Network#

HTTP#

Command

Action

curl URL

GET

curl -I URL

HEAD (headers only)

curl -fsSL URL

fail-on-error, silent, show errors, follow redirects

curl -X POST -d '...' URL

POST form

curl -X POST -H 'content-type: application/json' -d '{"a":1}' URL

JSON

curl -u user:pass URL

basic auth

curl -H 'Authorization: Bearer TOKEN' URL

curl -o file URL

save to file

curl -O URL

save with remote filename

curl --resolve host:port:IP URL

override DNS for one request

curl -w '%{http_code} %{time_total}s\n' -o /dev/null -s URL

timing

curl --insecure URL

skip TLS verify (don’t in prod)

wget URL

alternative downloader

wget -mkEpnp URL

mirror site

HTTPie alternative:

$ http GET https://api.example.com/users/1
$ http POST https://api.example.com/users name=operator
$ http -A bearer -a TOKEN GET https://...

DNS#

Command

Action

getent hosts NAME

use system resolver (recommended)

dig NAME

detailed lookup

dig +short NAME

just answers

dig +short NAME AAAA

IPv6

dig NAME MX

mail

dig NAME TXT

TXT records

dig @8.8.8.8 NAME

specific server

dig +trace NAME

full delegation trace

dig -x 1.2.3.4

reverse DNS

host NAME

concise lookup

nslookup NAME

classic

resolvectl status

systemd-resolved view

resolvectl flush-caches

flush

Sockets and Ports#

Command

Action

ss -tulpn

listening TCP/UDP with PID

ss -ant

all TCP

ss -ant state established

ss -s

summary stats

netstat -tulpn

older equivalent

lsof -i :PORT

who has the port

lsof -nP -iTCP -sTCP:LISTEN listeners (numeric)

nc -zv host PORT

TCP probe

nc -u -zv host PORT

UDP probe

nc -l -p PORT

listen

nc host PORT

connect (chat)

Reachability#

Command

Action

ping -c 4 HOST

ping6 -c 4 HOST

traceroute HOST

mtr HOST

interactive trace + ping

tracepath HOST

no root needed

hping3 -S -p 443 HOST

SYN probe (root)

SSH#

Command

Action

ssh user@host

ssh -p 2222 user@host

ssh -i ~/.ssh/key user@host

ssh -L 5432:db:5432 user@host

local port forward

ssh -R 9000:localhost:9000 user@host

remote forward

ssh -D 1080 user@host

SOCKS proxy

ssh -A user@host

agent forwarding (use carefully)

ssh -o ProxyCommand="ssh bastion -W %h:%p" user@target

ssh-keygen -t ed25519 -C "comment"

new key

ssh-keygen -t ed25519-sk

hardware-backed key (FIDO2)

ssh-copy-id user@host

install pubkey

ssh-add -L

list agent keys

ssh-keyscan host

fetch host keys

Useful ~/.ssh/config:

Host bastion
  HostName bastion.example.com
  User operator

Host prod-*
  ProxyJump bastion
  User ops
  IdentityFile ~/.ssh/prod_ed25519
  ServerAliveInterval 60

File Transfer#

Command

Action

scp file user@host:/path

scp -r dir user@host:/path

scp user@host:/path .

pull

rsync -aP src/ user@host:/path/

incremental, progress

rsync -aP --delete src/ host:/path/ mirror

rsync -aPe ssh src/ host:/path/

explicit ssh

sftp user@host

interactive

TLS / Certificates#

Command

Action

openssl s_client -connect host:443 -servername host

openssl s_client -showcerts -connect host:443

openssl x509 -in cert.pem -noout -text

inspect cert

openssl x509 -in cert.pem -noout -dates

validity dates

openssl x509 -in cert.pem -noout -fingerprint -sha256

openssl crl2pkcs7 -nocrl -certfile cert.pem | openssl pkcs7 -print_certs

full chain

echo | openssl s_client -connect host:443 2>/dev/null | openssl x509 -noout -dates

testssl.sh host

script-based TLS audit

Packet Capture#

Command

Action

sudo tcpdump -i any port 443

sudo tcpdump -i any host 1.2.3.4 -w out.pcap

sudo tshark -i any -f 'port 53'

sudo tcpdump -nn -i any 'tcp[tcpflags] & (tcp-syn|tcp-ack) == tcp-syn'

Networking Tools by Distro#

  • ip (iproute2), modern; preferred over ifconfig.

  • ss, modern; preferred over netstat.

  • nmcli, NetworkManager CLI.

  • iw / iwctl, wireless.

  • firewall-cmd, firewalld (RHEL).

  • ufw, Uncomplicated Firewall (Ubuntu).

  • iptables / nft, low-level firewall rules.