1, display the routing table
$netstat -r
$route –n
$ip route show
$ ip addr show
2, display interface
$netstat -i
ifconfig for detailed interface information, root previledge might be needed
3, display connections
$netstat -ta
4. display listening server sockets
$netstat -l

ethtool example:

# sudo ethtool eth0
Settings for eth0:
Supported ports: [ TP ]
Supported link modes: 1000baseT/Full
Supported pause frame use: No
Supports auto-negotiation: No
Advertised link modes: Not reported
Advertised pause frame use: No
Advertised auto-negotiation: No
Speed: 10000Mb/s
Duplex: Full
Port: Twisted Pair
Transceiver: internal
Auto-negotiation: off
MDI-X: Unknown
Supports Wake-on: uag
Wake-on: d
Link detected: yes


nmap -sp 192.178.1.*
tcp syn 1-1000 port number
tcp syn, protocol number, operation version, operation system
nmap -sS -p0 -sV -o
quick scanning
nmap -T5
tcp connect scan for only port 80
nmap -sT -p80
to use faked source ip address and reall src ip together
nmap -sS -D (faked src add)
scan only the first 100 ports instead of 1000 ports
nmap -F -exclude
do ping first, if get response, then go to scap 1000 port
nmap -Pn
scap ipv6 address
nmap -6 ipv6 address
nmap -iflist
to scan the 20 most popular ports
nmap –top-ports 20
run nmap with script
nmap –script=default
nmap -script -help to find all script that can be used
enable all advanced/aggressive scan
nmap -A -T5