Tools that you run from the command line – i.e. from a terminal or shell window – are often more powerful and quicker to use than their GUI or web equivalents.
Their output is plain text so it’s much easier to copy and paste into an email or a slack conversation – sure, you can take a screenshot of a GUI tool and share that, but then the folks you’re sharing it with can’t copy the text out of it. And you can easily run them on a remote machine, which can be particularly useful when you’re diagnosing network issues, or email reputation issues that may be IP address based.
Here are some of the tools I use daily, and how to install them on your laptop. (If you’re installing these for a class I’m giving we might have an alternate way to use them if you didn’t install them ahead of time. Or we might not.)
dig
dig
is a powerful tool for doing DNS queries, such as looking up MX
records to work out where to send email, and TXT
records for checking email authentication. It’s default output format can be a bit overwhelming, but you can use the +short
flag to get a simpler format.
The full output format, though, gives you a lot of information that’s hidden by other tools and that can be useful for diagnosing more obscure issues so it’s good to have it handy.
Example: dig +short gmail.com mx
Documentation: man dig
or online
Alternatives include host
, drill
, dnsget
and web-based tools. And, as a last resort, nslookup
but avoid that if you can.
netcat / nc
This tool is called "netcat" but it’s usually installed as nc
. I’ve no idea why, just accept it as one of those things. At it’s simplest it lets you connect to a network server and type at it by hand. A lot of network protocols are text based, so you can often run full transactions – such as sending an email – using nc
if the server is patient enough to wait for your typing.
We used to use telnet
to send email by hand but telnet’s real job – to connect to a shell on a remote server – was replaced by ssh decades ago, and doing that is considered so insecure that all trace of it was removed from a lot of systems. nc
can do much, much more but it’s a fine replacement for simple protocol testing.
Example: nc reject.wordtothewise.com 25
(use Ctrl-C to exit)
Documentation: man nc
or online
Newer, better maintained alternatives include ncat
(part of the nmap package), socat
and many reimplementations that are still called nc
and work much the same.
swaks
swaks
describes itself as "the swiss army knife for SMTP", which is about right. It lets you send an email, and show the SMTP protocol as it does it. Almost everything you might want to customize, and many things you’d never though of, are customizable. You can send to a specific server, a non-standard port, use TLS in a variety of ways, authenticate to a smarthost, add custom headers, or abandon the delivery attempt at different points in the delivery.
Example: swaks --to discard@reject.wordtothewise.com
Documentation: swaks --help
or online
whois
whois
lets you identify who owns an IP address. (It used to let you find the owner of a domain name too, but that was made mostly useless some years ago).
whois
works by contacting a server operated by one of the regional internet registries, sending them an IP address and printing out the response.
Example: whois 192.0.43.7
Alternatives: web based whois
curl
curl
is mostly used as a command line tool for downloading files from webservers. But it lets you see bits of the http transaction you normally wouldn’t, such as when the server redirects you to somewhere else. That makes it useful for diagnosing click tracking redirectors.
If you give it the -D-
flag it will fetch a web page and show you the headers the server responded with. A click tracker will usually use what’s called a "301 redirect", where it responds with the destination link in a "location:" header.
Example: curl -D- https://wttw.me/installtools
Documentation: man curl
or online
Installation on Windows
Using WSL
WSL is "Windows Subsystem for Linux", Microsofts way of installing Linux tools on a Windows machine. Check out the full installation instructions but on modern Windows installations it’s often as simple as opening an administrator command prompt or powershell window and running wsl --install
.
Once it’s installed you’ll need to set up a user and password, and then you’ll be able to follow the Linux/Ubuntu installation instructions.
Using native windows
Either install dig or use nslookup
instead, e.g. nslookup -query=mx gmail.com
.
Install statically compiled ncat.exe in place of netcat.
For whois
either use a web based whois or install the sysinternals whois.
curl
is available from the curl website
You can probably install swaks
from CPAN after installing a native Perl from Strawberry or ActiveState. Probably. But that’s going to be painful, just install WSL.
Installation on macOS
You can get to a shell using "Terminal" in the "Utilities" subdirectory under "Applications". If you’re going to be using a shell much you should consider installing iterm – it’s much nicer.
dig
, nc
, whois
and curl
should be installed by default.
Perl is also installed by default, so you can install swaks
using the "Unpackaged" or "Packaged" methods listed on the swaks installation page
Or, if you have homebrew installed you can do brew install swaks
.
Installation on Linux
On Ubuntu or Debian based distributions:
sudo apt-get install dnsutils netcat-openbsd swaks whois curl
On anything RedHat-ish:
sudo yum install bind-utils netcat swaks whois curl
Let someone else do the work
If you have access to a linux server on your network you can ssh in to it and run everything from there.