Network Security

• Type 1 is the cheapest and easiest to replace

• Type 3 is the most expensive to implement and almost impossible to replace if something happens

netstat –t        # displays active internet connections
netstat –l        # displays listening server sockers
netstat –m        # displays masqueraded connections
netstat -a        # displays all connections and listening ports
netstat -tanp     # Show all TCP connections with numeric addresses and process IDs

┌──(kali㉿kali-raspberrypi)-[~]
└─$ sudo netstat -tanp
Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address           Foreign Address         State       PID/Program name
tcp        0      0 0.0.0.0:22              0.0.0.0:*               LISTEN      678/sshd: /usr/sbin
tcp        0     36 192.168.1.169:22        192.168.1.184:4851      ESTABLISHED 2263/sshd-session:
tcp6       0      0 :::22                   :::*                    LISTEN      678/sshd: /usr/sbin

┌──(kali㉿kali-raspberrypi)-[~]
└─$ sudo netstat -c
Active Internet connections (w/o servers)
Proto Recv-Q Send-Q Local Address           Foreign Address         State
tcp        0     44 192.168.1.169:ssh       192.168.1.184:4851      ESTABLISHED
udp        0      0 192.168.1.169:bootpc    192.168.1.1:bootps      ESTABLISHED
Active UNIX domain sockets (w/o servers)
Proto RefCnt Flags       Type       State         I-Node   Path
unix  3      [ ]         STREAM     CONNECTED     7887     /run/user/1000/bus
unix  3      [ ]         STREAM     CONNECTED     7852     /run/user/1000/bus
unix  3      [ ]         STREAM     CONNECTED     10668
unix  3      [ ]         STREAM     CONNECTED     8063
unix  3      [ ]         DGRAM      CONNECTED     5306

┌──(kali㉿kali-raspberrypi)-[~]
└─$ sudo netstat -l
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address           Foreign Address         State
tcp        0      0 0.0.0.0:ssh             0.0.0.0:*               LISTEN
tcp6       0      0 [::]:ssh                [::]:*                  LISTEN
raw6       0      0 [::]:ipv6-icmp          [::]:*                  7
Active UNIX domain sockets (only servers)
Proto RefCnt Flags       Type       State         I-Node   Path
unix  2      [ ACC ]     STREAM     LISTENING     5987     /tmp/.X11-unix/X0
unix  2      [ ACC ]     STREAM     LISTENING     7769     /tmp/.ICE-unix/914
unix  2      [ ACC ]     STREAM     LISTENING     10489    /tmp/ssh-qGHldH0NcIir/agent.1024
unix  2      [ ACC ]     STREAM     LISTENING     5302     /run/systemd/netif/io.systemd.Network
unix  2      [ ACC ]     STREAM     LISTENING     2752     /run/systemd/private
unix  2      [ ACC ]     STREAM     LISTENING     2753     /run/systemd/userdb/io.systemd.DynamicUser
unix  2      [ ACC ]     STREAM     LISTENING     2754     /run/systemd/io.systemd.ManagedOOM
unix  2      [ ACC ]     STREAM     LISTENING     10284    /run/user/1000/systemd/private
unix  2      [ ACC ]     STREAM     LISTENING     10294    /run/user/1000/bus
unix  2      [ ACC ]     STREAM     LISTENING     1155     /run/systemd/io.systemd.Credentials
unix  2      [ ACC ]     STREAM     LISTENING     10297    /run/user/1000/gnupg/S.dirmngr
unix  2      [ ACC ]     STREAM     LISTENING     10298    /run/user/1000/gcr/ssh
unix  2      [ ACC ]     STREAM     LISTENING     1645     /run/systemd/io.systemd.sysext
unix  2      [ ACC ]     STREAM     LISTENING     1158     /run/systemd/journal/stdout
unix  2      [ ACC ]     SEQPACKET  LISTENING     4121     /run/udev/control
unix  2      [ ACC ]     STREAM     LISTENING     10300    /run/user/1000/keyring/control
unix  2      [ ACC ]     STREAM     LISTENING     10301    /run/user/1000/gnupg/S.gpg-agent.browser
unix  2      [ ACC ]     STREAM     LISTENING     10302    /run/user/1000/gnupg/S.gpg-agent.extra
unix  2      [ ACC ]     STREAM     LISTENING     8335     /run/user/1000/gnupg/S.gpg-agent
unix  2      [ ACC ]     STREAM     LISTENING     8340     /run/user/1000/pulse/native
unix  2      [ ACC ]     STREAM     LISTENING     8341     /run/user/1000/pipewire-0
unix  2      [ ACC ]     STREAM     LISTENING     8342     /run/user/1000/pipewire-0-manager
unix  2      [ ACC ]     STREAM     LISTENING     9925     /run/user/1000/gnupg/S.gpg-agent.ssh
unix  2      [ ACC ]     STREAM     LISTENING     4020     /run/systemd/journal/io.systemd.journal
unix  2      [ ACC ]     STREAM     LISTENING     8455     /run/user/1000/keyring/pkcs11
unix  2      [ ACC ]     STREAM     LISTENING     7737     /run/user/1000/at-spi/bus_0
unix  2      [ ACC ]     STREAM     LISTENING     5501     /run/dbus/system_bus_socket
unix  2      [ ACC ]     STREAM     LISTENING     5502     /run/pcscd/pcscd.comm
unix  2      [ ACC ]     STREAM     LISTENING     5503     /run/ssh-unix-local/socket
unix  2      [ ACC ]     STREAM     LISTENING     5504     /run/systemd/io.systemd.Hostname
unix  2      [ ACC ]     STREAM     LISTENING     5986     @/tmp/.X11-unix/X0
unix  2      [ ACC ]     STREAM     LISTENING     7768     @/tmp/.ICE-unix/914