Network and information security

BASIC NATWORK COMMANDS LAB MANNUAL

A network consists of several computers connected together. The network can be as simple as a few computers connected in your home or office, or as complicated as a large university network or even the entire Internet. When your computer is part of a network, you have access to those systems either directly or through services like mail and the web. There are a variety of networking programs that you can use. Some are handy for performing diagnostics to see if everything is working properly. Others (like mail readers and web browsers) are useful for getting your work done and staying in contact with other people. 1. Ping:Pinging sends an ICMP ECHO_REQUEST packet to the specified host. If the host responds, you get an ICMP packet back. Sound strange? Well, you can ping an IP address to see if a machine is alive. If there is no response, you know something is wrong. Or connection is died. When we are pinging to a destination host we must be use the ip address of the destination pc: Ping 192.168.1.2 Or the domain name like: Ping www.google.com. Ipconfig : is a DOS(Microsoft command prompt) utility that can be used from MS-DOS and an MS-DOS shell to display the network settings currently assigned and given by a network. This command can be utilized to verify a network connection as well as to verify your host pc network settings.

PREPARED BY: KIDANE AND ELIAS

Page 1

Network and information security

Examples

To get your computers local network IP address, subnet mask, and default gateway typing ipconfig alone will display this information as shown below. Keep in mind this is only your local network information. Ethernet adapter Local Area Connection: Connection-specific DNS Suffix . : hsd1.ut.comcast.net. IP Address . . . . . . . . . . . . : 192.168.201.245 Subnet Mask . . . . . . . . . . . : 255.255.255.0 Default Gateway . . . . . . . . . : 192.168.201.1 To get all local network information for your computer use the /all switch as shown below, followed by the results that would be seen when using this command. 2. Ipconfig Ipconfig: [/? | /all | /release [adapter] | /renew [adapter] | /flushdns | /registerdns | /showclassid adapter | /setclassid adapter [classidtoset] ] 2.1. Ipconfig/all : Display full configuration information(displays connection configuration). 2.2. Ipconfig /release: delete ip configuration setting.

PREPARED BY: KIDANE AND ELIAS

Page 2

Network and information security

2.3.Ipconfig /renew Renew the IP address for the specified adapter. 2.4.Ipconfig /flushdns: Purges the DNS Resolver cache. Delete the information about the DNS. 2.4. Ipconfig/registerdns: Refreshes all DHCP leases and re-registers DNS names. 2.5. Ipconfig/displaydns: Display the contents of the DNS Resolver Cache. 2.6. Ipconfig/showclassid: Displays all the dhcp class IDs allowed for adapter. 2.7. Ipconfig /setclassid: Modifies the dhcp class id. ipconfig /all Windows IP Configuration Host Name . . . . . . . . . : COMPUTERH1 DNS Servers . . . . . . . . : 123.45.67.8 111.111.111.1 111.111.111.1 Node Type . . . . . . . . . : Broadcast NetBIOS Scope ID. . . . . . : IP Routing Enabled. . . . . : No WINS Proxy Enabled. . . . . : No NetBIOS Resolution Uses DNS : No 0 Ethernet adapters: Description . . . . . . . . : PPP Adapter. Physical Address. . . . . . : 44-44-44-54-00-00 DHCP Enabled. . . . . . . . : Yes IP Address. . . . . . . . . : 123.45.67.802 Subnet Mask . . . . . . . . : 255.255.0.0 Default Gateway . . . . . . : 123.45.67.801 DHCP Server . . . . . . . . : 255.255.255.255 Primary WINS Server . . . . : Secondary WINS Server . . . : Lease Obtained. . . . . . . : 01 01 80 12:00:00 AM Lease Expires . . . . . . . : 01 01 80 12:00:00 AM 1 Ethernet adapter :
PREPARED BY: KIDANE AND ELIAS

Page 3

Network and information security

Description . . . . . . . . : 3Com 3C90x Ethernet Adapter Physical Address. . . . . . : 00-50-04-62-F7-23 DHCP Enabled. . . . . . . . : Yes IP Address. . . . . . . . . : 111.111.111.108 Subnet Mask . . . . . . . . : 255.255.255.0 Default Gateway . . . . . . : 111.111.111.1 DHCP Server . . . . . . . . : 111.111.111.1 Primary WINS Server . . . . : Secondary WINS Server . . . : Lease Obtained. . . . . . . : 11 16 00 12:12:44 AM Lease Expires . . . . . . . : 3. Telnet The ability to remotely log in and do stuff on another computer is what separates UNIX and Unix-like operating systems from other operating systems. Telnet allows you to log in to a computer, just as if you were sitting at the terminal. Once your username and password are verified, you are given a shell prompt. From here, you can do anything requiring a text console. Compose email, read newsgroups, move files around, and so on. If you are running X and you telnet to another machine, you can run X programs on the remote computer and display them on yours. To login to a remote machine, use this syntax: Telnet <hostname> If the host responds, you will receive a login prompt. Give it your username and password. That's it. You are now at a shell. To quit your telnet session, use either the exit command or the logout command. Telnet does not encrypt the information it sends. Everything is sent in plain text, even passwords. It is not advisable to use telnet over the Internet. Instead, consider the Secure Shell. It encrypts all traffic and is available for free. 4. Trace route: Slackware's trace route command is a very useful network diagnostic tool. Trace route displays each host that a packet travels through as it tries to reach its destination. You can see how many hops from the Slack ware web site you are with this command:
PREPARED BY: KIDANE AND ELIAS

Page 4

Network and information security

The syntax of Trace route is Open Microsoft command prompt then type: #Trace route www.google.com 5. NETSTAT:

The net stat command is used to display the TCP/IP network protocol statistics and informations. Information about the protocol state. Syntaxs of netstate NETSTAT [-a] [-e] [-n] [-s] [-p proto] [-r] [interval] Example: NETSTAT a: Displays all connections and listening ports.

