Network Utilities

To realize the full benefits of a networked environment, it made sense to extend certain tools, some of which have already been described. Networks also created a need for new utilities to control and monitor them, leading to ideas for new tools that took advantage of network speed and connectivity. This section describes concepts and utilities for systems attached to a network.

Trusted Hosts

Some commands, including rcp and rsh, work only if the remote system trusts your local computer (that is, the remote system knows your local computer and believes that it is not pretending to be another system). The /etc/hosts.equiv file lists trusted systems. For reasons of security, the Superuser account does not rely on this file to identify trusted Superusers from other systems.

Host-based trust is largely obsolete. Because there are many ways to subvert trusted host security, including subverting DNS systems and IP spoofing (page 938), authentication based on IP address is widely regarded as insecure and obsolete. In a small homogeneous network of machines with local DNS control, it can be "good enough." The ease of use in these situations may outweigh the security concerns. By default Mac OS X does not enable the services used by the insecure tools.

Security: Do not share your login account

You can use a .rhosts file to allow another user to log in as you from a remote system without knowing your password. This setup is not recommended. Do not compromise the security of your files or the entire system by sharing your login account. Use ssh and scp instead of rsh and rcp whenever possible.

OpenSSH Tools

The OpenSSH project provides a set of tools that replace rcp, rsh, and others with secure equivalents. These tools are installed by default and can be used as drop-in replacements for their insecure counterparts. Refer to scp (page 832) and ssh (page 847) for more information.

telnet: Logs In on a Remote System

You can use the TELNET protocol to interact with a remote computer. The telnet utility, a user interface to this protocol, is older than ssh and is not secure. Nevertheless, it may work where ssh is not available (there is more non-UNIX support for TELNET access than there is for ssh access). In addition, many legacy devices, such as terminal servers and network devices, do not support ssh.

[bravo]$ telnet kudos Trying 172.19.52.2... Connected to kudos.example.com Escape character is '^]'. Welcome to SuSE Linux 7.3 (i386) - Kernel 2.4.10-4GB (2). kudos login: watson Password: You have old mail in /var/mail/watson. Last login: Mon Feb 25 14:46:55 from bravo.example.com watson@kudos:~> ... watson@kudos:~> logout Connection closed by foreign host. [bravo]$ 

telnet versus ssh

When you connect to a remote UNIX system using telnet, you are presented with a regular, textual login: prompt. Unless you specify differently, the ssh utility assumes that your login name on the remote system matches that on the local system. Because telnet is designed to work with non-UNIX systems, it makes no such assumptions.

Security: telnet is not secure

Whenever you enter sensitive information, such as your password, while you are using telnet, it is transmitted in cleartext and can be read by someone who is listening in on the session.

Another difference between these two utilities is that telnet allows you to configure many special parameters, such as how RETURNs or interrupts are processed. When using telnet between two UNIX systems, you rarely need to change any parameters.

When you do not specify the name of a remote host on the command line, telnet runs in an interactive mode. The following example is equivalent to the previous telnet example:

[bravo]$ telnet telnet> open kudos Trying 172.19.52.2... Connected to kudos.example.com Escape character is '^]'. ... 

Before connecting you to a remote system, telnet tells you what the escape character is; in most cases, it is ^] (the ^ represents the CONTROL key). When you press CONTROL-], you escape to telnet's interactive mode. Continuing the preceding example:

[kudos]$ CONTROL-] telnet> ? 

(displays help information)

telnet> close Connection closed. [bravo]$ 

When you enter a question mark in response to the telnet> prompt, telnet lists its commands. The close command ends the current telnet session, returning you to the local system. To get out of telnet's interactive mode and resume communication with the remote system, press RETURN in response to a prompt.

You can use telnet to access special remote services at sites that have chosen to make such services available. However, many of these services, such as the U.S. Library of Congress Information System (LOCIS), have moved to the Web. As a consequence, you can now obtain the same information using a Web browser.

