Basic Networking Tools in Kali

Introduction

In this lab, you will learn how to use essential networking tools in Kali Linux to perform basic network diagnostics and management tasks. This hands-on session is designed for beginners, guiding you through checking network status, testing connectivity, discovering devices on a network, and scanning for open ports. Using tools like ip a, ping, netdiscover, and nmap, you will build foundational skills in network analysis within the LabEx VM environment. When you open the terminal, you will be automatically connected to the Kali Linux container's shell, ready to start practicing.

Skills Graph

%%%%{init: {'theme':'neutral'}}%%%% flowchart RL kali(("Kali")) -.-> kali/KaliGroup(["Kali"]) kali/KaliGroup -.-> kali/file_ctrl("File Management") kali/KaliGroup -.-> kali/net_conf("Network Configuration") kali/KaliGroup -.-> kali/nmap_ops("Nmap Tool") kali/KaliGroup -.-> kali/sys_obs("System Monitoring") kali/KaliGroup -.-> kali/vuln_scan("Vulnerability Scanning") subgraph Lab Skills kali/file_ctrl -.-> lab-552191{{"Basic Networking Tools in Kali"}} kali/net_conf -.-> lab-552191{{"Basic Networking Tools in Kali"}} kali/nmap_ops -.-> lab-552191{{"Basic Networking Tools in Kali"}} kali/sys_obs -.-> lab-552191{{"Basic Networking Tools in Kali"}} kali/vuln_scan -.-> lab-552191{{"Basic Networking Tools in Kali"}} end

Checking Network Interfaces with `ip a`

In this first step, you will learn how to inspect the network interfaces on your system using the ip a command. This is a fundamental skill for understanding your network configuration.

When you open the terminal in the LabEx VM environment, you will be automatically connected to the Kali Linux container's shell. There is no need to manually start the container or enter the shell; the environment is already set up for you.

First, you need to install the iproute2 package if it is not already installed. Type the following command in the terminal and press Enter:

apt update && apt install -y iproute2

Now, type the following command in the terminal and press Enter:

ip a

This command lists all network interfaces on your system along with their details, such as IP addresses and status.

Expected Output (example, actual output may vary):

1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
4: eth0@if5: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default
    link/ether 02:42:ac:11:00:02 brd ff:ff:ff:ff:ff:ff link-netnsid 0
    inet 172.17.0.2/16 brd 172.17.255.255 scope global eth0
       valid_lft forever preferred_lft forever

In the output, you will see interfaces like lo (loopback) and eth0 (your primary network interface). Look for the inet line under eth0 to find your IP address, such as 172.17.0.2. The <UP> status indicates the interface is active. Understanding this output helps you confirm that your system is connected to a network and ready for further tasks.

Testing Network Connectivity with `ping`

Now that you have checked your network interfaces, the next step is to test if your system can communicate with external servers. You will use the ping command to verify internet connectivity.

Install ping if it is not already installed.

apt install -y iputils-ping

Type the following command in the Kali Linux container's terminal and press Enter:

ping -c 4 8.8.8.8

The -c 4 option limits the number of ping attempts to 4, and 8.8.8.8 is Google's public DNS server, a reliable target for testing connectivity.

Expected Output (example, actual output may vary):

PING 8.8.8.8 (8.8.8.8) 56(84) bytes of data.
64 bytes from 8.8.8.8: icmp_seq=1 ttl=117 time=10.2 ms
64 bytes from 8.8.8.8: icmp_seq=2 ttl=117 time=9.8 ms
64 bytes from 8.8.8.8: icmp_seq=3 ttl=117 time=10.1 ms
64 bytes from 8.8.8.8: icmp_seq=4 ttl=117 time=9.9 ms

--- 8.8.8.8 ping statistics ---
4 packets transmitted, 4 received, 0% packet loss, time 3004ms
rtt min/avg/max/mdev = 9.800/10.000/10.200/0.141 ms

This output shows responses from 8.8.8.8, with details like time (latency in milliseconds) and icmp_seq (sequence number). A 0% packet loss indicates successful connectivity. If you see 100% packet loss, it means there is a connectivity issue. The ping command is a simple yet powerful tool to confirm that your system can reach external networks, a prerequisite for many networking tasks.

Installing and Using `netdiscover` to Identify Network Devices

Having confirmed network connectivity, you will now learn how to discover devices on your local network using the netdiscover tool. Since this tool may not be pre-installed in the Kali Linux container, you will first install it.

Start by updating the package list and installing netdiscover. Type the following commands in the terminal, pressing Enter after each:

apt install -y netdiscover

These commands refresh the package list and install netdiscover without prompting for confirmation. Wait for the installation to complete; it may take a few seconds.

