Add to collection(s) Add to saved
  1. Science
  2. Physics
  3. Electronics

Network ITNW 1353 Lab 01b

advertisement 
ITNW 1353 Lab 01b - Network Commands
Prof. Michael P. Harris
(Version 20070129)
Lab 1b. TCP/IP Network Commands (CLI commands)
Name: __________________
Notes: This lab is a continuation of Lab-01 with a more detailed look into the options available
with the Microsoft TCP/IP network commands. You will use basic CLI (command-line interface)
commands to test connectivity and gather network information without the use of external
programs. The intent is to show the basic information gathering techniques that can be utilized
by you –or- against you by hackers. The commands that will be used are:
1.
1. ping
- connectivity checks (Is the target computer online?)
2. netstat
- TCP connections (What connections does this machine have?)
3. tracert
- Path taken to target machine (What is the map of the network?)
4. ipconfig
- addressing information (What address do I have? Subnet? Etc.)
5. nbtstat
- NetBIOS Statistics (Displays protocol statistics and NetBIOS)
6. nslookup
- Identifies DNS information
Ping (Packet InterNet Groper)
Test a network connection using ICMP (Internet Communication Messaging Protocol) - if
successful, ping will return the ip-address if a site name is used.
Syntax:
ping [options] {destination | ip-address}
options:
-w timeout
-i TTL
-v TOS
-a
-n count
-t
-l size
-f
-r count
-s count
-j host-list
-k host-list
timeout in milliseconds to Wait for reply
Time To Live
Type Of Service
resolve Addresses to hostnames
Number of echo requests to send
ping repetitively, -no Timeout
send a packet Length of size bytes
set Don't Fragment Flag in packet
Record route for count hops.
time Stamp for count hops.
Loose source route along host-list.
Strict source route along host-list.
destination
name or ip-address of the remote-host
ITNW 1421 – Network-Commands Lab
Page 2 of 18
A response of "request timed out" means there was no response to the ping attempt in the
default time period of one second. Occasionally, administrators disable the ICMP feature in
order to prevent ping scans of their network.
If the latency of the response is more than one second. Use the -w option on the ping command
to increase the time-out. For example, to allow responses within five seconds, use ping -w
5000.
NOTE:
The response of “Destination net unreachable” indicates that the gateway router was unable
to receive a response from the target network. Possibly due to firewall restrictions at the
target.
ITNW 1421 – Network-Commands Lab
Page 3 of 18
Four steps to test an IP connection with ping:
1) Ping the loopback address to verify that TCP/IP is installed and configured correctly on the
local computer.
ping 127.0.0.1
ITNW 1421 – Network-Commands Lab
Page 4 of 18
2) Ping the IP-address of your local computer (ipconfig) to verify that it is connected to the
local area network correctly.
ping ip-address
(of your local host computer)
Remember: the ip-address of your local host may be different than the one in the graphic.
ITNW 1421 – Network-Commands Lab
Page 5 of 18
3) Ping the IP address of the default gateway to verify that the default gateway is functioning
and that you can communicate with a local host on the local network.
ping ip-address
(of your default gateway)
Note: You can use the ipconfig command to learn your network’s default gateway address.
ITNW 1421 – Network-Commands Lab
Page 6 of 18
4) Ping the IP address of a remote host to verify that you can communicate through a router.
ping ip-address
(of a remote host)
Note: If the network administrator has disabled ICMP on the router it may not give a valid reply.
Examples
ping -n 1 -w 5000 workstation-name
ping -w 5000 host-address | find "TTL=" && echo Host found
ping -w 5000 host-address | find "TTL=" || echo Host not found
ping -n 5 -w 5000 www.microsoft.com
ping -n 5 -w 7500 www.microsoft.com
PING stands for Packet InterNet Groper
ITNW 1421 – Network-Commands Lab
2.
Page 7 of 18
Netstat (Network Statistics)
Posts active connections TCP, the ports the computer is listening to, the IP routing table as well
as Ethernet statistics, IPv4 (for protocols IP, ICMP, TCP and UDP) and IPv6 (for protocols IPv6,
ICMPv6, TCP on IPv6 and UDP on IPv6).
Syntax:
netstat [-a][-e][-n][-o][-p protocol][-r][-s][interval]
Parameters:
-a
Posts all Active connections with the computer and lists them by TCP and UDP protocol.
-e
Posts Ethernet statistics, lists the number of bytes and packets sent and received.
This parameter can be combined with -s.
-n
Posts active connections on TCP, but the Number of the port and the addresses are in numerical
format and no attempt is made to determine the names.
-o
Posts active connections TCP and includes the ID of process (PID) of each Open connection.
You can determine the application on the basis of PID indicated.
-p protocol
Posts connections using the Protocol indicated by protocol. The protocol can be TCP, UDP,
tcpv6 or udpv6. If this parameter is utilized with -s to post statistics by protocol, the protocol can be TCP,
UDP, ICMP, IP, tcpv6, udpv6, icmpv6 or ipv6.
-r
Lists the contents of the IP Routing table.
