Simplest eth0 between 2 PCs?

Discussion in 'Linux Networking' started by Unknown, Dec 30, 2013.

  1. Unknown

    Unknown Guest

    Please lets confirm each stage.
    Like seeing the actual water-flowing-in-the-pipe.

    1= plug cross-over cat-cable between PC1 <-> PC2.
    2= PC1: ifconfig eth0 192.168.0.1
    PC2: ifconfig eth0 192.168.0.2
    See LEDs on PC1 connector light-up.

    What is the minimal command/s to confirm that each PC detects the other?

    What is the minimal command/s to transfer a file from 'src -> dest'?

    == TIA.
     
    Unknown, Dec 30, 2013
    #1
    1. Advertisements

  2. Unknown

    Bit Twister Guest

    PC1: ping -c1 192.168.0.2
    PC2: ping -c1 192.168.0.1
    PC1: scp fn_here $USER@192.168.0.2:/wherever/fn_here

    copy a whole directory:
    PC1: rsync /some/dir/ $USER@192.168.0.2:/some/dir
     
    Bit Twister, Dec 30, 2013
    #2
    1. Advertisements

  3. Unknown

    unruh Guest

    Well, only if there is no firewall which switches off pings. The default
    seems to be these days to disable pings.
    Well, first you had better make sure that sshd is running on both
    machines-- install sshd and start it up on both.
    Or scp -pr /some/dir 192.168.0.2:/some/dir
    Or use rsync to transfer individual files. Again you have to make sure
    that rsync is installed on both machines and sshd is running on both and
    that ssh is installed on both.

    Note that the $USER@ is pretty useless since that is the default. If the
    user on the remote machine has a different name than the one on the
    local machine, then you need to put that different name on that line
     
    unruh, Dec 30, 2013
    #3
  4. Unknown

    Jorgen Grahn Guest

    Side note: recent NICs, switches etc don't care if the
    cables are crossed or not.
    In Linux distributions? I find that hard to believe (and sad if it's
    true).

    /jorgen
     
    Jorgen Grahn, Dec 30, 2013
    #4
  5. Unknown

    unruh Guest

    They all come with firewalls activated by default. Often those firewalls
    by default are maximum firewalls (ie reject everything incoming,
    including pings.)
     
    unruh, Dec 30, 2013
    #5
  6. Unknown

    detha Guest

    Examples? The only things I know of that do not respond to ICMP ping
    out-of-the-box are recent Windows versions, and the odd firewall
    distribution.

    -d
     
    detha, Dec 31, 2013
    #6
  7. Unknown

    Jorgen Grahn Guest

    He wrote "all", so it's already obvious he doesn't know what he's
    talking about.
    Even that strikes me as odd. The benefits of complicating IP
    troubleshooting that way seem insignificant in all scenarios I can
    think of. I.e. what dangerous things can you do with ICMP echo that
    you cannot do with a TCP SYN? (Not counting broadcast ping.)

    /Jorgen
     
    Jorgen Grahn, Dec 31, 2013
    #7
  8. Unknown

    detha Guest

    Security by obscurity. What the script kiddie doesn't see in a ping or
    nmap scan it won't try to exploit.

    That's the only plausible reason I can think of, and yes it has caused me
    endless grief in faultfinding - try walking an untrained user through
    enabling ICMP in the firewall, over the phone :p

    -d
     
    detha, Dec 31, 2013
    #8
  9. Unknown

    David Brown Guest

    That's exactly right. Many "drive-by" hacking attempts do pings first -
    and if they fail, then the attacker (or script) just moves on to the
    next target. It is not security as such - ICMP is seldom used in the
    actual attack. But it can reduce the number of attack attempts, saving
    your /real/ security system effort (less wasted bandwidth, less extra
    log file lines, etc.). It is much the same as putting your sshd daemon
    on a non-standard port.
    And there you see the disadvantage of it - it's a pain in fault-finding.
    But those of us who have to deal with Windows machines on a network,
    are used to that particular pain. And as usual, Linux has the remedy -
    "arping" works at a lower level than ICMP, and is not blocked by
    firewalls. Of course, it only works on the same network segment and
    will not pass through routers, but I find it /very/ useful.
     
    David Brown, Dec 31, 2013
    #9
  10. Unknown a écrit :
    ifconfig should display the flag "RUNNING" for each interface.
    man nc (netcat).
     
    Pascal Hambourg, Dec 31, 2013
    #10
  11. Unknown

    Unknown Guest

    OK, thanks.
    -> rsync /var/CONTROL/* pi@192.168.0.2:/home/pi/MOBO
    pi@192.168.0.2's password:
    =!=> copies all files of /var/CONTROL/* into /home/pi/MOBO/

    It's quiet a big story.

