Tracert
Tracert is a winodws command-line tool that uses ICMP Echo Packets and their TTL(Time to Live) to determine the route and hopecount to a destination. In the following network for a example, when a connection between host A and host B fails, you can use to find out where the packets stopped.
the following image shows the output of running tracert 192.168.200.2 on HostA.
The Unix/Linux/Cisco couterpart of tracert is traceroute, which basically provides the same functionality as tracert does for Windows systems. Howeverr, traceroute offer several additional command-line options to give you more control, such as specifying the gateway or source IP address. Traceroute uses UDP packets by default instead of ICMP packets.
PING
The ping utility is a diagnostic tool that you can use to test TCP/IP configurations and connections. It is useful to determine whether a particular TCP/IP host can be reached and is available. The syntax for the ping command is:
ping target
target can be either a name (hostname or NetBIOS name) or an IP address. The following image shows the output of running the command ping www.google.com
ping target
target can be either a name (hostname or NetBIOS name) or an IP address. The following image shows the output of running the command ping www.google.com
Some common situations where PING can be useful:
- To verify that TCP/IP is installed, initialized, and bound to your network interface, ping the loopback address (ping 127.0.0.1).
- To verify that the default gateway is available and the computer can communicate with a remote host through a router, ping a host on a remote network.
- To verify that DNS host name resolution is available, ping an existing host name of a computer you know is online and avilable.
- To verify that WINS name resolutions is available,ping an existing NETBIOS name, of a computer you know is online and available.
ARP
As described in the TCP/IP Suite TechNotes, the Address Resolution Protocol (ARP) is used for resolving layer 3 addresses to layer 2 addresses(IP address is known as Layer 3 address and MAC address is known as Layer 2 address). The corresponding utility arp can be used to manually resolve an IP address to a MAC addresses and to modify or display the current ARP cache table below is an example output of using arp with the -a switch to display the IP address to MAC mapping currently in the ARP cache:
To display the arp table execute the following command:
arp -a
To display the arp table execute the following command:
arp -a
To add a static entry in the arp table execute the following command:
arp -s <ip-address> <mac-address>
arp -s <ip-address> <mac-address>
To remove a entry from arp table:
arp -d <ip-address>
arp -d <ip-address>
To clear the arp cache execute the following command:
netsh interface ip delete arpcache
Note:- before execute this command , you must open the command prompt with administrator privilege.
netsh interface ip delete arpcache
Note:- before execute this command , you must open the command prompt with administrator privilege.
The above command will flush the entire ARP cache on your system. Now as soon as network connections are made, the ARP cache will begin to repopulate.
Verify the flush
Once you have flushed the ARP cache, make sure to issue the command arp -a to see if the cache has, in fact, been flushed. If it does not flush, it could be the system is a victim of a Windows bug caused when Routing and Remote Services is enabled. This is a simple bug to fix:
- Press Windows key + R on your keyboard and then type services.msc and then click on OK.
- Scroll down to Routing and Remote Services.
- Double-click Routing and Remote Services.
- Set the startup type to Disabled.
- Make sure the services is Stopped.
Note:-
Dynamic ARP cache entries update persist for 2-20 minutes depending on the system.
Windows 2003 Server = 10 minutes
Windows 2000 Professional Server = 10 minutes
Windows XP = 2 minutes
Solaris = 5 minutes
Windows 2003 Server = 10 minutes
Windows 2000 Professional Server = 10 minutes
Windows XP = 2 minutes
Solaris = 5 minutes
NETSTAT
Netstat displays TCP/IP protocol statistics and information about TCP and UDP connections to and from the local computer. Netstat -a displays the current connections and listening porsts:
To display the currently establish session from Host execute the following command :
netstat -n
Netstat can also be used to display Ethernet statistics such as the number of bytes sent and received, as well as any dropped network packets, by using the -e switch:
To display the help of Netstat command execute the following command:
netstat /?
netstat /?
Netstat -r produces the same output as route print command, in other words to display the content of routing table.
To display the NetBIOS name table of the local computer use nbtstat with the -n switch. The status of Registered indicates that the name is registered either by broadcast or with a WINS server. If two hosts on the local network would use the same NetBIOS name, the status would be Conflict.
nbtstat -n
NBTSTAT
Nbtstat is used for troubleshooting NetBIOS name resolution problems. It displays protocol statistics and current TCP/IP connections that are using (NBT) NetBIOS over TCP/IP as well as the NetBIOS name table and cache.To display the NetBIOS name table of the local computer use nbtstat with the -n switch. The status of Registered indicates that the name is registered either by broadcast or with a WINS server. If two hosts on the local network would use the same NetBIOS name, the status would be Conflict.
nbtstat -n
To display the NetBIOS name table of a remote computer use one of the following:
nbtstat -a remotename or nbtstat - A IPaddress
nbtstat -a remotename or nbtstat - A IPaddress
Use nbtstat -c to display the contents of the local computer NetBIOS name cache.
