Using the ss command to view active and established connections

on linux, networking, troubleshooting

The command known as ss which stands for socket statistics. It is used for listing listening and established connections and to find out which processes and users are associated with them. Finding all outbound connections to a particular port ss -t -o 'dport = :ssh' --resolve | awk '{print $4,$5,%6}' desktop:42444 websrv1:ssh timer:(keepalive,61min,0) desktop:58600 websrv1:ssh timer:(keepalive,36min,0) desktop:56194 virt1:ssh timer:(keepalive,117min,0) Finding all inbound connections to a particular listening port. Remembering that the local side is always on the left, we can see that .6…

read more...

Network basics: Link Local Addressing and 169.254.x.x

on networking basics, dhcp, home networking, troubleshooting, ipv4

What are those 169.254.x.x addresses all about? An look at IPv4 Link Local Addressing Earlier, we looked at DHCP. A familiar experience of troubleshooting networks is that when something breaks, Windows spends a while trying to connect, and eventually gives a seemingly meaningless address in the range of 169.254.xx.xx. Why does it do this? What are these addresses? Are they useful? The IANA (the international body that governs internet numbering and addressing) has reserved the range 169.254.0.0 - 169.254.255.255 as "link local address space". When Windows…

read more...