In this article, you will learn:
1. PING
ping
This is a very useful command that comes in handy when trying to test your network connection. The ping command allows you to determine if your network is online, or offline.
It can be used on any computer running Windows 7 or higher and it can also detect if your connection is slow, too many hops away, etc.
2. IPconfig
ipconfig
In computers and networking, an IP address (Internet Protocol address) is a numerical label assigned to each device participating in a computer network.
IPconfig command – displays all current TCP/IP network connections, their local and remote addresses, the length of time they have spent connected, and the protocol being used to transfer data.
The ipconfig command is a useful tool that you can use to display your system’s current TCP/IP connections. All of the following general ipconfig command outputs are case sensitive.
• The IP address is a unique numeric label that is assigned to a computer or other device participating in a TCP/IP-based network. Each computer on the network must have an IP address so that each device can communicate securely with other devices on the network.
• The network mask is used to specify the scope of a local subnet. For example, if you are using Class C subnets, then you would use 255.255.0.0 as your network mask; this would enable your computer to communicate with all computers on the 192.168 range (192.168 through 192.168).
3. GetMAC
getmac
The getmac command lets you read a MAC address from the network adapter on your machine and write it to standard output via the terminal window.
Particularly, the command is useful to identify MAC addresses that have been written to disk by other programs using techniques such as DNS spoofing and ARP spoofing.
The getmac command was introduced in FreeBSD 5.0 but has since been ported to Linux and other operating systems.
4. ARP
arp
ARP, or Address Resolution Protocol, is a protocol that maps IP addresses to physical addresses. It is used in networking and routing devices to maintain tables of IP-to-MAC and MAC-to-IP mappings for local area networks (LANs).
Nowadays, though, it’s often used as a way to detect network attacks by mapping physical locations and probing them in order to determine what is happening on the network other than just logging into an office computer.
If you’ve ever been tasked with figuring out whether an attacker has spoofed their MAC address and how they are performing ARP poisoning attacks, you’ll probably find yourself in need of some help. Fortunately, the arp command is quite useful.
The most dangerous situation where the arp command comes in handy is when an attacker has spoofed his MAC address and is doing ARP poisoning. Using the arp command, you can figure out who’s on the network by scanning for the physical address of their router.
5. NSLOOKUP
nslookup
Nslookup is a utility that displays information about Domain Name System (DNS) names that you enter at the command prompt. It is a useful tool for troubleshooting DNS name-resolution problems. For example, you can use Nslookup to verify whether or not the IP address of a hostname has been registered with a DNS server or if it has been cached locally. You might also find it useful to see if your default DNS server is either reachable or authoritative for your domain name. You can do all of this with NSLOOKUP.
6. NETSTAT
netstat
Is a versatile command that displays the status of network connections. It’s often used to troubleshoot issues with Internet connectivity and to gather data about incoming and outgoing network activity.
The NETSTAT command is available in most UNIX-based operating systems such as Linux, OS X, and some commercial versions of Windows. In general, the command only displays active network connections; it does not show passive network connections, such as BBRTP or TUN interfaces running on host PCs.
One of the more common uses for netstat is to watch traffic between networks and to determine if a particular program or service is transmitting data over the Internet.
7. TRACERT
tracert
Tracert is the command that displays the route packets take to reach a remote computer. It can be useful in diagnosing routing problems or checking network connectivity.
Tracert will also give you insight into your ISP’s performance as they route your traffic between locations and across their networks as well as troubleshoot latency issues related to network speed or distance.
8. PATHPING
pathping
You can use pathping to identify network latency and packet loss in the network between two points that are specified by protocol addresses (and optionally, a network mask).
It uses an iterative technique that sends successive packets to each destination and then analyzes the returning traffic. This helps to diagnose connectivity problems, especially when one site is behind a firewall or router performing NAT.
9. ROUTE
route
The route command is a Windows utility that helps administrators configure routing information in local and remote computers running the ROUTE service. The route command has many functions available and offers a variety of parameters. It’s fairly straightforward with easy-to-use syntax.
The Windows “route” utility is used for configuring routing information on either remote or local computers running ROUTE service (functionality varies by operating system).
Using the route command, an administrator can view and change information involving IP subnets and gateways; resolve what a remote network is to a local network; configure static, private IP addresses; modify the default gateway in Windows machines; configure name resolution for Internet Protocol (IP) version 4 (IPv4), IPv6 or both; determine whether Internet Control Message Protocol (ICMP) packets are forwarded or blocked from the computer to the network or vice versa.
10. SYSTEMINFO
systeminfo
The systeminfo command is used to generate or display structured, textual information about various aspects of the computer and its configuration. It is one of the most useful and versatile diagnostic tools provided by Windows Sysinternals. Because of its utility, systeminfo is included as a standard support tool in the Windows operating system.
The information that can be produced or captured includes: the computer’s configuration, performance statistics, logon session details, machine listings, installed hotfixes and service packs and network statistics. The utility can produce its output in both human-readable and machine-readable (XML) format.
11. NETSH
netsh
Netsh stands for network shell and was first introduced in the original release of Microsoft’s networking suite. It is a tool that allows users to query and change settings on their networks, such as the TCP/IP stack or DNS server.
Netsh also provides a scripting environment that can be used to automate connecting and disconnecting from networks or configuring IP addresses automatically by reading an Ethernet card’s Media Access Control (MAC) address that matches an IP address stored in a file or database.
