IP address may be different.
EG:
INTERNAL: "ifconfig" or "ip link"
EXTERNAL: e.g. "curl icanhazip.com"*
Note how the second one is reaching out to an external website..
What about names?
Two important concepts:
INTERNAL: Hosts file
EXTERNAL: The DNS system.
Names
You can just make up your own. Eg
/etc/hosts.
(easy way to adblock, e.g.)
0.0.0.0 annoyingads.com
DNS
Basically, a network of "phonebooks"
- Go to google.com
- DNS lookup happens, either locally cached or pick a web server 2.2.2.2 (that's real!)
Ports
Ports are to IP addresses, roughly, what extensions are to telephone numbers.
Well known defaults (often not specified)
21 – FTP 6888+ - Bittorrent
22 – SSH 655 – VPN
80 – Web/HTTP
443 – Web/HTTPS BUT – you can usually redefine these
8080 – other web stuff however you want, depending.
5900 - VNC
COMBINE EVERYTHING FROM ABOVE:
Ifconfig vs. whatismyip.com will give you different addresses.
The LATTER is the ip address to the “world”
Use NAT / Port Forwarding to get to the “right” computer.
(Remember, your router is just another computer, it ALSO has an IP)
Usually, have entries like the following:
SERVICE NAME STARTPORT ENDPORT IP ADDRESS
HTTP 80 80 192.168.1.4
bittorrent 6888 6888 192.168.1.8
faceblaster7 7777 7777 192.168.1.20
"Backend"
Telnet
Talking to a computer online; typing
(in the clear)
SSH - Secure SHell
Basically "telnet," but Encrypted (Keys, Passwords, or both)
Now, the de facto standard, and applies to a lot of ideas (but mostly 2 and a half)
- 1) The actual shell
- 2) A “Tunnel” through which to pipe
- ANYTHING securely
- 2.5) FTP replacement
SSH
Standard way to connect from one computer to another
ssh username@remotemachine.com
- Important options:
- X (X forwarding?)
-L tunnel creation
Tunnel What?
Anything that can go through the net;
- File Transfers
- VNC
- Skype etc.
- Web Connections/Proxy
- (Pretend you're on campus when you're not)
SCP
Just like CP, but remote.
scp username@host.com:/home/user/localfile /home/username/remotefolder
Many Linux file managers have this built in
SSH
You can set it to work WITHOUT PASSWORDS;
and it's SAFER.
Whoa.
(This is all about public and private keys) a detour
Hey, this sounds like a VPN?
<deep breath> yes. The phrase lately means two related, but often different things:
1) Virtual Private Network.
Just as it sounds. Imagine a set of networked computers, but spread out across the internet. Traffic is encrypted and tunneled so it’s as if all the computers are together in an enclosed place....
VPN?
They could all access the net independently – or you could FORCE all traffic through a central location, for reasons.
..like monitoring – or
2) to OBSCURE the source for anonymity.
This is usually what is meant by that service you buy. Really, they should just call these what they are: “proxies”