Using telnet to Connect to Other Ports

By default telnet connects to port 23, which is used for remote logins. However, you can use telnet to connect to other services by specifying a port number. In addition to standard services, many of the special remote services available on the Internet use unallocated port numbers. For example, you can access some multiplayer text games, called MUDs (Multi-User Dungeons, or Dimensions), using telnet to connect to a specified port, such as 4000 or 8888. Unlike the port numbers for standard protocols, these port numbers can be picked arbitrarily by the administrator of the game.

While telnet is no longer commonly employed to log in on remote systems, it is still used extensively as a debugging tool. This utility allows you to communicate directly with a TCP server. Some standard protocols are simple enough that an experienced user can debug problems by connecting to a remote service directly using telnet. For example, system administrators who are debugging problems with email delivery might use telnet to connect to the SMTP port (port 25) on a remote system. See page 870 for an example.

ftp: transfers Files over a Network

The File Transfer Protocol (FTP) is a method of downloading files from and uploading files to another system using TCP/IP over a network. FTP is not a secure protocol; use it only for downloading public information from a public server. Most Web browsers, including Safari, can download files from FTP servers directly.

ping: Tests a Network Connection

The ping^[15] utility (http://ftp.arl.mil/~mike/ping.html) sends an ECHO_REQUEST packet to a remote computer. This packet causes the remote system to send back a reply. This exchange is a quick way to verify that a remote system is available as well as to check how well the network is operating, such as how fast it is or whether it is dropping data packets. The ping utility uses the ICMP (Internet Control Message Protocol) protocol. Without any options, ping tests the connection once per second until you abort the execution with CONTROL-C.

^[15] The name ping mimics the sound of a sonar burst used by submarines to identify and communicate with each other. The word ping also expands to Packet Internet Groper.

$ ping tsx-11.mit.edu PING tsx-11.mit.edu (18.7.14.121): 56 data bytes 64 bytes from 18.7.14.121: icmp_seq=0 ttl=49 time=82.108 ms 64 bytes from 18.7.14.121: icmp_seq=1 ttl=49 time=66.111 ms 64 bytes from 18.7.14.121: icmp_seq=2 ttl=49 time=65.200 ms CONTROL-C --- tsx-11.mit.edu ping statistics --- 4 packets transmitted, 3 packets received, 25% packet loss round-trip min/avg/max/stddev = 65.200/71.140/82.108/7.765 ms 

This example shows that the remote system named tsx-11.mit.edu is up and available over the network. The lost packet resulted from interrupting the command.

By default ping sends packets containing 64 bytes (56 data bytes and 8 bytes of protocol header information). In the preceding example, four packets were sent to the system tsx-11.mit.edu before the user interrupted ping by pressing CONTROL-C. The four-part number on each line is the remote system's IP address. A packet sequence number (called icmp_seq) is also given. If a packet is dropped, a gap occurs in the sequence numbers. The round-trip time is listed last, in milliseconds; it represents the time that elapsed from when the packet was sent from the local system to the remote system until the reply from the remote system was received by the local system. This time is affected by the distance between the two systems, network traffic, and the load on both computers. Before it terminates, ping summarizes the results, indicating how many packets were sent and received as well as the minimum, average, maximum, and standard deviation of the round-trip times it measured. Use the ping6 utility to test IPv6 networks.

Tip: When ping cannot connect

If it is unable to contact the remote system, ping continues trying until you interrupt it with CONTROL-C. A system may not answer for any of several reasons: The remote computer may be down, the network interface or some part of the network between the systems may be broken, a software failure may have occurred, or the remote machine may be set up, for reasons of security, not to return pings (TRy pinging www.microsoft.com or www.ibm.com).

traceroute: TRaces a Route over the Internet

The TRaceroute utility, which is supplied with Mac OS X, traces the route that an IP packet follows, including all intermediary points traversed (called network hops), to its destination (the argument to traceroutean Internet host). It displays a numbered list of hostnames, if available, and IP addresses, together with the round-trip time it took for a packet to get to each router along the way and an acknowledgment to get back. You can put this information to good use when you are trying to identify the location of a network bottleneck.

