Avantguard Computer & Security Systems

Network Security

netstat / ss

# List all listening ports (TCP and UDP)
ss -tlunp
netstat -tlunp   # older systems

# Show established connections
ss -tp

# Show all connections
ss -anp

nmap

# Ping sweep (find live hosts)
nmap -sn 192.168.1.0/24

# Port scan
nmap -sS 192.168.1.100        # SYN scan
nmap -sT 192.168.1.100        # TCP connect scan
nmap -sU -p 53,161 host       # UDP scan

# OS detection
nmap -O 192.168.1.100

# Service/version detection
nmap -sV 192.168.1.100

# Full scan with scripts
nmap -A 192.168.1.100

# Scan specific ports
nmap -p 22,80,443 192.168.1.0/24

# Output to file
nmap -oN output.txt 192.168.1.0/24

iptables

# List rules
iptables -L -v -n
iptables -L -v -n --line-numbers

# Allow established/related connections
iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT

# Allow SSH
iptables -A INPUT -p tcp --dport 22 -j ACCEPT

# Allow HTTP/HTTPS
iptables -A INPUT -p tcp --dport 80 -j ACCEPT
iptables -A INPUT -p tcp --dport 443 -j ACCEPT

# Drop everything else (put last)
iptables -A INPUT -j DROP

# Delete a rule
iptables -D INPUT -p tcp --dport 80 -j ACCEPT

# Save rules
iptables-save > /etc/iptables/rules.v4
iptables-restore < /etc/iptables/rules.v4

# Flush all rules
iptables -F
iptables -X
iptables -Z

fail2ban

# Install
apt install fail2ban

# Status
fail2ban-client status
fail2ban-client status sshd

# Ban an IP manually
fail2ban-client set sshd banip 1.2.3.4

# Unban an IP
fail2ban-client set sshd unbanip 1.2.3.4