Results 1 to 6 of 6

Thread: Troubleshooting - Internet/Network Access

  1. #1

    Troubleshooting - Internet/Network Access

    Table of Contents
    Stage 1. - Check IP address (ifconfig)
    Stage 2. - Check gateway (route -n)
    Stage 3. - Check DNS (cat /etc/resolv.conf)
    Stage 4. - Check network connectivity (ping google.com -c 4; traceroute google.com; curl ifconfig.me)
    Stage 5. - *Optional* Check proxy settings (echo $http_proxy)
    Stage 6. - *Optional* Check virtual machine network adapter (NAT? Bridged?)


    Code:
    ifconfig; route -n; cat /etc/resolv.conf; ping google.com -c 4; traceroute google.com; curl ifconfig.me; echo $http_proxy

    For basic networking commands, please see this post: https://forums.kali.org/showthread.p...ll=1#post32652




    Stage 1. - IP address
    To check our current IP address, we can use ifconfig. (or 'ip a' / 'ip link')
    Note: you may want to use the '-a' flag (ifconfig -a) to show all NICs (including the ones that are down). For more information, see here.
    Code:
    root@kali ~$ ifconfig eth0
    eth0      Link encap:Ethernet  HWaddr 00:0b:29:9b:c9:a3  
              inet addr:192.168.1.48  Bcast:192.168.1.255  Mask:255.255.255.0
              inet6 addr: fe81::21c:29aa:fe9c:b9a3/64 Scope:Link
              UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
              RX packets:293492 errors:0 dropped:0 overruns:0 frame:0
              TX packets:135760 errors:0 dropped:0 overruns:0 carrier:0
              collisions:0 txqueuelen:1000 
              RX bytes:431811848 (411.8 MiB)  TX bytes:7409937 (7.0 MiB)
              Interrupt:19 Base address:0x2000 
    
    root@kali ~$

    DHCP vs Static IP
    DHCP
    If there is a DHCP service running on the network, you will automatically be assigned a free available IP address from its IP pool. Depending on its configuration, you may also be assigned a gateway and/or DNS addresses too.

    To obtain an IP address from the DHCP service from eth0 (default wired NIC), we can do the following:
    Code:
    root@kali ~$ dhclient eth0
    root@kali ~$

    Static
    If you wish to manually control your IP address, we are able to use 'ifconfig' again to alter our IP address (and subnet).

    In this example we will alter it to '192.168.0.10', and then to '192.168.1.25' (with a /24 subnet).
    Note: This guide only covers IPv4. IPv6 is out of scope.
    Code:
    root@kali ~$ ifconfig eth0 192.168.0.10
    root@kali ~$ ifconfig eth0 192.168.1.25/24
    root@kali ~$ ifconfig eth0
    eth0      Link encap:Ethernet  HWaddr 00:0c:29:9c:b9:a3  
              inet addr:192.168.1.25  Bcast:192.168.1.255  Mask:255.255.255.0
              inet6 addr: fe80::20c:29ff:fe9c:b9a3/64 Scope:Link
              UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
              RX packets:294583 errors:0 dropped:0 overruns:0 frame:0
              TX packets:135793 errors:0 dropped:0 overruns:0 carrier:0
              collisions:0 txqueuelen:1000 
              RX bytes:431879127 (411.8 MiB)  TX bytes:7413464 (7.0 MiB)
              Interrupt:19 Base address:0x2000 
    
    root@kali ~$

    In both of the examples above (DHCP & static), these configurations are not persistent and may not be the same upon a restart.
    To change this, we can alter the '/etc/network/interfaces' file.
    First, lets create a backup.
    Code:
    root@kali ~$ cp -f /etc/network/interfaces{,.bak}
    root@kali ~$
    Afterwards you can use your favourite text editor (vim, emacs, nano... gedit, geany, leafpad) to alter the file.
    Code:
    root@kali ~$ vim /etc/network/interfaces
    If you want to use get an IP address from the DHCP on 'eth0', then correct the file to look like:
    auto eth0
    iface eth0 inet dhcp
    ...But if you would like for 'eth0' to use an static IP (and set the subnet to /24 & gateway to 192.168.1.1), then change the file to match:
    iface eth0 inet static
    address 192.168.1.25
    netmask 255.255.255.0
    gateway 192.168.1.1
    Last edited by g0tmi1k; 2014-03-27 at 04:07 PM.
    This is a Kali-Linux support forum - not general IT/infosec help.

