Network Commands Reference

9 October 2025 ยท Updated 9 October 2025

commandsnetworkingnmapciscoreference

Networking commands I keep reaching for: nmap for port scanning, screen/minicom for serial console work, and the usual diagnostics grab-bag.

Port Scanning (Nmap)

TCP Port Scan (Range)

nmap -sT -p 1-10000 <IP_ADDRESS>

Source: Nmap Port Scan Command

Options:

  • -sT - TCP connect scan (full connection)
  • -p 1-10000 - Scan ports 1 through 10000

Use when: Discovering open TCP ports on a target

TCP Port Scan with XML Output

nmap -sT -p 1-10000 <IP_ADDRESS> -oX scan_results.xml

Source: Nmap Port Scan Command

Options:

  • -oX - Output results in XML format

Use when: Need structured output for parsing or reporting

Console Cable Connections

macOS Serial Console Connection

screen /dev/tty.usbserial-* 9600

Source: MacOS Console Cable Connection

Use when: Connecting to network device via USB-to-serial adapter on macOS

Common baud rates:

  • 9600 (standard)
  • 115200 (modern devices)

List Serial Devices (macOS)

ls /dev/tty.*

Source: MacOS Console Cable Connection

Use when: Finding the correct serial device before connecting

Example output:

/dev/tty.Bluetooth-Incoming-Port
/dev/tty.usbserial-14420

SSH and Remote Access

SSH Key Management

See: PowerShell SSH Commands See: Linux SSH Commands

SFTP File Transfer

See: SFTP Command Reference

Network Discovery and Diagnostics

Common Network Diagnostic Commands

# Ping host
ping <hostname>

# Trace route
traceroute <hostname>  # Linux
tracert <hostname>     # Windows

# DNS lookup
nslookup <hostname>
dig <hostname>         # Linux/macOS

# Show network interfaces
ip addr                # Linux
ifconfig              # macOS/older Linux
ipconfig              # Windows

# Show routing table
ip route              # Linux
route -n              # Linux/macOS
route print           # Windows

# Show active connections
netstat -an
ss -tuln              # Modern Linux alternative

Cisco IOS Commands

Show Failed Authentication Attempts

See: Cisco Show Failed Auth Attempt Logs

Network Monitoring Tools

SNMP

See: Fortigate MIB Files See: Prometheus SNMP Exporter Generator Fortigate Config

Firewall Configuration

Linux Firewalld (Netbox Example)

sudo firewall-cmd --permanent --add-service=http
sudo firewall-cmd --permanent --add-service=https
sudo firewall-cmd --reload
sudo setsebool -P httpd_can_network_connect 1

Source: Netbox Setup

Use when: Configuring firewall for web services

  • Linux Command Reference - General Linux commands
  • PowerShell Command Reference - Windows networking
  • SFTP Command Reference - Secure file transfer
  • Netbox Command Reference - Netbox setup

Tips and Best Practices

Nmap Scan Types

  • -sT (TCP Connect): Most reliable, but logged
  • -sS (SYN Stealth): Requires root, stealthier
  • -sU (UDP): For UDP services (DNS, SNMP)
  • -sV (Version Detection): Identify service versions
  • -O (OS Detection): Guess operating system

Common Nmap Use Cases

# Quick scan of common ports
nmap <target>

# Aggressive scan (OS, version, scripts, traceroute)
nmap -A <target>

# Scan all 65535 ports
nmap -p- <target>

# Scan multiple hosts
nmap 192.168.1.1-254

# Scan from file
nmap -iL targets.txt

Console Cable Tips

  • Check baud rate first - Usually 9600 or 115200
  • Serial settings: 8N1 (8 data bits, No parity, 1 stop bit)
  • Exit screen: Press Ctrl+A then K then Y
  • Find USB serial on Linux: ls /dev/ttyUSB* or dmesg | grep tty

Network Security Best Practices

  1. Only scan networks you own or have permission to scan
  2. Use SSH key authentication over passwords
  3. Disable unnecessary services to reduce attack surface
  4. Keep firewall rules minimal and documented
  5. Monitor logs for unauthorized access attempts

Last Updated: 2025-10-09 Commands: 4 core commands + diagnostic reference

ยฉ Copyright 2026 Kyle Phillips