Learn About Your Wireless Connection

Many of us rely on a wireless connection for our connectivity and this is for those who want to learn about your wireless connection. It should be a relatively simple article. Though, if you do not use wireless internet this won’t be very interesting.

Today’s article about your wireless connection will show you how to learn things like the quality of your connection, the transmission power, the frequency you’re using, and other sundry wireless bits. It’s a bit technical, and we will learn about your wireless connection in the terminal, but it’s all good information and not very complicated.

The tools we’ll be using should be installed in all current major distros. For example, we won’t use ifconfig because it is deprecated. We’ll be using the ip command instead. We’ll also be using iwconfig in this article. You shouldn’t need to install anything for this article. All the tools you need should be installed by default.

Side note: The site sure does load fast without ads! I’ll be finding a new ad provider soon enough, I just haven’t done so yet. I may appeal to Google. We shall see, but the site sure is fast! Alas, it generates no income to offset my expenses. So, we will have ads again. It’s going to happen.

As for the tools we’ll be using…

The IP Command:

The first tool we’ll use will be the ip command. As I mentioned above, the ifconfig tool has been deprecated. It is no longer supported and we’ve moved on to bigger and better things. Most major distros will have made this change. For a bit of completeness sake, I’ll include details for the old way.

You can verify that the ip command is available with this command:

If you check the man page, with man ip command, you’ll see that this is the correct tool for the job. The job is what was indicated in the article’s title. Anyhow, the ip command is described like this:

ip – show / manipulate routing, network devices, interfaces and tunnels

We’ll be using the command to identify the name of your wireless connection. It’s easy enough and you can easily follow along.

The IWCONFIG Command:

The iwconfig command is how we’ll be gathering information about your wireless connection. You should find that you don’t have to install anything for this. If you’re using a major distro that’s modern, you’ll almost certainly have iwconfig available. You can confirm that iwconfig is available with this command:

Just like we did above, you can run the man iwconfig command to see that this is the tool for the job. The output should include the following:

In our case, we won’t be doing any configuration – but we will be using this command to learn about the wireless connection. It’s a handy tool, but we’ll just be using it to gather data.

So, let’s get into the actual article itself…

Learn About Your Wireless Connection:

I mentioned above that this is something you do in the terminal. You probably know how to open your terminal by now. If not, you can usually press CTRL + ALT + T to open up your default terminal.

With your terminal now open, you can check your network connections. The purpose of this command is to learn which of your connection names is the correct one for your wireless connection.

If you’re using an older system, and some modern systems still contain the command, you can use the deprecated ifconfig like so:

Scroll through that data to find your wireless connection. It’ll begin with a W. It used to have a nice simple name by default, but times have changed. In my case, it looks like this:

In this case, you can see that the name of my wireless device is wlxe4beed0e5f5c. Unless you’ve renamed them, your wireless connection should start with a W and should be the only connection that starts with a W.

With that information in hand, you’ll next want to learn about your wireless connection with the iwconfig command. The syntax is quite simple:

So, in my case, the command would look like this:

The output would look like this (in my case):

From there, you can see the access point you’re connected to. You can find out the bit rate, frequency, and power management status of the device, and much more. See? Pretty easy.

HINT: If you don’t want all that information, you can always pipe it through grep. That’s pretty simple:

An example output would be:

This is a quick and easy way to learn about your wireless connection. It’s something that’s not too difficult and something everyone can practice to get a little bit more comfortable working in the Linux terminal.

Closure:

Someone asked if I was running out of ideas for articles. I do not believe I am. There’s just so much to write about and so many things that are worth covering. Today we’re learning about your wireless connection. Tomorrow we’ll be on to something else. And that’s okay… 

Thanks for reading! If you want to help, or if the site has helped you, you can donate, register to help, write an article, or buy inexpensive hosting to start your site. If you scroll down, you can sign up for the newsletter, vote for the article, and comment.

Smash a button!
[Total: 1 Average: 5]

Monitor Your Wi-Fi In Linux

If you use a wireless connection on your computer, or wi-fi for short, you might want to monitor your wi-fi. This is a simple task in the terminal and won’t take too long to learn. So, if you’ve ever wanted to monitor your wi-fi, this is the article for you!

There’s more to your wireless connection than just the throughput. There are things like link quality and signal strength that might interest you. It doesn’t stop there, there are all sorts of other bits of information you can learn if you decide to monitor your wi-fi in Linux.

I’ve written a few similar articles, each using a different technology. If you’re interested in those articles, click one of the following links:

Visualize Your Network Traffic With ‘darkstat’
‘vnStat’ A Tool For Monitoring Your Bandwidth Usage
Monitor Bandwidth In Real Time
Monitor Bandwidth With nload

Those are all about monitoring bandwidth and your network connection speed. They’re all fit for purpose, but this article covers wavemon, which is quite different and more specifically about monitoring your wi-fi connection as a whole. This isn’t very complicated or anything. You’ve got this!

This will be done in the terminal, so you might as well prepare yourself for that. So many of my articles do indeed require an open terminal.

wavemon:

The tool we’ll be using is known as wavemon. Like most of these articles, it’s another tool that’s fit for purpose. We want to monitor the waves, radio waves that is. This is one of the tools for the job. In fact, you’ll find the man page describes wavemon like so:

wavemon – a wireless network monitor

To install wavemon, we’ll need an open terminal. You can frequently just press CTRL + ALT + T to open your default terminal emulator. Give that a go. If it doesn’t work you can find the shortcut in your application menu.

With your terminal now open, we need to install wavemon.

Debian/Ubuntu/etc:

RHEL/CentOS:

Arch/Manjaro/etc:

Fedora:

I think I have all of those correct. If not, please leave a comment down below so that I can fix it. If you’d like to add the code to install wavemon on other distros, please leave a comment below. I’m pretty good at getting back to commentators and tend to be quick at fixing articles.

Anyhow, wavemon is the tool you’ll want to use to monitor your wi-fi!

Monitor Your Wi-Fi In Linux:

Leave your terminal open from the installation phase.

This section of the article will be nice and quick. You don’t need to do anything else besides run the command. You don’t even need elevated permissions (such as sudo) for this.

With your terminal open, just enter the following command:

You’ll get a handy output (it may help to resize your terminal for this one) that’s full of information. An example of that output would be this:

using wavemon to monitor wi-fi in the Linux terminal.
It’s fairly easy to understand the output from the wavemon command.

I can’t get F1 to do anything, but F2shows a histograph.

If you do start wavemon with sudo, you can scan for wireless networks with the F3 button.

You can change some settings with F7 if you want.

The F10 button should quit the program. 

If that doesn’t work, CTRL + C will exit wavemon.

But, you can see how much data you’ve received (during this session) and how much data you’ve sent (during this session). It’s all pretty basic stuff and wavemon is a nice and easy way to monitor your wi-fi in Linux.

Closure:

Well, that’s one way to monitor your wi-fi in Linux. If you use a wireless connection and want more information about that connection, wavemon is an acceptable tool for the job. There are certainly other tools out there and this is just one of them. It’s an easy tool to use and I find it’s familiar enough for anyone to understand with relative ease.

I did say that this would be a fairly easy article. It is indeed a fairly easy article! This is one of those things you can learn in just a few minutes. You never know when this information will come in handy. Then again, you might just be curious and want to know this information. You can customize it a bit but I didn’t need to do so.

Thanks for reading! If you want to help, or if the site has helped you, you can donate, register to help, write an article, or buy inexpensive hosting to start your site. If you scroll down, you can sign up for the newsletter, vote for the article, and comment.

Smash a button!
[Total: 3 Average: 5]

Block A Specific Port In Linux Mint

If you’re using Linux Mint, you’ll find you have ufw already installed which means it’s easy to block a specific port in Linux Mint! I’ll explain how to do that in this article and do what I can to make it easy enough for a new Linux user to follow. If this interests you, read on!

You might want to block a port for all sorts of reasons. If you’re open to the public web via your router, you might find bots hammering at the default ports (such as 22 for SSH) trying to find the login credentials, even if none exist. This is unnecessary traffic and can cause the system to slow down if it’s overwhelmed with connection requests.

Also, Linux uses a lot of ports. There are a bunch that are reserved, for example. You can also designate your ports for many things. I’ve written articles about ports before, so here’s some light reading material:

How To: Check If A Specific Port Is Open
How To: Scan A Remote Host For Open Ports
Find Out What Process Is Listening On A Specific Port
Prevent Brute-Force SSH Attacks With fail2ban

About Ports:

Now, I think I’ll let an AI tell you what a port is in Linux.

A Linux port is a virtual concept that helps access different services within a network. A port is a 16-bit integer ranging from 0 to 65535 with no physical existence.

A port acts as a communication endpoint for identifying a given process or application on the Linux operating system. A port is a 16-bit (o to 65535) number that differentiates a single application from others on various end systems.

As the blurb says, these are virtual ports. They’re not like the physical ports on your router, or anything like that. They’re used for communication and sending traffic to a specific port is asking for traffic on that port. 

If you have nmap installed, you could run nmap localhost to find out which ports are open on your computer. You probably should run that command (you’ll need to install nmap with sudo apt install nmap before you can run this command in Linux Mint). If the port isn’t open, then you don’t need to block that specific port.

UFW:

Linux Mint comes with ‘ufw’ already installed. It is not enabled by default, however. It’s good that it comes installed, which means it’s almost ready for use and you only need to enable ufw for it to be of use. If you don’t know what ufw is, you can check the man page with man ufw to learn more. For simplicity’s sake, you’ll find that ufw is described as:

ufw – program for managing a netfilter firewall

We will be using ufw to block a specific port in Linux Mint. You’ll learn that ufw stands for “Uncomplicated Firewall” and is a frontend for iptables. You can do anything with iptables that you can with ufw, but ufw is much easier for a new Linux Mint user. It doesn’t need to be complicated, as you’ll see in this article.

Use UFW To Block A Specific Port In Linux Mint:

While there is a GUI front-end for ufw, we won’t be using that. Instead, we’ll just use the installed terminal and ufw. As you’re using Linux Mint, you can open your default terminal by pressing CTRL + ALT + T.

With your terminal now open, we first need to enable ufw because ufw is not enabled by default. To enable ufw, run the following command:

That will enable ufw on system startup. That command should output something that looks like this:

You can later disable ufw if you find you no longer wish to use it. That command would look like this:

Now, to block a specific port in Linux Mint with ufw, the syntax would be easy enough to figure out. It just looks like this:

If you want to block the default SSH port (port 22) then you can do that like so:

If you change your mind at a later date, the command to undo this would be:

All you need to do is remember ‘deny’ and ‘allow’ and that ufw commands require elevated permissions which means you need to use sudo. If you can remember that, you can block and unblock specific ports in Linux Mint!

Closure:

Yes, this article is about blocking a specific port in Linux Mint with the ufw command, but it applies to many other distros. I just happened to be using Linux Mint when I wrote the article and didn’t want to test on other systems before smashing the schedule button. So, I wrote it specifically for Linux Mint. This will likely be an accurate tutorial for Ubuntu, the official Ubuntu flavors, other Ubuntu derivatives, and maybe Debian. I’m not sure about Debian.

And now you know…

Thanks for reading! If you want to help, or if the site has helped you, you can donate, register to help, write an article, or buy inexpensive hosting to start your site. If you scroll down, you can sign up for the newsletter, vote for the article, and comment.

Smash a button!
[Total: 2 Average: 5]

How To: Enable NTP In Linux

Time is very important to the Linux operating system so keeping accurate time is important, which is why we want to enable NTP in Linux. This won’t be a major article and it should be simple enough to follow along. It’s pretty easy to enable NTP in Linux.

If you don’t know, NTP stands for Network Time Protocol. This allows your computer to connect to a networked device that tells your computer the accurate time and then syncs your computer’s clock with that accurate time.

This networked time server is usually just on the public web, but you could do things like run your own NTP server with a GPS device. (GPS uses really, really, really accurate time. In fact, that really accurate time is how GPS works.) Your company may even run its own NTP servers, but there are plenty of public servers available.

While we’re on the subject, your Linux computer keeps time in a very funny fashion. It counts the seconds since the epoch. The “UNIX Epoch” is an arbitrary date and time. Specifically, it counts the seconds since January 1st, 1970 at 00:00:00 UTC. I’ll write an article on the subject at some point. It is also sometimes referred to as “POSIX Time”. In the meantime, you can always look it up at your favorite search engine. 

Time is very important to Linux. After all, the kernel is a task scheduler. It’s also important for accurate record keeping, among other things. It’s also not difficult to enable NTP in Linux.

NOTE: This article assumes you’re using systemd, as most mainstream distros do. If this isn’t true, this article isn’t for you.

Enable NTP In Linux:

Yes, this is another article that requires an open terminal. You can usually just press CTRL + ALT + T to open your default terminal. If that’s not true, fix the keybindings!

If you’re a desktop user, you can probably skip this article. If you’re a desktop Linux user, odds are good that your distro came preconfigured to sync the time already. Let’s go ahead and verify that with this command:

What you’re looking for is these lines:

You’re especially interested in the last line. If that line says that the NTP service is active, you can ignore this article and read one of the prior articles on the timedatectl command:

How To: Find Your Timezone In The Terminal
How To: Change The Timezone

If the NTP service is not active, you can start the service with this command:

That’s all you need to do to enable NTP in Linux.

If you want to disable NTP, that’s just as easy. That command looks like this:

Next, you can run this command to confirm that you’ve enabled NTP:

That should output information that says the NTP service is active. It may not say that the clock has synchronized as that may take some time before the scheduled task runs and syncs your time with a dedicated time-keeping server.

If you want to muck about with the settings, they’re viewed here:

You’d edit that file with Nano, or some other terminal text editor. Before doing so, you should first read the man page, with this command:

There you go! You can enable NTP in Linux!

Closure:

It seems that I’ve developed a few different styles for my article writing. Longer articles get treated differently, as in they’re formatted differently. The shorter articles have been formatted like this for quite a while. I think that’s a comfortable mix, though it is (as always) subject to change. As I learn and grow, so too may the formatting.

Anyhow, this seemed like a fun article to write. I doubt it’ll be all that popular. It’s unlikely to rank all that well in the search engines. Still, it’ll be information that’s on the site, and the more information I have the better I think I’ll be doing.

It’s not always about the traffic. Indeed, it was never really about the traffic. The traffic is secondary. My primary objective is to share information. Today’s article covered how to enable NTP in Linux. Further, it is limited to just those who use systemd.

Most of my readers will have no use for this information. But, there will be someone – and maybe only that one someone – who will find this information and need it to enable NTP on their Linux device. Good. To that reader and my regulars, I say thanks for visiting.

Now my usual blurb at the bottom of every article…

Thanks for reading! If you want to help, or if the site has helped you, you can donate, register to help, write an article, or buy inexpensive hosting to start your site. If you scroll down, you can sign up for the newsletter, vote for the article, and comment.

Smash a button!
[Total: 2 Average: 5]

Prevent Brute-Force SSH Attacks With fail2ban

Today’s article is one I could have already written and it’s about how to prevent brute-force SSH attacks with fail2ban. The reason I haven’t written it yet is because it either has too much substance or too little substance. I think I can strike a middle-of-the-road here and write an article with just enough substance.

See, and we’ll get to this later in the article, most folks won’t need to do a whole lot more than just install it. You can configure it a great deal, but the defaults are just fine for most people. On top of that, you can even make fail2ban send you email reports but we won’t be covering that in this article. Instead, we’ll largely have directions for installing fail2ban so that you can “prevent” brute-force attacks via SSH. I put the “prevent” in quotes because a diligent attacker could time things, use varied IP addresses, and try brute forcing your login credentials.

I think we need to start at the beginning.

What is SSH:

SSH stands for “Secure Shell” and is a tool to connect to a server remotely. If you check the man page for SSH it is defined as:

ssh — OpenSSH remote login client

This allows you to connect two computers over the terminal. It also comes with SFTP so that you can securely transfer files. You can do a whole lot more with SSH, including forwarding the graphical environment.

Here are a few SSH articles:

Install SSH to Remotely Control Your Linux Computers
Check Your SSH Server Configuration
Show Failed SSH Login Attempts

Then, there are a whole lot more SSH articles. I love SSH, so there have been quite a few articles on the subject. It’s a tool that I use quite often. I encourage familiarity with SSH as it’s sometimes a useful tool to effect a repair on a computer that is otherwise unresponsive to local inputs.

Servers are typically managed with SSH. As you can imagine, servers are a juicy target for malicious people. This means that SSH is a means with which malicious people will use to attack servers. One of the ways they do that is with ‘brute-force’.

What is Brute-Force:

There are many ways that one can try brute-forcing something. The name is as it implies. Rather than knowing the login credentials, they try to brute force them. That means they’ll try one combination of username and password and then keep trying various combinations until they eventually crack the system and figure out the login information.

That is the goal. Their goal is to find the login credentials. Instead of finesse, they use brute force.

This can include a dictionary attack. This can include a progressive attack where they start at the letter a, then try aa, then try aaa, etc. until they find the login credentials. They may also have a list of commonly used usernames and passwords and will systemically work their way through this until they find their way in.

This is one of many attacks and a modern computer can make many attempts in a short amount of time. Add to this modern bandwidth speeds and you can get thousands of attacks in just a short amount of time. It goes even faster if they know one part of the data, such as the username of a privileged account.

Enter fail2ban:

If you’re using a major distro, you have fail2ban available, one way or another. It’s usually easily installed and in your default repositories. When you do install it, you can check the man page. However, fail2ban is described as:

fail2ban – a set of server and client programs to limit brute force authentication attempts.

So, as you can see, fail2ban is the correct tool for the job. After all, and as the headline suggests, we’re trying to prevent brute-force SSH attacks with fail2ban.

Installing fail2ban:

We’ll be using a terminal to install fail2ban. You may also need to remotely connect to the server on which you want to install fail2ban. That too will require a terminal (or some SSH application like PuTTY). Simply press CTRL + ALT and your default terminal should open. If not, you can open a terminal from your application menu.

With your terminal now open, we can install fail2ban.

Debian/Ubuntu/etc:

RHEL/CentOS/etc:

Fedora with dnf:

I believe those are correct. That’s what is in my notes. If they’re not correct, please leave a comment and I’ll update the article. Other distros will have fail2ban available, just search your default repositories and you’ll likely find fail2ban available for installation.

Using fail2ban:

Now that you’ve installed fail2ban, you’re pretty much done. The default configuration is pretty much all you need – but you can customize it. There are a bunch of options available, so you can configure fail2ban in many ways. There are so many ways that we won’t be covering them. They’re reasonably obvious.

Once installed, fail2ban should start automatically. If it doesn’t, run this command to start it:

Next, we’ll make sure to enable fail2ban to start at boot time. That’s this command:

I assume that you’ll want to at least examine the configuration files and I’ll get you started with that. The first thing you want to do is cd to the right directory.

If you run ls you’ll see that there’s a file called jail.conf and you do not want to edit this file itself. Instead, fail2ban will look for configurations in a file called jail.local first. To make that file, you run the following command:

sudo cp jail.conf jail.local 

Next, you might want to make a backup of that jail.local file. 

You can now use Nano to edit your fail2ban configurations:

As you can now see, there are a bunch of options available. They’re far too many to explain here but they’re fairly well described. If any of the options confuse you, you can get help on the man page (man fail2ban ).

After you’ve set fail2ban’s configuration files the way you want them, you’ll need to restart the service for the changes to take effect. That’s done like this:

If you screw up the configuration, just remove the jail.local with this command:

Then restore from your backup like this:

Then, of course, restart the service with this command:

There are a lot of options with this application. You can explore them at your leisure, though I find the defaults to be adequate for most of my needs. As mentioned above, you can install sendmail and have the system send you notification emails. There are many other options as well.

Closure:

Like I said in the beginning, there’s a lot of substance with fail2ban. There’s a lot to it. If I added more to the article, it’d end up quite long. I may write a bit more about this application, but I don’t want to end up with a 2500-word article that will make your eyes gloss over. That doesn’t do me any good and it doesn’t do most people any good. Most folks are going to be fine with the basics before they explore the configuration options on their own.

If you do have a server (or even a personal computer) that’s running SSH, it’s worth your time to install fail2ban. If there’s any chance that someone can try to brute-force your system, they will.

Some bots crawl the ‘net looking for servers that respond on the default SSH ports. They can and will find you. You can also change the port SSH uses for some added obscurity (but remember that obscurity isn’t really security). So, it’s a good idea to prevent brute-force SSH attacks with fail2ban. Yes, it’s a good idea even for us ‘little guys’ who aren’t running servers with valuable information on them.  

Thanks for reading! If you want to help, or if the site has helped you, you can donate, register to help, write an article, or buy inexpensive hosting to start your site. If you scroll down, you can sign up for the newsletter, vote for the article, and comment.

Smash a button!
[Total: 6 Average: 5]
Subscribe To Our Newsletter
Get notified when new articles are published! It's free and I won't send you any spam.
Linux Tips
Creative Commons License
This work is licensed under a Creative Commons Attribution 4.0 International License.