NETSTAT e: Displays Ethernet statistics. This may be combined with the -s option.

PREPARED BY: KIDANE AND ELIAS

Page 5

Network and information security

NETSTAT n: Displays addresses and port numbers in numerical form.

NETSTAT r: Displays the routing table.

5.1. Net: it is used for resource management. 5.2. Netsh: it configures network interfaces, window firewall remote access.

Open command prompt then: Type # netsh >> Then Type# show one of the netsh properties

PREPARED BY: KIDANE AND ELIAS

Page 6

Network and information security

Show helper Show mode Show allias

There are different states on net stat protocol: Timeout Time wait Established Acknowledgement close

PREPARED BY: KIDANE AND ELIAS

Page 7

Network and information security

6. ARP (Address Resolution Protocol):

Displays, adds and removes arp information from network devices. The arp.exe command is an external command accessed through the C:\Windows or C:\Winnt\System32 directory and is available in the below Microsoft operating systems. Syntax ARP -s inet_addr eth_adr [if_addr] ARP -d inet_addr [if_addr] ARP -a [inet_addr] [-N if_addr] ARP a: Displays current ARP entries by interrogating the current protocol data. If inet_addr is specified, the IP and Physical addresses for only the specified computer are displayed. If more than one network interface uses ARP, entries for each ARP table are displayed. ARP g: Same as a ARP inet_addr:Specifies an Internet address. -N if addr : Displays the ARP entries for the network interface specified by if_addr. ARP -d: Deletes the host specified by inet_addr.
PREPARED BY: KIDANE AND ELIAS

Page 8

Network and information security

arp-s:Adds the host and associates the Internet address inet_addr with the Physical address eth_addr. The Physical address is given as 6 hexadecimal bytes seperated by hyphens. The entry is permanent. Arp -eth_addr:Specifies a physical address 7. NSLOOKUP: It is used for server side.that is name server side lookup.

8. Pathping: Similar to the tracert command, pathping provides users with the ability of locating spots that have network latency and network loss.

pathping[-n] [-h maximum_hops] [-g host-list] [-p period] [-q num_queries] [-w timeout] [-t] [R] [-r] target_name Pathping -n: Do not resolve addresses to hostnames. Pathping -h Maximum number of hops to search for target. Pathping -g host-listLoose source route along host-list. Pathping -p periodWait period milliseconds between pings. Pathping -q num_queriesNumber of queries per hop. Example: path ping 192.168.1.1 9. NBSTAT:It helps to troubleshoot the net Bios name resolution problem.
PREPARED BY: KIDANE AND ELIAS

Page 9

Network and information security

NBTSTAT: MS-DOS utility that displays protocol statistics and current TCP/IP connections using NBT. Syntax 10.NBTSTAT [ [-a RemoteName] [-A IP address] [-c] [-n] [-r] [-R] [-RR] [-s] [-S] [interval] ] 11.FINGER::retrive the information about a user on a network

Ftp: FTP stands for the File Transfer Protocol. It allows you to send and receive files
between two computers. There is the FTP server and the FTP client. We discuss the client in this section. For the curious, the client is you. The server is the computer that answers your FTP request and lets you login. You will download files from and upload files to the server. The client cannot accept FTP connections, it can only connect to servers. To connect to an FTP server, simply run the ftp(1) command and specify the host: ftp <hostname> [port] If the host is running an FTP server, it will ask for a username and password. You can log in as yourself or as anonymous. Anonymous FTP sites are very popular for software archives. For example, to get Slackware Linux via FTP, you must use anonymous FTP. Once connected, you will be at the ftp> prompt. There are special commands for FTP, but they are similar to other standard commands. The following shows some of the basic commands and what they do

The Secure shell

Today, secure shell basks in the adoration that telnet once enjoyed. ssh(1) allows one to make a connection to a remote machine and execute programs as if one were physically present; however, ssh encrypts all the data travelling between the two computers so even if others intercept the conversation, they are unable to understand it. A typical secure shell connection follows. Syntax:
Ssh hostname(ip address)

N.B:TELNT,SSH and winipcfg are mostly working on lunix operating system.

PREPARED BY: KIDANE AND ELIAS

Page 10

Network and information security

Winipcfg command The winipcfg command allows a user to Click here related information such as the IP address, Subnet Mask, Default Gateway, DHCP Server, WINS Server, etc. To run the program, click Start / Run and type "winipcfg" in the run line. This should open the winipcfg window similar to the below picture.

If more than one adapter is present in the computer, use the drop down window to see the other adapters' information. In the above information, we are displaying the PPP adapter's information, which would be the Dialup or Modem Internet connection information. If you were currently connected on the Internet, you should have a value other than 0.0.0.0 for the IP address. Clicking More Info will display all of the available network related information. Below is an example of what is displayed when clicking the More Info button and changing our adapter to our Network adapter.

PREPARED BY: KIDANE AND ELIAS

Page 11

Network and information security

As illustrated in the above picture, you can clearly see that displaying more info will allow you to display much more valuable information about the network. In the above example, we are displaying the 3Com 3C90x Ethernet Adapter on our Network Adapter card. As seen, we can verify the IP address of the network card as well as any other pertinent information about the network adapter

PREPARED BY: KIDANE AND ELIAS

Page 12