Next, you need to identify the network interface to scan. You already used ip a in Step 1, so look at your output or run it again to confirm your interface name (likely eth0) and IP range (likely 172.17.0.0/16 for Docker environments).

Now, run the netdiscover tool to scan the local network. Type the following command and press Enter:

netdiscover -i eth0 -r 172.17.0.0/16

The -i eth0 specifies the interface, and -r 172.17.0.0/16 defines the IP range to scan. If your interface name differs, replace eth0 accordingly.

Expected Output (example, actual output may vary):

Currently scanning: 172.17.0.0/16   |   Screen View: Unique Hosts

2 Captured ARP Req/Rep packets, from 2 hosts.   Total size: 120
_____________________________________________________________________________
  IP            At MAC Address     Count     Len  MAC Vendor / Hostname
-----------------------------------------------------------------------------
172.17.0.1      02:42:ac:11:00:01      1      60  Unknown vendor
172.17.0.2      02:42:ac:11:00:02      1      60  Unknown vendor

This output lists IP addresses and MAC addresses of devices on the network. For instance, 172.17.0.2 might be your own system, and 172.17.0.1 could be the gateway. Let the scan run for a few seconds to detect devices, then stop it by pressing Ctrl+C.

The netdiscover tool uses ARP requests to detect active devices on the local network. This is useful for mapping out what devices are connected to the same network segment as your system, a common task in network diagnostics.

Installing `nmap` and Performing a Basic Port Scan

With devices identified on the network, the next step is to scan for open ports on a specific device using the nmap tool. This helps you understand what services are running on a target system. Since nmap may not be pre-installed, you will install it first.

Type the following commands in the terminal to update the package list and install nmap, pressing Enter after each:

apt install -y nmap

Wait for the installation to complete; it may take a few seconds.

From the netdiscover output in the previous step, you should have noted IP addresses of devices on the network, such as 172.17.0.1. You will scan this IP address for open ports. If you have a different IP from your scan, use that instead.

Type the following command in the terminal and press Enter to perform a basic port scan:

nmap 172.17.0.1

Expected Output (example, actual output may vary):

Starting Nmap 7.95 ( https://nmap.org ) at 2025-04-11 06:04 UTC
Nmap scan report for 172.17.0.1
Host is up (0.0000060s latency).
Not shown: 997 closed tcp ports (reset)
PORT     STATE SERVICE
22/tcp   open  ssh
3000/tcp open  ppp
3001/tcp open  nessus
MAC Address: 02:42:06:F2:C3:B0 (Unknown)

Nmap done: 1 IP address (1 host up) scanned in 0.15 seconds

This output lists open ports on the target IP. For example, 22/tcp open ssh indicates an SSH service is running, while 3000/tcp and 3001/tcp suggest a web server. The nmap tool, short for Network Mapper, is widely used for network discovery and security auditing, allowing you to identify potential points of access on a device.

Saving `nmap` Scan Results to a File

In this final step, you will learn how to save the results of an nmap scan to a file for future reference. This builds on the previous step where you performed a basic port scan.

Using the same target IP address from Step 4 (e.g., 172.17.0.1), run the following command in the terminal and press Enter to perform the scan and save the output to a file named scan_results.txt:

nmap 172.17.0.1 -oN /root/scan_results.txt

The -oN option instructs nmap to save the results in a normal format to the specified file path /root/scan_results.txt. If you used a different IP in Step 4, replace 172.17.0.1 with that IP.

The output will appear in the terminal as before, but it is also saved to /root/scan_results.txt. To confirm the file contains the results, type the following command and press Enter:

cat /root/scan_results.txt

Expected Output (example, actual output may vary):

Starting Nmap 7.95 ( https://nmap.org ) at 2025-04-11 06:05 UTC
Nmap scan report for 172.17.0.1
Host is up (0.0000060s latency).
Not shown: 997 closed tcp ports (reset)
PORT     STATE SERVICE
22/tcp   open  ssh
3000/tcp open  ppp
3001/tcp open  nessus
MAC Address: 02:42:06:F2:C3:B0 (Unknown)

Nmap done: 1 IP address (1 host up) scanned in 0.15 seconds

Saving scan results to a file is a practical way to document your findings. This allows you to review or share the information later without needing to rerun the scan, which is especially useful in network analysis and troubleshooting.

Summary

In this lab, you have learned how to use fundamental networking tools in Kali Linux to perform essential network diagnostics. You started by checking network interfaces with ip a, tested connectivity using ping, discovered devices on the local network with netdiscover, performed basic port scanning with nmap, and saved scan results to a file for future reference. These skills provide a solid foundation for network analysis and troubleshooting in a Linux environment.