C172: Network and Security Foundations (v4): Basic Network Commands

tracert

Windows command used to follow the path a packet takes between two hosts. Will pull up a list of options if used alone.

ping

General command that sends an ICMP echo request message to a host. Can be used to troubleshoot connectivity issues with other devices. Will pull up a list of options if used alone.

ping -a

Sends an ICMP echo request message to a host and resolves an IP address to host name (shows hosts along the path).

ping -t

Windows command that sends an ICMP echo request message to a host until stopped (using control-c).

ping -n 3

Windows command that sends an ICMP echo request message to a host three times (use -c on Linux).

sudo

Command often needed to act as an administrator/root when using a command-line interface on Linux.

ping -l 8

Windows command that sends an ICMP echo request message to a host with a packet size of 8 bytes (use -s for Linux).

ping -l 8 -n 3

Windows command that sends an ICMP echo request message to a host with a packet size of 8 bytes three times.

ipconfig

General Windows command that shows the IP configuration settings on a PC. Will pull up a list of options if used alone.

ipconfig /all

Windows command that shows the IP configuration settings on a PC. Will show all of the TCP/IP details.

ifconfig

General Linux command that shows the IP configuration settings on a PC.

ipconfig /release

Windows command that can be used to release all network connections.

ipconfig /renew

Renew the DHCP lease.

traceroute

Linux command used to follow the path a packet takes between two hosts. Requires root privileges because it manipulates raw packets.

tracepath

Linux command used to follow the path a packet takes between two hosts. Can be used without superuser privileges because uses a secure sockets API.

tracert -d

Windows command used to follow the path a packet takes between two hosts. Will not resolve addresses to host names, saving time.

tracert -h 10

Windows command used to follow the path a packet takes between two hosts. Set the maximum number of hops to 10.

arp

General command for viewing or modifying the IP to physical (MAC) address mappings for hosts that have been discovered in the cache. Will pull up a list of options if used alone.

arp -a

Specific command for viewing the ARP table (also can view it with -g).

netstat

Command that displays information about active ports and their state.

netstat -r

Command that displays routing information for network adapters.

nslookup

Command that displays DNS information; displays names to IP address mappings. Can help identify DNS issues.

dig

Command that is used to query the DNS name servers. Will display DNS information. Replaces nslookup.

whois

Linux command used to look up who owns a domain or block of IP addresses (can be installed on Windows).

route

General command used to manipulate routing tables, such as changing the default gateway. Will pull up a list of options if used alone.

route PRINT -4

Specific command to display the current IPv4 route tables on a host (Windows).

scp

General command used to securely copy files between servers. Uses SSH (secure shell) for authentication and encryption. Will pull up a list of options if used alone.

ftp

This command copies a file from one host to another host using TCP. Can use additional options for security. Using the command initiates the connection, type "bye" to exit out. Type "?" for a command list.

tftp

This command copies a file from one host to another host, insecurely, using UDP. Good for firmware updates on devices or file transfer within a trusted LAN. An add-on for Windows/Linux.

finger

General Windows command use to display information about a user on a remote system running the service. May show info like: last log-in time, or username. Will pull up a list of options if used alone. An add-on for Linux.

tcpdump

Displays TCP/IP packets and other network packets being transmitted over the network. Will show the contents of network packets in human-readable form (a sniffer). An add-on for Windows/Linux.

nmap

Scans networks to find hosts and open ports. Used to determine what is deployed on a network for vulnerability analysis, security scans, and related activities. An add-on for Windows/Linux.

ssh

Allows a user to manage accounts and devices remotely. It uses encryption, and thus all data is secure from eavesdropping.

telnet

Allows a user to manage accounts and devices remotely. It is not encrypted.

ping -w

In Linux it sends an ICMP echo request message with a specified length of time packets will be sent (regardless of number). In Windows it sets a time-out in milliseconds to wait for a reply.

ping -c

Linux version of -n that sends a certain number of ICMP echo requests before automatic termination.

ping -i

In Linux it sends an ICMP echo request message with a set interval between transmissions In Windows it sets time-to-live, limiting the lifespan of data in the network, preventing endless circulation. Can function like a counter.

ping -s

Linux version of -l that sends an ICMP echo request message with the number of bytes to send.

nslookup

Will give an output like: "Non-authoritative answer: Name: www.google.com Address: 172.217.11.132"

whois

Will give an output showing a long list including Domain Name, Registry Domain ID, Registrar info, Expiry Date, Domain Status, Name Server info.

dig

Will give an output showing utility version, query invoked, answer, errors, name queried, dns data, response time.

nmap

If used to scan a remote IP address (or local), will give an output of: number of closed ports, open ports shown as number, protocol, running which service, in what state. (Running against system not owned could be viewed as an attack.)

nstat

If used to scan local (only) system, will give current active connections, protocol, send/receive info, local & foreign IP addresses and state. Deprecated.

ipconfig, ipconfig /all

Use when desire information for each NIC: IP address, subnet mask, default gateway, AND additionally: host name, physical address, DHCP & DNS config. (2 answers)