WGU Network and Security - Foundations - C172 (Network Commands)

Traceroute

Used to determine the number of hops required for a packet to reach its destination.

Nslookup

Used to determine IP address of a domain name.

Ping

Used to determine the IP address and latency in networks.

Netstat -a

Used to display IP ports currently open on the Windows OS.

Whois

Information about a webserver including contact information.

ARP

This command displays the IP to physical (MAC) address mappings for hosts that have been discovered in the ______ cache. ______ can be used to add, remove, or modify entries in the ______ cache. The hosts need to be on the local network, as these addresses are discovered by broadcasting to everyone on the network and noting the reply from the owner; broadcast traffic is not allowed through a router so that the system will maintain the MAC address of the router.

Nmap

This command scans networks to see what it can find in terms of hosts and open ports (including well-

known ones for many applications). It is commonly used to determine what is deployed on a network for

vulnerability analysis, security scans, and related activities.

ipconfig

Provides the user with the IP, subnet mask, and default gateway for each network adapter by default with the /all option information, such as MAC address, DHCP status, and lease information. The command with the /release option can be used to release all connections and renew all adapters. It is primarily used in Windows.

ifconfig

Similar to ipconfig, this command is used to configure the kernel network interfaces. It is implemented at the time of booting to configure the necessary interfaces. Once the interfaces are configured, it is used for debugging or tuning the system. It is primarily used in Linux.

dig

A command used to query the DNS name servers. It is helpful in troubleshooting DNS problems. It is also used for lookups and will display answers from the query. It is a replacement for nslookup.

route

This command can be used to display the current route tables on a host. It can also be used to add or remove routes. This is used by the local host to determine where to send traffic (0.0.0.0 means the default gateway, where the router sends things if it is not otherwise defined in the routing table).

scp

This command is used to securely copy files between servers, leveraging SSH (secure shell) for authentication and encryption.

ftp

This command copies the file from one host to another host. The data is unencrypted. If encryption is needed, the encrypted version uses SSL/TLS (Secure Sockets Layer, replaced by Transport Layer Security; the same encryption used in https). Transfer uses TCP (transmission control protocol) for reliability and is often used on the internet and other wide-area networks, where errors may be more common.

tftp

This command transfers a file from either a client to a server or from a server to a client using UDP (user datagram protocol) instead of TCP, and so it is usually used on reliable (local) networks.

finger

Finger displays information about a user or users on a remote system, including things such as last log-in time and username. It is primarily used in Linux.

tcpdump

This command displays TCP/IP packets and other network packets that are being transmitted over the network system. It is a form of protocol analyzer (sometimes called a sniffer) and is designed to show the contents of network packets in human-readable form for troubleshooting, security analysis, etc. This command is not native to either Linux or Windows but can be downloaded for free and used with both.

telnet/ssh

These commands allow a user to manage accounts and devices remotely. The main difference between the two is that SSH is encrypted, and thus all data is secure from eavesdropping, while telnet is unencrypted.

tracepath

This command is similar to traceroute or tracert in that it displays the path taken by a packet from its source to its destination. This command is useful because it can be used by any user instead of needing superuser privileges. It is primarily used in Linux.