Linux / Unix Networking

Tutorials, news and howtos about Linux / Unix networking. It includes firewall, servers, services, remote access, security, servers and much more ( rss feed ).

On Linux, we encrypt our partitions and entire disk using Linux Unified Key Setup-on-disk-format (LUKS) for security and privacy reasons. We unlock LUKS protected disk by providing a passphrase at boot time. You need to be in front of your computer or use a remote console to open the encrypted disk under Linux at boot time. However, if your system is in the basement, remote datacenter/office, or upstairs office, you won’t able to unlock and boot your Linux box. We can use the Dropbear SSH server for LUKS encrypted Debian or Ubuntu or any other Linux distro via SSH to solve this problem. Let us see how to unlock LUKS using Dropbear SSH keys in Linux at boot time.
[continue reading…]


The last ten years in the computer and IT security world are crippled with so many vulnerabilities. We saw massive cloud computing adoption and end-users using mobile devices with high speed 4G LTE networks. A threat actor may have exploited such weakness in modern computers and networks. Let us look into top vulnerabilities and the attack surface in this decade (2010-2020) that affected Linux/Unix, macOS, IT, cloud-computing, and computers in general.
[continue reading…]

Let’s Encrypt is a non-profit certificate authority that provides X.509 certificates for Transport Layer Security (TLS) encryption free of cost. The TLS certificate is valid for 90 days only. However, Due to the bug, they need to revoke many (read as “certain”) Let’s Encrypt TLS/SSL certificates. Let us see how to find out if you are affected by this bug and how you can fix it to avoid any problems with your TLS/SSL certificates.
[continue reading…]

OpenBSD version 6.3 has been released. OpenBSD is demonstrating to be an excellent server operating system. Security is more critical now than ever before. OpenBSD leads the pack when it comes to security features. OpenBSD provides a very robust and trustworthy system that comes with the cutting-edge security feature. OpenBSD 6.3 continues to offer the “multi-platform, ultra-secure operating system” experience. The OpenBSD team releases a new version every six months.
[continue reading…]

I recently installed TomatoUSB advanced firmware on my Asus RT-AC66U wifi router. This router act as my wireless Ethernet bridge. TomatoUSB advanced has additional features like

  • SSH
  • Multiple WAN support (3G/4G/Static IP/Cable/ADSL2)
  • Tor
  • Virtual Wireless
  • DMZ
  • IPv6
  • FTP/Media server via USB
  • BiTorrent Client via USB
  • UPS support
  • OpenVPN client and server
  • Tinc VPN server and much more.

I also connected my 2 bay NAS to this server. Sometimes I need to wake up my NAS using WOL.
[continue reading…]

The nicstat command is top like utility for network interface card (NIC). It displays information and statistics about all your network card such as packets, kilobytes per second, average packet sizes and more. It works under Solaris and Linux operating systems.

In this post, I will explain how to install and use the nicstat command to find out stats about your NICs under Debian / Ubuntu / RHEL / CentOS Linux operating systems.
[continue reading…]

Nmap is short for Network Mapper. It is an open-source security tool for network exploration, security scanning, and auditing. However, the Nmap command comes with lots of options that can make the utility more robust and difficult to follow for new users. The purpose of this guide is to introduce a user to the Nmap command line tool to scan a host or network to find out the possible vulnerable points in the hosts. You will also learn how to use Nmap for offensive and defensive purposes. Let us see some common Nmap command examples running on Linux or Unix-like systems.
[continue reading…]

The HTTP 2xx class of status codes indicates the action requested by the client was received, and processed successfully. HTTP/1.1 200 OK is the standard response for successful HTTP requests. When you type www.cyberciti.biz in the browser you will get this status code. The HTTP/1.1 206 status code allows the client to grab only part of the resource by sending a range header. This is useful for:

  1. Understanding http headers and protocol.
  2. Troubleshooting network problems.
  3. Troubleshooting large download problems.
  4. Troubleshooting CDN and origin HTTP server problems.
  5. Test resuming interrupted downloads using tools like lftp or wget or telnet.
  6. Test and split a large file size into multiple simultaneous streams i.e. download a large file in parts.

[continue reading…]