Академический Документы
Профессиональный Документы
Культура Документы
1
Aim: Study of DOS commands and utilities with respect to computer network.
Theory:
IPCONFIG COMMAND : About: 1) A Windows command line utility that is used to manage the IP address assigned to the machine it is running in. Used without any additional parameters, it displays the computer's currently assigned IP, subnet mask and default gateway addresses 2) Displays all current TCP/IP network configuration values and refreshes Dynamic Host Configuration Protocol (DHCP) and Domain Name System (DNS) settings. Availability: The OS that support PING command are : Windows 95, Windows 98, Windows ME, Windows 2000, Windows XP, Windows Vista, Windows 7 Syntax : ipconfig [/option] Options : /all Display full configuration information.
Examples :
PING COMMAND : About: 1) Short for Packet InterNet Groper.Ping works on the Network Layer 2) Ping is a simple diagnostic tool that can check for connectivity between two points on a network. It is one of the most used TCP/IP utilities when setting up a network or changing network settings. 3) The PING command is used for conducting the most basic network test: can
your computer reach another computer on the network, and if so how long does it take?
Availability:
Options: -t Pings the specified host until stopped. To see statistics and continue - type Control-Break; To stop - press Ctrl + C. Resolve addresses to hostnames. Number of echo requests to send.
-a -n count
-f -i TTL
-r count
-w timeout
Examples:
Additional information:
The Internet Ping command bounces a small packet off a domain or IP address to test network communications, and then tells how long the packet took to make the round trip.
ARP COMMAND : About : 1) Short for Address Resolution Protocol, 2) It is a network layer protocol used to convert an IP address into a physical address (called a DLC address), such as an Ethernet address. 3) A host wishing to obtain a physical address broadcasts an ARP request onto the TCP/IP network. The host on the network that has the IP address in the request then replies with its physical hardware address Availability:
-g -d -s
inet_addr
Examples:
TRACERT COMMAND : About: 1) Short for Trace Route.tracert works on network layer. 2) Tracert command shows the path that packets of data follow while being sent on the network. It is useful for troubleshooting large networks where several paths can be taken to arrive at the same point, or where many intermediate systems (routers or bridges) are involved. 3) Care must be taken with tracert as it shows the optimal route, not
necessarily the actual route.
Syntax TRACERT [options] target_name target_name : Options: -d Do not resolve addresses to hostnames. (avoids performing a DNS lookup) The HTTP or UNC name of the host
-h -j
max_hops Maximum number of hops to search for target.(default 30) host-list Trace route along given host-list. up to 9 hosts in dotted decimal notation,separated by spaces
Examples :
NETSTAT COMMAND : ABOUT: 1) Short for Network Statistics 2) The netstat command is used to display the TCP/IP network protocol statistics and information. It is a command-line tool that displays network connections (both incoming and outgoing), routing tables, IP addresses ,ports and a number of network interface statistics. 3) Netstat command displays local and remote connections to the computer. Availability:
Options: -a -e -r Display All connections and listening ports. Display Ethernet statistics. Display the Routing table.
-p protocol Show only connections for the protocol specified; may be any of: TCP, UDP, TCPv6 or UDPv6. If used with the -s option then the following protocols may also be specified: IP, IPv6, ICMP,or ICMPv6.
Examples :
Additional information:
Netstat can be a helpful forensic tool when trying to determine what processes and programs are active on a computer and involved in networked communications. It can provide telltale signs of malware compromise under some circumstances and is a good tool to use to observe what kinds of communications are underway at any given time.
Syntax :
ftp [-option] Options: -i : turns off interactive prompting during multiple file transfers -D : Specifies the maximum number of seconds that the ftp command holds a data connection. The default value is 300 seconds and can range from 300 seconds to 3600 seconds.
NSLOOKUP COMMAND :
ABOUT : 1) Short for Name Server Lookup 2) NSLOOKUP command to query the Domain Name Service for information about domain names and IP addresses. It is an MS-DOS utility that
3) If you enter a domain name, you get back the IP address to which it corresponds, and if you enter an IP number, then you get back the domain name to which it corresponds.
Availability:
nslookup [-opt ...] [{Host| [Server]}] Parameter Description -opt Specifies one or more Nslookup subcommands as a command-
line option. Host Looks up information for Host using the current default DNS server, if no other server is specified. To look up a computer not in the current DNS domain, append a period to the name. Specifies to use this server as the DNS name server. If you don't specify a server, the default DNS server is used.
Server
Examples:
nslookup 204.228.150.3 Server: ns.computerhope.com Address: 1.1.1.1 Name: www.computerhope.com Address: 204.228.150.3 Additional information: nslookup operates in interactive or non-interactive mode.
Examples :
Additional information : Telnet was one of the earliest protocols and in the early days was used primarily to allow users in one location to access accounts or machines in another location.
HOSTNAME COMMAND : About Hostname is the program that is used to either set or display the current host, domain or node name of the system. These names are used by many of the networking programs to identify the machine. Availability: Windows 2000,Windows XP, Windows Vista , Windows 7,and Linux based Operating Systems Syntax:
hostname Examples :
TCPDUMP COMMAND : About : tcpdump is a common packet analyzer that runs under the command line. It allows the user to intercept and display TCP/IP and other packets being transmitted or received over anetwork to which the computer is attached. Availability : Unix-like operating systems: Linux, Solaris, BSD, Mac OS X, HP-UX and AIX among others. Syntax : Tcpdump [-option] Options :
-A -c
Print each packet (minus its link level header) in ASCII. Handy for capturing web pages. Exit after receiving count packets.
Examples :
1.tcpdump host hope In the above example tcpdump would print all packets arriving at or departing from hope. 2.tcpdump -i eth0 Capture data on eth0 interface.
WHOIS COMMAND :
About : WHOIS is a query and response protocol that is widely used for querying databases that store the registered users or assignees of an Internet resource, such as a domain name, an IP address block Availability: Unix and Unix-like OS.
Syntax: whois [-option] identifier identifier -h Name or host you wish to identify HOST --host=HOST
-p
overrides any hosts in the configuration file and queries HOST directly. PORT --port=PORTspecifies a port number to use when querying a HOST.
Examples: whois computerhope.com doing a whois on computerhope.com, for example, will list information similar to the following. Whois Server Version 1.3