    Useful Commands: OS, Networking, Hardware, Wi-Fi
    Troubleshooting: Kali-Linux Installation, Repository, Wi-Fi Cards (Official Docs)
    Hardware: Recommended 802.11 Wireless Cards

    Search: https://www.kali.org/search/
    Documentation: http://docs.kali.org/ (Offline PDF version)
    Bugs Reporting & Tool Requests: https://bugs.kali.org/
    Kali Tool List, Versions & Man Pages: http://tools.kali.org/

  2. #2
    Stage 2. - Gateway
    A network gateway is responsible for connecting two different networks together.
    If you're having issues accessing resources outside of your LAN subnet (e.g. WAN (the Internet), but LAN (local resources) is working), there is a good chance there is an issue with the gateway. Depending on if a DHCP service is used, as well as how it has been configured, it may push out a gateway address.

    You can view the current routing path (which is '192.168.1.2' on interface 'eth0') by doing:
    Code:
    root@kali ~$ route -n
    Kernel IP routing table
    Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
    0.0.0.0         192.168.1.2     0.0.0.0         UG    0      0        0 eth0
    192.168.1.0     0.0.0.0         255.255.255.0   U     0      0        0 eth0
    root@kali ~$
    If we wish to alter this to use '192.168.1.200' on 'eth0', we can issue the follow command:
    Code:
    root@kali ~$ route add default gw 192.168.1.200 eth0
    root@kali ~$ route -n
    Kernel IP routing table
    Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
    0.0.0.0         192.168.1.200   0.0.0.0         UG    0      0        0 eth0
    0.0.0.0         192.168.1.2     0.0.0.0         UG    0      0        0 eth0
    192.168.1.0     0.0.0.0         255.255.255.0   U     0      0        0 eth0
    root@kali ~$
    This will now try 192.168.1.200 first, if that isn't successful, it will move onto 192.168.1.2.
    If you wish to remove the option '192.168.1.2', you can remove it by doing:
    Code:
    root@kali ~$ route delete default gw 192.168.1.2 eth0
    root@kali ~$ route -n
    Kernel IP routing table
    Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
    0.0.0.0         192.168.1.200   0.0.0.0         UG    0      0        0 eth0
    192.168.1.0     0.0.0.0         255.255.255.0   U     0      0        0 eth0
    root@kali ~$
    Last edited by g0tmi1k; 2014-03-27 at 03:55 PM.
    This is a Kali-Linux support forum - not general IT/infosec help.

    Useful Commands: OS, Networking, Hardware, Wi-Fi
    Troubleshooting: Kali-Linux Installation, Repository, Wi-Fi Cards (Official Docs)
    Hardware: Recommended 802.11 Wireless Cards

    Search: https://www.kali.org/search/
    Documentation: http://docs.kali.org/ (Offline PDF version)
    Bugs Reporting & Tool Requests: https://bugs.kali.org/
    Kali Tool List, Versions & Man Pages: http://tools.kali.org/

  3. #3
    Stage 3. - DNS
    DNS
    Domain Name System (DNS) is what is used to lookup 'human readable' names (e.g. www.kali.org), into IP addresses (allowing for machines to understand the destination).
    In the example below we can see our DNS is pointed to '192.168.1.151'.
    Code:
    root@kali ~$ cat /etc/resolv.conf
    domain localdomain
    search localdomain
    nameserver 192.168.1.151
    root@kali ~$
    Note: This guide only covers nameserver. Domain & search is out of scope.

    Depending on if DHCP is used & how it is setup, it may push out DNS values.

