Part 4: Some Useful Linux Lite Network Utilities
On your Linux Lite computer avahi controls mdns connections. It has a useful network connection browser which you can use to detect available mdns connections. Linux Lite also comes with a socket statistics utility that uses the ss command to obtain network connection information much like the familiar netstat utility used to. For more information on their usage see the links below:
https://linux.die.net/man/1/avahi-browse
https://man7.org/linux/man-pages/man8/ss.8.html
In the image below you can see what information certain commands return. Open up the xfce4 terminal on your Linux Lite computer and size it full screen and run the command avahi-browse –all which will return the available connections avahi can make on your system. To remove local connections from the list run the command avahi-browse –ignore-local –all. You can see in the image below that what remains offering connections are two of the TVs from our original nmap scan which we know are addressed on our network at 192.168.1.202 and 192.168.1.54 or .180 (Express could be one of two) respectively. Next run the socket statistics scan with the command ss -u -a. This will scan for any connected UDP port using mdns on our Linux Lite system. This scan shows that we a not connected to any mdns running instance.
I would be remiss if I didn’t mention tcpdump, however, though it is a powerful Linux network packet capturing analysis tool installed by default in Ubuntu and derivatives, I do not consider it a new user friendly application. Staying within this particular discussion you could run the command below but be aware that tcpdump continues to run until you kill it with Ctrl + c and because you are polling individual packets it will run in your terminal endlessly. Below is a sample image run with the command: sudo tcpdump udp -v (verbose).
To learn more about basic tcpdump usage see the link below:
https://danielmiessler.com/study/tcpdump/#host
https://www.tcpdump.org/manpages/tcpdump.1.html
For the home user, especially users new to Linux Lite nmap/zenmap is definitely the most new user friendly and versatile of the network utilities in this discussion. I highly recommend it and iftop as basic WIFI security tools for new Linux Lite users.
Part 3: Basic Nmap Usage With Windows 10
Part 2: Basic Iftop Usage With Linux Lite
Part 1: Basic Nmap Usage With Linux Lite