-s
Posts Statistics by protocol. By default, the statistics of TCP, UDP, ICMP and IP are posted. If the IPv6
is being used then the statistics will relate to TCP on IPv6, UDP on IPv6, and ICMP on IPv6. The parameter p can be used to specify a whole list of protocols.
ITNW 1421 – Network-Commands Lab
Page 8 of 18
Using netstat to gather network information.
1) netstat
Simply enter netstat -it will display the protocol, local host, foreign address/host that a
connection is being made to, and the status of the connection.
ITNW 1421 – Network-Commands Lab
Page 9 of 18
2) netstat –r
Use the –r switch –the netstat command will display the routing table information.
ITNW 1421 – Network-Commands Lab
Page 10 of 18
3) netstat –a
Use the –a switch – the netstat command will display ALL connections, TCP or UDP, with your
host. This can be used to identify other hosts on the network or to identify that a connection is
made to your machine without your knowledge. (hackers… silly hackers.)
ITNW 1421 – Network-Commands Lab
3.
Page 11 of 18
Tracert (Trace Route)
Trace Route (tracert on Windows, tracert –or- trace on Unix and Cisco routers) - Find the IPaddress of any remote host. Tracert is useful for troubleshooting large or small networks where
several paths can be taken to arrive at the same point. Tracert will potentially display routers
and other key hardware components from your location to the destination. This command is
great for mapping a network.
Syntax:
tracert [options] target-name
tracert [options] target-ip-address
target-name
target-ip-address
The HTTP or UNC name of the host.
The 32-bit ip-address of the target.
Options:
-d
Do not resolve ip-addresses to hostnames, avoid performing a DNS lookup.
-h max-hops
Maximum number of Hops to search for target.
-j host-list
Trace route along given host-list.
-w timeout
Wait timeout milliseconds for each reply.
The functionality of tracert is the same under all versions of windows but the appearance of the
output is improved under XP and 2003.
Tracert uses the IP TTL-field and ICMP error-messages to determine the route from one host to
another through a network. However, care must be taken when using this utility as it shows the
optimal route, (best path selected, based on the metric for the routing protocol used on the
network) not necessarily the actual route.
ITNW 1421 – Network-Commands Lab
Page 12 of 18
1) Try: tracert 10.2.254.1 (or some other known local ip-address)
2.) More Examples:
tracert www.cisco.com
tracert 201.58.65.2
tracert gateway-address
3.) Practice using the tracert command with all of the switches. Please take note of the 3
times that are displayed, and briefly describe what those times mean, how a larger time can be
significant for an administrator, and so on.
ITNW 1421 – Network-Commands Lab
4. IPconfig
Page 13 of 18
(IP configuration)
Syntax:
ipconfig /all
Display full configuration information.
ipconfig /release [adapter]
Release the IP address for the specified adapter.
ipconfig /renew [adapter]
Renew the IP address for the specified adapter.
ipconfig /flushdns
Purge the DNS Resolver cache.
ipconfig /registerdns
Refresh all DHCP leases and re-register DNS names.
ipconfig /displaydns
Display the contents of the DNS Resolver Cache.
ipconfig /showclassid adapter
Display all the DHCP class IDs allowed for specified adapter.
ipconfig /setclassid adapter [classid] Modify the DHCP class-id for specified adapter.
The default output is to display only the IP-address, subnet mask and default gateway for
each adapter bound to the TCP/IP protocol suite.
1) C:\> ipconfig
ITNW 1421 – Network-Commands Lab
Page 14 of 18
For release and renew, if no adapter-name is specified, then the IP-address leases for all
adapters bound to the TCP/IP protocol suite will be released or renewed.
For setclassid, if no class-ID is specified, then the class-ID is removed.
2) C:\> ipconfig /all
Use ipconfig /all -to display all available information that is known to your network card.
3.) More Examples:
ipconfig
... Show information.
ipconfig /all
... Show detailed information
ipconfig /renew
... renew all adapters
ipconfig /renew EL*
... renew any connection that has its name starting with EL
ipconfig /release *Con* ... release all matching connections,
e.g. "Local Area Connection 1" or "Local Area Connection 2"
ipconfig /setclassid "Local Area Connection" TEST
... set the DHCP class-ID for the named-adapter to TEST
ITNW 1421 – Network-Commands Lab
5. NBTstat
Page 15 of 18
(NetBIOS Statistics)
NBT (NetBIOS over TCP/IP) STAT (Statistics) is a critical tool for problem solving and depends
on the Microsoft's use of NetBIOS in Windows. The foundation for file and print sharing within
Microsoft's windows networks is the Server Message Block (SMB) protocol (later renamed to
CIFS, Common Internet File System). Every Windows computer is assigned a user-friendly
NetBIOS name to allow them to communicate with each other. Workgroup and Domain names
are also NetBIOS names. The NetBIOS protocol is not routable (-or so it is said!). NetBIOS over
TCP/IP is routable. Thus NetBIOS tools like nbtstat are valuable for discovery and problem
solving on Windows-based networks. It is a tool to view and manipulate the NetBIOS name
table and the name cache.