    If we wish to alter them for any reason, first lets make a backup:
    Code:
    root@kali ~$ cp -f /etc/resolv.conf{,.bak}
    root@kali ~$
    Afterwards you can use your favourite text editor (vim, emacs, nano... gedit, geany, leafpad) to alter the file.
    Code:
    root@kali ~$ vim /etc/resolv.conf

    There are various freely available DNS providers, such as:
    OpenDNS:
    • 208.67.222.222
    • 208.67.220.220


    Google:
    • 8.8.8.8
    • 8.8.4.4




    Host file
    Before any DNS name service is queried, Kali-Linux checks the value in the 'hosts file' (/etc/hosts), to see if it contains any known value. If it finds a local value here, it will not query the first remote name server in /etc/resolv.conf.
    Code:
    root@kali ~$ cat /etc/hosts
    127.0.0.1	localhost
    127.0.1.1	kali
    
    # The following lines are desirable for IPv6 capable hosts
    ::1     localhost ip6-localhost ip6-loopback
    ff02::1 ip6-allnodes
    ff02::2 ip6-allrouters
    root@kali ~$
    Note: The format is <ipaddress> <hostname>.

    If we wish to alter it, it is recommend that you first create a backup..
    Code:
    root@kali ~$ cp -f /etc/hosts{,.bak}
    root@kali ~$
    Afterwards you can use your favourite text editor (vim, emacs, nano... gedit, geany, leafpad) to alter the file.
    Code:
    root@kali ~$ vim /etc/hosts
    Last edited by g0tmi1k; 2014-03-27 at 03:57 PM.
    This is a Kali-Linux support forum - not general IT/infosec help.

    Useful Commands: OS, Networking, Hardware, Wi-Fi
    Troubleshooting: Kali-Linux Installation, Repository, Wi-Fi Cards (Official Docs)
    Hardware: Recommended 802.11 Wireless Cards

    Search: https://www.kali.org/search/
    Documentation: http://docs.kali.org/ (Offline PDF version)
    Bugs Reporting & Tool Requests: https://bugs.kali.org/
    Kali Tool List, Versions & Man Pages: http://tools.kali.org/

  4. #4
    Stage 4. - Network Connectivity
    Ping
    The next stage is to test the values that have been set during stages #1-3, allowing us to verify the network connection.

    A method to do this, is to 'ping' a remote device. We can do this by sending out a IMCP echo request, and then waiting to see if we hear a IMCP response back.
    However, depending on the remote device that was choose to be pinged - if they have a firewall in place and how its configured, it may not response back to a IMCP request.

    In the example below, we used 'google.com'. The response back was 4 successful replies. The result of all of this, means we have successfully been able to communicate with the device at 'google.com'.
    Code:
    root@kali ~$ ping -c 4 google.com
    PING google.com (62.252.173.153) 56(84) bytes of data.
    64 bytes from m409-mp1-cvx1c.lan.ntl.com (62.252.173.153): icmp_req=1 ttl=128 time=16.3 ms
    64 bytes from m409-mp1-cvx1c.lan.ntl.com (62.252.173.153): icmp_req=2 ttl=128 time=73.6 ms
    64 bytes from m409-mp1-cvx1c.lan.ntl.com (62.252.173.153): icmp_req=3 ttl=128 time=60.0 ms
    64 bytes from m409-mp1-cvx1c.lan.ntl.com (62.252.173.153): icmp_req=4 ttl=128 time=16.1 ms
    
    --- google.com ping statistics ---
    4 packets transmitted, 4 received, 0% packet loss, time 3006ms
    rtt min/avg/max/mdev = 16.166/41.539/73.633/25.757 ms
    root@kali ~$

    Errors in the following example indicate that there might be an issue with the DNS (either it is set to a bad value or the address that was requested doesn't exists - such as the case in this example):
    Code:
    root@kali ~$ ping -c 4 google232323232l32hj3k23k23k2jk32.com
    ping: unknown host google232323232l32hj3k23k23k2jk32.com
    root@kali ~$

