Assignment No.

1
Aim: Study of DOS commands and utilities with respect to computer network.

Theory:

IPCONFIG COMMAND : About: 1) A Windows command line utility that is used to manage the IP address assigned to the machine it is running in. Used without any additional parameters, it displays the computer's currently assigned IP, subnet mask and default gateway addresses 2) Displays all current TCP/IP network configuration values and refreshes Dynamic Host Configuration Protocol (DHCP) and Domain Name System (DNS) settings. Availability: The OS that support PING command are : Windows 95, Windows 98, Windows ME, Windows 2000, Windows XP, Windows Vista, Windows 7 Syntax : ipconfig [/option] Options : /all Display full configuration information.

/release Release the IP address for the specified adapter.

Examples :

PING COMMAND : About: 1) Short for Packet InterNet Groper.Ping works on the Network Layer 2) Ping is a simple diagnostic tool that can check for connectivity between two points on a network. It is one of the most used TCP/IP utilities when setting up a network or changing network settings. 3) The PING command is used for conducting the most basic network test: can
your computer reach another computer on the network, and if so how long does it take?

Availability:

The OS that support PING command are :

Windows 95,Windows 98,Windows ME, Windows NT, Windows 2000,Windows XP, Windows Vista, Windows 7 Syntax Ping [-option] destination

Options: -t Pings the specified host until stopped. To see statistics and continue - type Control-Break; To stop - press Ctrl + C. Resolve addresses to hostnames. Number of echo requests to send.

-a -n count

-f -i TTL

Set Don't Fragment flag in packet. Time To Live.

-r count

Record route for count hops.

-w timeout

Timeout in milliseconds to wait for each reply.

Examples:

Additional information:
The Internet Ping command bounces a small packet off a domain or IP address to test network communications, and then tells how long the packet took to make the round trip.

ARP COMMAND : About : 1) Short for Address Resolution Protocol, 2) It is a network layer protocol used to convert an IP address into a physical address (called a DLC address), such as an Ethernet address. 3) A host wishing to obtain a physical address broadcasts an ARP request onto the TCP/IP network. The host on the network that has the IP address in the request then replies with its physical hardware address Availability:

The OS that support ARP command are :

Windows 95,Windows 98,Windows ME, Windows NT, Windows 2000,Windows XP, Windows Vista, Windows 7 Syntax:

ARP -s inet_addr eth_adr ARP -d inet_addr ARP -a

-a Displays current ARP entries by interrogating the current protocol data. If inet_addr is specified, the IP and Physical addresses for only the specified computer are displayed. If more than one network interface uses ARP, entries for each ARP table are displayed. Same as -a Deletes the host specified by inet_addr. Adds the host and associates the Internet address inet_addr with the Physical address eth_addr. The Physical address is given as 6 hexadecimal bytes seperated by hyphens. The entry is permanent. Specifies an Internet address. eth_addr Specifies a physical address

-g -d -s

inet_addr

Examples:

TRACERT COMMAND : About: 1) Short for Trace Route.tracert works on network layer. 2) Tracert command shows the path that packets of data follow while being sent on the network. It is useful for troubleshooting large networks where several paths can be taken to arrive at the same point, or where many intermediate systems (routers or bridges) are involved. 3) Care must be taken with tracert as it shows the optimal route, not
necessarily the actual route.

Syntax TRACERT [options] target_name target_name : Options: -d Do not resolve addresses to hostnames. (avoids performing a DNS lookup) The HTTP or UNC name of the host

-h -j

max_hops Maximum number of hops to search for target.(default 30) host-list Trace route along given host-list. up to 9 hosts in dotted decimal notation,separated by spaces

Examples :

NETSTAT COMMAND : ABOUT: 1) Short for Network Statistics 2) The netstat command is used to display the TCP/IP network protocol statistics and information. It is a command-line tool that displays network connections (both incoming and outgoing), routing tables, IP addresses ,ports and a number of network interface statistics. 3) Netstat command displays local and remote connections to the computer. Availability:

The OS that support netstat command are :

Windows 95,Windows 98,Windows ME, Windows NT, Windows 2000,Windows XP, Windows Vista, Windows 7 Syntax : NETSTAT [options]

Options: -a -e -r Display All connections and listening ports. Display Ethernet statistics. Display the Routing table.

-p protocol Show only connections for the protocol specified; may be any of: TCP, UDP, TCPv6 or UDPv6. If used with the -s option then the following protocols may also be specified: IP, IPv6, ICMP,or ICMPv6.