    I'm used to `mc`, where you can see the file / dir,
    and just reach-out-and-copy/move/delete it.

    Apparently mc does ftp; so I'll ask on their mail-list, now
    that I've confirmed that the connection works.
     
    Unknown, Dec 31, 2013
    #11
  12. Unknown

    Bit Twister Guest

    Yes, but using my example, you should have done a
    rsync /var/CONTROL/ pi@192.168.0.2:/home/pi/MOBO
     
    Bit Twister, Dec 31, 2013
    #12
  13. Unknown

    ein Guest

    As far as I remember CentoOS 6 has enabled firewall with preconfigured
    iptables rules.
     
    ein, Dec 31, 2013
    #13
  14. Unknown

    ein Guest

    You forgot about "up"
    About LEDs thing, behavior like this is hardware specific. LEDs *can*
    turn on just after cable plug. Interface state *can* has no influence at
    LEDs.
     
    ein, Dec 31, 2013
    #14
  15. Unknown

    unruh Guest

    I just installed a Mageia 2 distro which had ping disabled in the
    firewall, just as an example.
    Note as I said, the ping disabling IS the firewall, and then you say tht
    the "odd" firewall does it. Well, not so sure it is "odd" but it is
    firewall.
     
    unruh, Dec 31, 2013
    #15
  16. Unknown

    unruh Guest

    Uh, early start on New Year's celebrations?
    The All come with firewalls activated. I believe that is true, but I
    will admit I have not tested all distros.
    Then regarding ping, "Often" ....
    I have read that some regard pings as a security risk. In particular it
    allows an attacker to know that there is actually a computer attached to
    some IP address. That knowledge is useful in attacking that computer.

    I do agree that ping SHOULD be enabled by default.
     
    unruh, Dec 31, 2013
    #16
  17. Unknown

    unruh Guest

    Yes. You told it to copy all of the files in /var/CONTROL and it did so.
    If you did not want it to copy all the files do not tell it to copy all
    the files.
    Note that if you give rsync a directory name, it will copy over all the
    files and directories under that directory ( and watch what happens if
    you terminate with a / or not) . If you give it a filename it will copy
    just that file.
    Great. There you have 10000 files you want to transfer and you have to
    pick them out one by one.
    IF you have one or two files to transfer and you forgot their name, mc
    is a good idea. If not, it is pretty terrible.
    One advantage of rsync is that it also hashes the file to make sure it
    got transferred correctly.
    But use whatever tools you want.
     
    unruh, Dec 31, 2013
    #17
  18. Unknown

    Keith Keller Guest

    If you haven't already (and we know you haven't, because you never do),
    read the man page for rsync to see what the differences are between your
    command, Bit Twister's, and omitting the trailing / on the source
    directory. All three are subtly different. Also consider the
    difference between

    ls -a
    ls -ad *

    --keith
     
    Keith Keller, Dec 31, 2013
    #18
  19. Unknown

    Keith Keller Guest

    One compromise is to block or discard ICMP only from external hosts.
    This way you can still perform troubleshooting with ping internally,
    but external attackers can't find your hosts easily. This can be done
    at the public-facing router or at each internal host. What you give up
    in this instance is, if an internal host is compromised, the attacker
    can now use ping to report other hosts, but in that scenario it seems
    like you have bigger problems than an attacker knowing your hosts.
    (OTOH, if you're blocking all ICMP, and reporting them somewhere, then
    receiving such a report might expose a compromised host earlier.)

    --keith
     
    Keith Keller, Dec 31, 2013
    #19
  20. Unknown

    Avoid9Pdf Guest

    ==> Here's the log:-------------
    -> rsync /var/CONTROL/ $USER@192.168.0.2:/home/pi/MOBO
    pi@192.168.0.2's password:
    skipping directory .

    -> rsync /var/CONTROL/* pi@192.168.0.2:/home/pi/MOBO
    pi@192.168.0.2's password:
    =!=> copies all files of /var/CONTROL/* into /home/pi/MOBO/
    ------------ end of log paste ---------

    I see now: the verbage/word-clutter confused me.
    But a script at each side hides the clutter: 2rPi <File> , 2PC <file>

    So now, can't I also easily *RUN* the rPi from the PC's nice display?

    NB. PC is x86 hardware and rPi is ARM hardware;
    so: from PC-keybrd <gcc ...>
    means that rPi should act as if <gcc ...> was entered to its keybrd.

    How would I do that?

    == TIA.
     
    Avoid9Pdf, Jan 1, 2014
    #20
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.