As you see in this image, ifconfig provides a lot of information to the user.
In the first paragraph on the left, we see eth0. This is the first cable network connection, ethernet 0. (Linux usually starts counting from 0).
In the second line, the IP address information is 192.168.73.132. Then netmask or network mask (this information about what part of the IP address of the network is and which part of the host), and finally the broadcast address (this address is for sending information to all IPs in the subnet).
There is further technical information available, but beyond the scope of Linux training.
If we look at the top, another paragraph is started with lo. This is the localhost or local address.
This is the address of the device you are working with, and you can test something like a website. It is usually shown with the IP address 127.0.0.1.
Step 2: Change the IP address
Change the IP address in Linux is relatively simple. Keep in mind that in most cases, you will receive a dynamic address from a DHCP server.
In some cases, it may be necessary to redefine the address, especially if it is for hacking.
This can be useful in spoofing your IP address (spoofing attacks) because it makes the crime more unpredictable on the network, but it’s definitely not impossible to find a hacker.
We can do this by using the ifconfig command with the interfaces (interface) that we want to assign the desired IP. As:
ifconfig eth0 192.168.73.133
Now when you are typing ifconfig, we can see that our IP address has changed to the new IP address.
We can also change netmask and broadcast if needed:
ifconfig eth0 192.168.73.133 netmask 255.255.255.0 broadcast 192.168.73.255
Step 3: DHCP (Dynamic Host Configuration Server)
Linux has a DHCP server called dhcpd. It is a DHCP server that assigns IP addresses to all subnetworks.
It also holds logs (log files) for those devices that have IP address at that time.
This log file is often used to track hackers in a forensic analysis after the attack.
When I want to assign a new address from the DHCP server, I can easily use the dhclient command.
(Different Linux distributions use different DHCP clients, but DLC-based Kali Linux uses dhclient). Like this:
A DNS or Domain Name Service is a service that enables us to type a domain name such as www.cybrit.ir, which will then be translated to the appropriate IP address.
Without it, we all have to remember thousands of IP addresses of your favorite web sites.
One of the most useful commands for the hacker is dig, which is equivalent to nslookup in Windows, but provides more information about the domain.
For example, to see the time.is domain name servers, we will execute the dig time.is command by adding the ns option.