Examples :

Additional information:
Netstat can be a helpful forensic tool when trying to determine what processes and programs are active on a computer and involved in networked communications. It can provide telltale signs of malware compromise under some circumstances and is a good tool to use to observe what kinds of communications are underway at any given time.

FTP COMMAND : About:

1) Short for File Transfer Protocol 2) The ftp command uses the File Transfer Protocol (FTP) to transfer files between the local host and a remote host or between two remote hosts. Remote execution of the ftp command is not recommended. 3) The FTP protocol allows data transfer between hosts that use dissimilar file systems

Syntax :

ftp [-option] Options: -i : turns off interactive prompting during multiple file transfers -D : Specifies the maximum number of seconds that the ftp command holds a data connection. The default value is 300 seconds and can range from 300 seconds to 3600 seconds.

NSLOOKUP COMMAND :
ABOUT : 1) Short for Name Server Lookup 2) NSLOOKUP command to query the Domain Name Service for information about domain names and IP addresses. It is an MS-DOS utility that

enables a user to look up an IP address of a domain or host on a network.

3) If you enter a domain name, you get back the IP address to which it corresponds, and if you enter an IP number, then you get back the domain name to which it corresponds.

Availability:

The OS that support NSLOOKUP command are :

Windows NT, Windows 2000,Windows XP, Windows 7 Syntax :

nslookup [-opt ...] [{Host| [Server]}] Parameter Description -opt Specifies one or more Nslookup subcommands as a command-

line option. Host Looks up information for Host using the current default DNS server, if no other server is specified. To look up a computer not in the current DNS domain, append a period to the name. Specifies to use this server as the DNS name server. If you don't specify a server, the default DNS server is used.

Server

Examples:

nslookup 204.228.150.3 Server: ns.computerhope.com Address: 1.1.1.1 Name: www.computerhope.com Address: 204.228.150.3 Additional information: nslookup operates in interactive or non-interactive mode.

TELNET COMMAND: About

1) Short for Telecommunications network 2) Telnet works on application-layer.The command allows a user to connect to an account on another remote machine. A client program on one machine can connect with a server program running on another machine using this protocol. Users utilizing Telnet interact with the remote machine in the same way as they would with a local machine. The Telnet client has two primary functions: -Interacting with the user terminal on the local host -Communicating with the remote telnet server 3) Telnet is a text-only protocol. At one time it was one of the most common ways to connect to other sites. Now with the growth of the web, it is hardly used. There are still a few sites and resources that can only be reached through telnet. Availability: Windows 2000,Windows XP Syntax : telnet [host [port]] host specifies the hostname or IP address of the remote computer to connect to.

port Specifies the port number or service name.

Examples :

Additional information : Telnet was one of the earliest protocols and in the early days was used primarily to allow users in one location to access accounts or machines in another location.

HOSTNAME COMMAND : About Hostname is the program that is used to either set or display the current host, domain or node name of the system. These names are used by many of the networking programs to identify the machine. Availability: Windows 2000,Windows XP, Windows Vista , Windows 7,and Linux based Operating Systems Syntax:

hostname Examples :

TCPDUMP COMMAND : About : tcpdump is a common packet analyzer that runs under the command line. It allows the user to intercept and display TCP/IP and other packets being transmitted or received over anetwork to which the computer is attached. Availability : Unix-like operating systems: Linux, Solaris, BSD, Mac OS X, HP-UX and AIX among others. Syntax : Tcpdump [-option] Options :

-A -c

Print each packet (minus its link level header) in ASCII. Handy for capturing web pages. Exit after receiving count packets.

Examples :

1.tcpdump host hope In the above example tcpdump would print all packets arriving at or departing from hope. 2.tcpdump -i eth0 Capture data on eth0 interface.

WHOIS COMMAND :

About : WHOIS is a query and response protocol that is widely used for querying databases that store the registered users or assignees of an Internet resource, such as a domain name, an IP address block Availability: Unix and Unix-like OS.

Syntax: whois [-option] identifier identifier -h Name or host you wish to identify HOST --host=HOST

-p

overrides any hosts in the configuration file and queries HOST directly. PORT --port=PORTspecifies a port number to use when querying a HOST.

Examples: whois computerhope.com doing a whois on computerhope.com, for example, will list information similar to the following. Whois Server Version 1.3