It is possible to discover who is logged onto a networked PC using the network utility nbtstat
since its in the logged on account is part of the naming info maintained locally by NBT. NBT
runs on each Windows-based PC and functions as a local naming agent for TCP/IP. If a network
address is not locally cached, NBT gets the information from WINS or LMHOST.
Warning: nbtstat can be used to capture logon ids.
Syntax: Displays protocol statistics and current TCP/IP connections using NBT (NetBIOS over TCP/IP).
nbtstat [ [-a Remote-Name] [-A IP-address] [-c][-n][-r][-R][-RR][-s][-S][interval] ]
-a
(adapter status) Lists the remote machine's name table given its remote-name
-A
(Adapter status) Lists the remote machine's name table given its IP-address.
-c
(cache) Lists NBT's cache of remote [machine] names and their IP-addresses
-n
(names) Lists local NetBIOS names.
-r
(resolved) Lists names resolved by broadcast and via WINS
-R
(Reload) Purges and reloads the remote cache name table
-S
(Sessions) Lists sessions table with the destination IP-addresses
-s
(sessions) Lists a sessions table converting destination IP-addresses to computer NETBIOS names.
-RR
(Release Refresh) Sends Name Release packets to WINS and then, starts Refresh
ITNW 1421 – Network-Commands Lab
Page 16 of 18
1.) Run the nbtstat network command-line utility with these options:
nbtstat -a pc20
-or use vb179dmc52427 (teacher computer) for the remote-name
ITNW 1421 – Network-Commands Lab
Page 17 of 18
2.) Try nbtstat -A 10.2.11.100 (or a known local ip-address)
Notice that you use -a when you know the machine-name and -A when
you know the ip-address.
6.
NSLookup (dNS Lookup)
The NSLookup utility is different in that it has an “interactive” CLI interface. For Example:
to get help and display a list of “subcommands” available…
Type nslookup at your command prompt; Your response will be a ‘>’ prompt.
This is the interface for the internal or subcommands. To get started, type ‘?’.
C:\> nslookup
Default Server: dnsint.delmar.edu
Address: 10.40.48.9
>?
Commands: (identifiers are shown in uppercase, [] means optional)
NAME
NAME1 NAME2
help or ?
- print info about the host/domain NAME using default server
- as above, but use NAME2 as server
- print info on common commands
ITNW 1421 – Network-Commands Lab
Page 18 of 18
set OPTION
- set an option
all
- print options, current server and host
[no]debug
- print debugging information
[no]d2
- print exhaustive debugging information
[no]defname
- append domain name to each query
[no]recurse
- ask for recursive answer to query
[no]search
- use domain search list
[no]vc
- always use a virtual circuit
domain=NAME
- set default domain name to NAME
srchlist=N1[/N2/.../N6] - set domain to N1 and search list to N1,N2, etc.
root=NAME
- set root server to NAME
retry=X
- set number of retries to X
timeout=X
- set initial time-out interval to X seconds
type=X
- set query type (ex. A,ANY,CNAME,MX,NS,PTR,SOA,SRV)
querytype=X
- same as type
class=X
- set query class (ex. IN (Internet), ANY)
[no]msxfr
- use MS fast zone transfer
ixfrver=X
- current version to use in IXFR transfer request
server NAME
lserver NAME
finger [USER]
root
-
set default server to NAME, using current default server
set default server to NAME, using initial server
finger the optional NAME at the current default host
set current default server to the root
ls [opt] DOMAIN [> FILE] - list addresses in DOMAIN (optional: output to FILE)
-a
- list canonical names and aliases
-d
- list all records
-t TYPE
- list records of the given type (e.g. A,CNAME,MX,NS,PTR etc.)
view FILE
exit
- sort an 'ls' output file and view it with pg
- exit the program
>_
CLI direct syntax:
nslookup [-subCommand ...] [{ComputerToFind| [-Server]}]
-SubCommand ... :
ComputerToFind :
Specifies one or more nslookup subcommands as a command-line option.
Looks up information for the specified Computer-To-Find using the current default
DNS name server, if no other server is specified. To look up a computer not in the
current DNS domain, append a period to the name.
-Server :
Specifies to use this server as the DNS name server. If you omit -Server, the
default DNS name server is used.
{help | ?} :
Displays a short summary of nslookup subcommands.
Related documents
Chapter 19 For More Information
Chapter 19 For More Information
Basic Networking Assignment
Basic Networking Assignment
Introduction to Networking with Windows 7 A. Lab Setup B
Introduction to Networking with Windows 7 A. Lab Setup B
KIS – Cvičenie #1
KIS – Cvičenie #1
Lab 1L
Lab 1L
Laura Kier Submission for Errata IT Essentials Fifth Edition Page
Laura Kier Submission for Errata IT Essentials Fifth Edition Page
Q13 Why do manufacturers of network hardware and software follow
Q13 Why do manufacturers of network hardware and software follow
Exercise #4 - UNCW/CSB Application Server Landing Page
Exercise #4 - UNCW/CSB Application Server Landing Page
Download
advertisement