The traceroute utility has no concept of the path from one host to the next; it simply sends out packets with increasing TTL (time to live) values. TTL is an IP header field that indicates how many more hops the packet should be allowed to make before being discarded or returned. In the case of a traceroute packet, the packet is returned by the host that has the packet when the TTL value is zero. The result is a list of hosts that the packet travels through to get to its destination.

The TRaceroute utility can help you solve routing configuration problems and locate routing path failures. When you cannot reach a host, use TRaceroute to see what path the packet follows, how far it gets, and what the delay is.

The next example is the output of traceroute following a route from a local computer to www.linux.org. The first line tells you the IP address of the target, the maximum number of hops that will be traced, and the size of the packets that will be used. Each numbered line contains the name and IP address of the intermediate destination, followed by the time it takes a packet to make a round-trip to that destination and back. The traceroute utility sends three packets to each destination; thus there are three times on each line. Line 1 shows the statistics when a packet is sent to the local gateway (less than 3 milliseconds). Lines 46 show it bouncing around Mountain View (California) before it goes to San Jose. Between hops 13 and 14 the packet travels across the United States (San Francisco to somewhere in the East). By hop 18 the packet has found www.linux.org. The traceroute utility displays asterisks when it does not receive a response. Each asterisk indicates that TRaceroute has waited three seconds. Use traceroute6 to test IPv6 networks.

$ traceroute www.linux.org traceroute to www.linux.org (198.182.196.56), 64 hops max, 40 byte packets  1  gw.localco.com. (204.94.139.65)  2.904 ms  2.425 ms  2.783 ms  2  covad-gw2.meer.net (209.157.140.1)  19.727 ms  23.287 ms  24.783 ms  3  gw-mv1.meer.net (140.174.164.1)  18.795 ms  24.973 ms  19.207 ms  4  d1-4-2.a02.mtvwca01.us.ra.verio.net (206.184.210.241)  59.091 ms d1-10-0-0-200.a03.        mtvwca01.us.ra.verio.net (206.86.28.5)  54.948 ms  39.485 ms  5  fa-11-0-0.a01.mtvwca01.us.ra.verio.net (206.184.188.1)  40.182 ms  44.405 ms 49.362 ms  6  p1-1-0-0.a09.mtvwca01.us.ra.verio.net (205.149.170.66)  78.688 ms  66.266 ms 28.003 ms  7  p1-12-0-0.a01.snjsca01.us.ra.verio.net (209.157.181.166) 32.424 ms 94.337 ms 54.946 ms  8  f4-1-0.sjc0.verio.net (129.250.31.81)  38.952 ms  63.111 ms  49.083 ms  9  sjc0.nuq0.verio.net (129.250.3.98)  45.031 ms  43.496 ms  44.925 ms 10  mae-west1.US.CRL.NET (198.32.136.10)  48.525 ms  66.296 ms  38.996 ms 11  t3-ames.3.sfo.us.crl.net (165.113.0.249)  138.808 ms  78.579 ms  68.699 ms 12  E0-CRL-SFO-02-E0X0.US.CRL.NET (165.113.55.2)  43.023 ms  51.910 ms  42.967 ms 13  sfo2-vva1.ATM.us.crl.net (165.113.0.254)  135.551 ms  154.606 ms  178.632 ms 14  mae-east-02.ix.ai.net (192.41.177.202)  158.351 ms  201.811 ms  204.560 ms 15  oc12-3-0-0.mae-east.ix.ai.net (205.134.161.2)  202.851 ms  155.667 ms  219.116 ms 16  border-ai.invlogic.com (205.134.175.254)  214.622 ms *  190.423 ms 17  router.invlogic.com (198.182.196.1)  224.378 ms  235.427 ms  228.856 ms 18  www.linux.org (198.182.196.56)  207.964 ms  178.683 ms 179.483 ms 

host and dig: Query Internet Nameservers

The host utility looks up an IP address given a name, or vice versa. The following example shows how to use host to look up the domain name of a machine, given an IP address:

$ host 140.174.164.2 2.164.174.140.in-addr.arpa domain name pointer ns.meer.net. 