Use nbtstat -r to display to verify NETBIOS names are correctly resolved by WINS:
Use nbtstat -r to display to verify NETBIOS names are correctly resolved by WINS:
IPCONFIG
IPCONFIG can be used on Windows NT, 2000/2003/2008/2008R2/2012/2012R2 , XP, 7, 8 and 8.1 to display TCP/IP configuration information, renew and release DHCP assigned address configuration, and register in dynamic DNS or flush the local DNS cache. When the ipconfig command is issued without any options the output will be similar to the one below:
ipconfig /all displays full configuration information, for example:
Use ipconfig /release release the IP address configuration.
Use ipconfig /renew Renew the IP address configuration.
ipconfig /flushdns clears the local DNS cache. This is useful when the IP address for a previously resolved host name changed and you want the client to request the IP address fresh form the DNS server rather than the local cache.
Use ipconfig /renew Renew the IP address configuration.
ipconfig /flushdns clears the local DNS cache. This is useful when the IP address for a previously resolved host name changed and you want the client to request the IP address fresh form the DNS server rather than the local cache.
IFCONFIG
IFCONFIG is a UNIX/LINUX command-line utility used to configure and manage network interface. Used without any parameters, ifconfig displays the status of all active network adapters:
ifconfig -a displays the status of all adapters including those that are down. Ifconfig is the most common command for checking basic information such as the IP address or whether an interface is enabled. The ifconfig command can also be used to configure an interface. The following example shows how to set an IP address and subnet mask for interface eth0:
ifconfig eth0 172.18.72.18 netmask 255.255.0.0
Settings configured in this manner are only kept until the machine is rebooted. To make network settings permanent the changes must be made to the appropriate configuration file in the /etc/sysconfig/network-scripts directory.
Ifconfig can be used with either the up or down parameter to start or stop an interface. The following example disables the first Ethernet interface:
ifconfig eth0 down
ifconfig eth0 172.18.72.18 netmask 255.255.0.0
Settings configured in this manner are only kept until the machine is rebooted. To make network settings permanent the changes must be made to the appropriate configuration file in the /etc/sysconfig/network-scripts directory.
Ifconfig can be used with either the up or down parameter to start or stop an interface. The following example disables the first Ethernet interface:
ifconfig eth0 down
WINIPCFG
Winipcfg allows you to display the TCP/IP configuration information and renew and release DHCP assigned address configuration on Winodws 9x and ME computers. The screenshot below shows the configuration of an Ethernet adapter with a manually assigned IP address configuration.
When the configuration would be automatically assigned by a DHCP server, the buttons at the bottom would be enabled allowing you to perform the same tasks as with the ipconfig command. Note that winipcfg is available only on Windows 9x/ME and ipconfig is available on Windows 9x/ME, Windows NT, 2000, 2003, and XP.
Following is an example of the results of running nslookup www.sgecollege.com ( non-interactive mode):
NSLOOKUP / DIG
Nslookup displays information you can use to diagnose Domain Name System (DNS) servers and to send DNS queries to DNS servers. Nslookup can be used in interactive or non-interactive mode. In interactive mode, the nslookup command is used without options, to enter a text based console where you can use several sub commands to diagnose DNS. In non-interactive mode, you provide the parameters directly on the command-line after the nslookup command.Following is an example of the results of running nslookup www.sgecollege.com ( non-interactive mode):
You can use a different DNS server by adding the hostname or IP address of another DNS server, for example:
nslookup www.sgecollege.com dc01.srv.com
Dig is a more advanced utility for diagnosing DNS issues. Origninally a UNIX/Linux tools but can be downloaded for Windows as well. It provides numerous options that allow you to control the manual host name lookups and responses. The following screenshot shows the output of running
dig www.techexams.net
Great inspiration today!!! thanks for your blog.
ReplyDeleteJava Training in Bangalore
Java Training Institutes in Bangalore
ethical hacking course in bangalore
German Classes in Bangalore
Python Training in Bangalore
ReplyDeleteWorth for my valuable time, I am very much satisfied with your blog. Thanks for sharing.
RPA Training in Chennai
Robotics Process Automation Training in Chennai
Ethical Hacking Course in Chennai
Python Training in Chennai