    This is a demonstration when there is an issue with the route (the gateway address):
    Code:
    root@kali ~$ ping -c 4 google.com
    PING google.com (62.252.173.153) 56(84) bytes of data.
    From 192.168.91.250 icmp_seq=1 Destination Host Unreachable
    From 192.168.91.250 icmp_seq=2 Destination Host Unreachable
    From 192.168.91.250 icmp_seq=3 Destination Host Unreachable
    From 192.168.91.250 icmp_seq=4 Destination Host Unreachable
    
    --- google.com ping statistics ---
    4 packets transmitted, 0 received, +4 errors, 100% packet loss, time 3048ms
    pipe 3
    root@kali ~$


    Traceroute
    This shows the amount of 'hops' (each router/gateway the packet is passed through), which have been taken to reach the remote machine (as well as display the path it took).
    Note: Each device is separate and may have a firewall enabled on it, which as a result, will not display their result.
    Code:
    root@kali ~$ traceroute www.kali.org
    traceroute to www.kali.org (50.116.53.73), 30 hops max, 60 byte packets
     1  * * *
     2  10.20.252.1 (10.20.252.1)  15.346 ms  15.253 ms  15.143 ms
     3  * * *
     4  brnt-bb-1c-ae4-0.network.virginmedia.net (213.106.244.69)  20.310 ms  20.378 ms  18.794 ms
     5  brhm-bb-1c-et-410-0.network.virginmedia.net (62.253.175.210)  20.126 ms brhm-bb-1c-et-700-0.network.virginmedia.net (62.253.175.206)  21.258 ms  21.514 ms
     6  * * *
     7  linx.peer.nac.net (195.66.224.94)  92.073 ms  92.301 ms  89.861 ms
     8  0.e3-2.tbr2.tl9.nac.net (209.123.11.145)  88.845 ms  90.246 ms 0.e3-2.tbr1.tl9.nac.net (209.123.11.141)  89.182 ms
     9  0.e1-4.tbr2.mmu.nac.net (209.123.10.77)  91.806 ms 0.e1-4.tbr1.mmu.nac.net (209.123.10.101)  91.278 ms 0.e1-4.tbr2.mmu.nac.net (209.123.10.77)  93.700 ms
    10  vlan805.esd1.mmu.nac.net (209.123.10.34)  94.203 ms  87.709 ms vlan803.esd2.mmu.nac.net (209.123.10.30)  87.830 ms
    11  207.99.53.42 (207.99.53.42)  90.761 ms 207.99.53.46 (207.99.53.46)  91.333 ms  91.299 ms
    12  cloudproxy81.sucuri.net (50.116.53.73)  149.309 ms  146.124 ms  146.148 ms
    root@kali ~$
    Last edited by g0tmi1k; 2014-03-27 at 04:22 PM.
    This is a Kali-Linux support forum - not general IT/infosec help.

    Useful Commands: OS, Networking, Hardware, Wi-Fi
    Troubleshooting: Kali-Linux Installation, Repository, Wi-Fi Cards (Official Docs)
    Hardware: Recommended 802.11 Wireless Cards

    Search: https://www.kali.org/search/
    Documentation: http://docs.kali.org/ (Offline PDF version)
    Bugs Reporting & Tool Requests: https://bugs.kali.org/
    Kali Tool List, Versions & Man Pages: http://tools.kali.org/

  5. #5
    Stage 5. - Proxy settings
    Depending on your the network that your connecting to, you may need to connect to a proxy to be able to gain WAN access.
    Please double check with your network administrator if you're required to do so.

    Depending on the program that you wish to use, you may need to alter its settings to match the proxy.

    Bash
    To configure 'bash' to use the proxy values (allowing you to use the network diagnostics mentioned above - ping & traceroute), you can do so by the following commands.
    In this example the:
    • domain is 'mycompanyname'.
    • username is 'g0tmi1k'
    • password is 'password2'
    • ip is '192.168.1.123'
    • port is '8080'

    Code:
    root@kali ~$ export http_proxy=http://mycompanyname\g0tmi1k:password2@192.168.1.123:8080/
    root@kali ~$ export ftp_proxy=http://mycompanyname\g0tmi1k:password2@192.168.1.123:8080/
    root@kali ~$
    Note: if there isn't any proxy authentication, you can just do 'export http_proxy=http://192.168.1.123:8080/'


    Persistent
    To make these settings persistent, so you do not need to keep doing it after every restart, you can alter '/etc/bash.bashrc' to include the very same comments that was typed in before.