You can also use host to determine the IP address of a domain name:

$ host ns.meer.net ns.meer.net has address 140.174.164.2 

The dig (domain information groper) utility queries DNS servers and individual machines for information about a domain. A powerful utility, dig has many features that you may never use. It is more complex than host.

whois: Looks Up Information About an Internet Site

The whois utility queries a whois server for information about an Internet site. This utility returns site contact and InterNIC or other registry information that can help you track down the person who is responsible for a site: Perhaps that person is sending you or your company spam (page 954). Many sites on the Internet are easier to use and faster than whois. Use a browser and search engine to search on whois or go to www.networksolutions.com/en_US/whois or www.ripe.net/perl/whois to get started.

When you search by name, whois may return more than one entry. In the following example, whois returns SOBELL.NET and SOBELL.COM when queried for sobell:

$ whois sobell Whois Server Version 1.3 Domain names in the .com, .net, and .org domains can now be registered with many different competing registrars. Go to http://www.internic.net for detailed information. SOBELL.NET SOBELL.COM To single out one record, look it up with "xxx", where xxx is one of the of the records displayed above. If the records are the same, look them up with "=xxx" to receive a full display for each record. >>> Last update of whois database: Fri, 21 Jan 2005 07:45:07 EST <<< ... The Registry database contains ONLY .COM, .NET, .ORG, .EDU domains and Registrars. 

When you do not specify a whois server and a hostname or IP address, as in the preceding example, whois defaults to whois.crsnic.net. When you specify a hostname or IP address, whois uses a more complicated algorithm, described in its man page, to try to find a whois server that can answer your query. Use the -h option to whois to specify a whois server.

To obtain information on a domain name, specify the complete domain name as in the following example:

$ Whois sobell.com Whois Server Version 1.3 Domain names in the .com and .net domains can now be registered with many different competing registrars. Go to http://www.internic.net for detailed information    Domain Name: SOBELL.COM    Registrar: GO DADDY SOFTWARE, INC.    Whois Server: whois.godaddy.com    Referral URL: http://registrar.godaddy.com    Name Server: NS.MEER.NET    Name Server: NS2.MEER.NET    Status: REGISTRAR-LOCK    Updated Date: 10-nov-2004    Creation Date: 07-apr-1995    Expiration Date: 08-apr-2013  >>> Last update of whois database: Tue, 21 Dec 2004 19:15:10 EST <<<  ...  Please note: the registrant of the domain name is specified  in the "registrant" field. In most cases, Go Daddy Software, Inc.  is not the registrant of domain names listed in this database.  Registrant:     Sobell Associates Inc     POBox 460068     San Francisco, California 94146-0068     United States     Registered through: GoDaddy.com     Domain Name: SOBELL.COM        Created on: 07-Apr-95        Expires on: 08-Apr-13        Last Updated on: 16-Jan-04     Administrative Contact:        Sobell, Mark  sobell@meer.net        Sobell Associates Inc        PO BOX 460068        SAN FRANCISCO, California 94146-0068        United States        9999999999     Fax -- 9999999999     Technical Contact:        ,  hostmaster@meer.net        meer.net        po box 390804        Mountain View, California 94039        United States        18888446337      Fax -- 18888446337     Domain servers in listed order:        NS.MEER.NET        NS2.MEER.NET 

Several top-level registries serve various regions of the world. You are most likely to use the following ones: