Layer 1 (Physical Layer) Diagnostics
Cable and Physical Connection Testing
# Network Interface Status # macOS system_profiler SPNetworkDataType | grep "Link Speed" networksetup -getmedia < interfac e >
# Linux ethtool < interfac e > | grep "Speed|Link" mii-tool < interfac e > Signal Quality and Error Detection
# Check interface errors # Both OS netstat -i ifconfig < interfac e > | grep "errors|dropped|collisions"
# Linux specific ethtool -S < interfac e > # Detailed interface statistics # Linux ethtool --statistics < interfac e > ethtool --register-dump < interfac e > # Raw register data
# Check for CRC errors ifconfig < interfac e > | grep "CRC" WiFi Signal Diagnostics
# macOS /System/Library/PrivateFrameworks/Apple80211.framework/Versions/Current/Resources/airport -I airport -s # Scan available networks
# Linux iwconfig iwlist < interfac e > scanning iw dev < interfac e > station dump # Detailed wifi statistics Layer 2 (Data Link Layer) Diagnostics
Interface Status and Configuration
# macOS ifconfig networksetup -listallhardwareports system_profiler SPNetworkDataType
# Linux ip link show ethtool < interfac e > mii-tool < interfac e > MAC Address and ARP
# View MAC address table arp -a # Both OS
# Clear ARP cache # macOS sudo arp -d -a # Linux sudo ip neigh flush all
# Watch ARP traffic tcpdump -n arp VLAN Diagnostics
# Linux ip link add link eth0 name eth0.100 type vlan id 100 vconfig show
# macOS vlan show Layer 3 (Network Layer) Diagnostics
IPv4 Connectivity
# Basic connectivity ping < hos t > ping -c 4 < hos t > # Limited count
# Path MTU Discovery ping -D -s 1472 < hos t > # macOS ping -M do -s 1472 < hos t > # Linux
# Advanced ping options ping -f < hos t > # Flood ping (requires root) ping -i 0.2 < hos t > # Fast interval IPv6 Connectivity
# Basic IPv6 ping ping6 < ipv6_hos t > ping -6 < ipv6_hos t >
# Link-local address test ping6 fe80:: < interfac e >
# IPv6 neighbor discovery nd6 -n # macOS ip -6 neighbor show # Linux Routing
# Show routing table netstat -rn route -n ip route show # Linux
# IPv6 routes netstat -rn -f inet6 ip -6 route show # Linux
# Trace route traceroute < hos t > # IPv4 traceroute6 < hos t > # IPv6 mtr < hos t > # Continuous trace Network Services Diagnostics
DNS
# DNS lookup dig < domai n > nslookup < domai n > host < domai n >
# Reverse DNS dig -x < ip_addres s >
# DNS server test dig @8.8.8.8 < domai n >
# Clear DNS cache # macOS sudo dscacheutil -flushcache ; sudo killall -HUP mDNSResponder # Linux sudo systemd-resolve --flush-caches DHCP
# Release DHCP lease # macOS sudo ipconfig set < interfac e > DHCP # Linux sudo dhclient -r < interfac e >
# Request new lease # macOS sudo ipconfig set < interfac e > BOOTP sudo ipconfig set < interfac e > DHCP # Linux sudo dhclient < interfac e > Bandwidth Testing
# Using iperf3 iperf3 -s # Server mode iperf3 -c < server_i p > # Client mode
# Basic speed test speedtest-cli Socket Statistics
# Open connections netstat -an ss -tuln # Linux
# Connection statistics netstat -s Advanced Diagnostics
Packet Capture
# Basic capture tcpdump -i < interfac e >
# Capture with filters tcpdump -i < interfac e > host < i p > tcpdump -i < interfac e > port 80
# Save capture tcpdump -i < interfac e > -w capture.pcap Network Load
# Interface statistics netstat -i ip -s link show
# Real-time bandwidth monitoring iftop nload SSL/TLS Diagnostics
# Test SSL connection openssl s_client -connect host:443
# Check certificate openssl x509 -in cert.pem -text System Network Configuration
Network Services Status
# macOS sudo launchctl list | grep network networksetup -listallnetworkservices
# Linux systemctl status network systemctl status NetworkManager Firewall Diagnostics
# macOS sudo pfctl -sa sudo pfctl -sr
# Linux sudo iptables -L sudo nft list ruleset Network Quality Tests
# macOS networkQuality # Built-in tool in newer versions
# Both OS mtr < hos t > # Network path analysis curl -o /dev/null http://speedtest.net/mini -w "%{time_total}\n" # Basic latency test Common Issues Resolution
# Reset entire network stack macOS sudo ifconfig < interfac e > down sudo route flush sudo ifconfig < interfac e > up
# Linux sudo systemctl restart NetworkManager sudo netplan apply # Ubuntu Layer 4 (Transport Layer) Diagnostics
TCP Connection Analysis
# Active TCP connections netstat -tnp ss -tnp # Linux, more detailed
# TCP connection states netstat -ant | awk '{print $6}' | sort | uniq -c
# Detailed TCP statistics netstat -st # Both OS cat /proc/net/tcp # Linux TCP Connection Testing
# Test specific port nc -zv host port telnet host port
# TCP connection tracking (Linux) conntrack -L ss -t -a UDP Diagnostics
# Show UDP sockets netstat -unp ss -unp # Linux
# UDP port testing nc -zu host port
# Monitor UDP traffic tcpdump udp Socket Statistics
# Detailed socket stats # macOS netstat -av lsof -i
# Linux ss -s # Summary statistics ss -m # Memory usage # TCP Window Size sysctl net.inet.tcp.window_size # macOS sysctl net.ipv4.tcp_window_scaling # Linux
# Connection Latency hping3 -S -p 80 host # TCP SYN timing Layer 5 (Session Layer) Diagnostics
Session Management
# Active sessions who w last
# SSH Sessions who | grep pts Application Session Testing
# Test SSL/TLS sessions openssl s_client -connect host:443 -state openssl s_client -connect host:443 -debug
# Session timeout testing curl -v --max-time 10 https://host Session Protocol Analysis
# Monitor session establishment tcpdump -i any 'tcp[tcpflags] & (tcp-syn|tcp-fin) != 0'
# Track session state changes tcpdump -i any 'tcp[tcpflags] & (tcp-syn|tcp-fin|tcp-rst) != 0' Network Protocol Analyzer
# Wireshark CLI (tshark) tshark -i < interfac e > tshark -i < interfac e > -f "port 80 or port 443"
# Advanced filtering tshark -i < interfac e > -Y "tcp.flags.syn==1" Connection Flow Analysis
# netflow analysis (if installed) nfdump -R /path/to/flows fprobe < interfac e >
# Connection tracking conntrack -L conntrack -E # Event monitoring Advanced Diagnostics
Hardware Diagnostics
# PCI Network Device Info lspci -vv | grep -A 10 Network system_profiler SPNetworkDataType # macOS
# Driver Information ethtool -i < interfac e > kextstat | grep -i network # macOS # SSL/TLS Analysis ssldump -i < interfac e > sslscan host:port
# TCP Dump with Session Context tcpdump -i < interfac e > -s 0 -w capture.pcap # TCP Optimization sysctl -w net.ipv4.tcp_window_scaling= 1 sysctl -w net.ipv4.tcp_timestamps= 1
# Session Optimization sysctl -w net.ipv4.tcp_max_syn_backlog= 4096 Layer 6 (Presentation Layer) Diagnostics
Data Encoding/Decoding
# Character Set Analysis file -i < filenam e > chardet < filenam e >
# Text Encoding Conversion iconv -f UTF-8 -t ASCII file.txt iconv -l # List available encodings Compression Testing
# Test compression algorithms gzip -t file.gz bzip2 -t file.bz2
# Check compression ratio gzip -l file.gz Encryption Diagnostics
# SSL/TLS Certificate Analysis openssl x509 -in cert.pem -text -noout openssl verify cert.pem
# Check SSL/TLS Configuration openssl s_client -connect host:443 -tls1_2 nmap --script ssl-enum-ciphers -p 443 host MIME Type Analysis
# Check MIME types file --mime-type file mimetype file # Linux
# HTTP Content-Type checking curl -I https://example.com Layer 7 (Application Layer) Diagnostics
HTTP/HTTPS Diagnostics
# Basic HTTP testing curl -v https://example.com wget --debug https://example.com
# HTTP headers curl -I https://example.com curl -D - https://example.com
# HTTP performance curl -w " \ time_namelookup: %{time_namelookup}\n \ time_connect: %{time_connect}\n \ time_appconnect: %{time_appconnect}\n \ time_pretransfer: %{time_pretransfer}\n \ time_redirect: %{time_redirect}\n \ time_starttransfer: %{time_starttransfer}\n \ ----------\n \ time_total: %{time_total}\n" \ -o /dev/null -s https://example.com DNS Diagnostics
# DNS lookup tools dig +trace domain.com host -a domain.com nslookup -debug domain.com
# DNS zone transfer dig @nameserver domain.com AXFR
# DNS propagation dig domain.com @8.8.8.8 dig domain.com @1.1.1.1
# DNS record types dig domain.com ANY dig domain.com MX dig domain.com TXT Email Protocol Testing
# SMTP testing telnet mail-server 25 nc -v mail-server 25
# Test email sending swaks --to [email protected] --from [email protected]
# Check mail server records dig domain.com MX dig domain.com TXT # SPF records Web Application Testing
# Load testing ab -n 1000 -c 10 https://example.com/ siege -c 10 -t 30S https://example.com/
# Response codes curl -o /dev/null -s -w "%{http_code}\n" https://example.com/
# Content verification curl -s https://example.com/ | grep "expected_text" # Response time monitoring httping -c 10 example.com
# Server response headers curl -s -D - example.com -o /dev/null
# TLS handshake timing curl -w "TLS handshake: %{time_appconnect}\n" -o /dev/null -s https://example.com Protocol-Specific Diagnostics
FTP Testing
# FTP connection test ftp -n server << EOF quote USER username quote PASS password quit EOF
# FTP through curl curl -v ftp://server/ Database Connection Testing
# MySQL mysqladmin ping -h hostname mysqlcheck -h hostname -u user -p
# PostgreSQL pg_isready -h hostname psql -h hostname -p 5432 -U username -c "\l" API Testing
# REST API testing curl -X GET "https://api.example.com/endpoint" \ -H "Authorization: Bearer token"
# API response timing curl -w "@curl-format.txt" -o /dev/null -s "https://api.example.com" Application Layer Security
Web Security Testing
# SSL/TLS security check ssllabs-scan example.com testssl.sh example.com
# HTTP security headers curl -s -D - https://example.com | grep -i "security" Application Firewall Testing
# WAF detection wafw00f https://example.com
# Basic security scanning nikto -h https://example.com Application Layer Protocol Analysis
# HTTP traffic analysis tcpdump -A -s 0 'tcp port 80 and (((ip[2:2] - ((ip[0]&0xf)<<2)) - ((tcp[12]&0xf0)>>2)) != 0)'
# HTTPS traffic (requires key) ssldump -i any -k keyfile.pem Service Discovery
# Network service scanning nmap -sV -p- host nmap -sC -sV host
# Service version detection nc -zv host port # HTTP load testing wrk -t12 -c400 -d30s https://example.com hey -n 1000 -c 100 https://example.com
# Concurrent connections apache2-utils ab -c 100 -n 1000 https://example.com/ # Real-time HTTP traffic httpry -i eth0 tcpflow -i eth0 -c port 80
# Application logs analysis tail -f /var/log/apache2/access.log | goaccess