    If we wish to alter it, it is recommend to create a backup first.
    Code:
    root@kali ~$ cp -f /etc/bash.bashrc{,.bak}
    root@kali ~$
    Afterwards you can use your favourite text editor (vim, emacs, nano... gedit, geany, leafpad) to alter the file.
    Code:
    root@kali ~$ vim /etc/bash.bashrc

    Apt
    The recommend way to keep Kali-Linux up-to-date is by updating it using the repository. Kali-Linux uses 'apt' for its package manager. To configure apt to use the proxy values, we need to alter '/etc/apt/apt.conf'.

    We will create a backup copy of the file encase we need to restore it for any reason.
    Code:
    root@kali ~$ cp -f /etc/apt.conf{,.bak}
    root@kali ~$
    Afterwards you can use your favourite text editor (vim, emacs, nano... gedit, geany, leafpad) to alter the file.
    Code:
    root@kali ~$ vim /etc/apt.conf
    It needs to be edited to include the following lines:
    Code:
    # Proxy config
    Acquire::http::Proxy "http://mycompanyname\g0tmi1k:password2@192.168.1.123:8080";
    Note: These are the same values from before.
    Last edited by g0tmi1k; 2014-03-27 at 04:02 PM.
    This is a Kali-Linux support forum - not general IT/infosec help.

    Useful Commands: OS, Networking, Hardware, Wi-Fi
    Troubleshooting: Kali-Linux Installation, Repository, Wi-Fi Cards (Official Docs)
    Hardware: Recommended 802.11 Wireless Cards

    Search: https://www.kali.org/search/
    Documentation: http://docs.kali.org/ (Offline PDF version)
    Bugs Reporting & Tool Requests: https://bugs.kali.org/
    Kali Tool List, Versions & Man Pages: http://tools.kali.org/

  6. #6
    Stage 6. - Virtual machine network adapter
    If your using Kali-Linux in a virtual machine - you may wish to double check the settings on the virtual network adapter.
    Note: There are various virtual machines solutions, however this guide will only cover: VMware Fusion/Player/Workstation & Virtual Box

    • Bridged - This will join the current network that the host is connected too. The VM will have its own IP address. Plus will have access to the host, and any other virtual machine.
    • NAT (or 'Share with my Mac' if fusion) - This will create a private virtual network on the host. To external machines, it will appear to have the same IP as the host, allowing them to have access to the same resources as the host, as well as the host, and any other virtual machine.
    • Host-only - This will create a private virtual network on the host. It will not have external access, but it will have access to the host any other virtual machines set to the same adapter mode.
    • LAN segment (VMware Player/Workstation) / Internal Network (VirtualBox) - This will create a private virtual network on the host. It will not have external access and it will not have access to the host. It will only have access to any other virtual machines set to the same adapter mode and segment.


    Summary: if you wish for the guest OS to have Internet access, the network adapter needs to be set to NAT or bridged.
    NAT is the safer option, unless the guest OS needs its own IP address on the same network as the host, then you would select bridged.
    Last edited by g0tmi1k; 2014-03-27 at 04:13 PM.
    This is a Kali-Linux support forum - not general IT/infosec help.

    Useful Commands: OS, Networking, Hardware, Wi-Fi
    Troubleshooting: Kali-Linux Installation, Repository, Wi-Fi Cards (Official Docs)
    Hardware: Recommended 802.11 Wireless Cards

    Search: https://www.kali.org/search/
    Documentation: http://docs.kali.org/ (Offline PDF version)
    Bugs Reporting & Tool Requests: https://bugs.kali.org/
    Kali Tool List, Versions & Man Pages: http://tools.kali.org/

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •