Part 1: DOS COMMANDS
Notice: Each DOS command has a help command that gives sufficient information about each of them. This section will briefly cover each command and show a few example of usage. Please remember that the purpose of this FAQ is to expose you to the information and point you in the correct direction to further your learning. This is not a Step-by-Step How-To Guide.
Q. - What is the NETSTAT Command and how do I use it?
A. – The NetStat Command in DOS is used to display protocol statistics and current TCP/IP network connection (DOS Help Command)
How to use NetStat:
For a list of commands for NetStat at the DOS Prompt type the following:
[Prompt]> netstat /?
It will display a list of commands, as well as a short description of each.
Example Usage: To Display all active connections and listening ports issue the following:
[Prompt]> netstat –a
You will receive something similar to the following:
Active
Connections
|
Proto |
Local Address |
Foreign Address |
State |
|
TCP |
c-12206-at:ftp |
c-12206-at:0 |
LISTENING |
|
TCP |
c-12206-at:smtp |
c-12206-at:0 |
LISTENING |
|
TCP |
c-12206-at:http |
c-12206-at:0 |
LISTENING |
|
TCP |
c-12206-at:epmap |
c-12206-at:0 |
LISTENING |
|
TCP |
c-12206-at:https |
c-12206-at:0 |
LISTENING |
|
TCP |
c-12206-at:Microsoft-ds |
c-12206-at:0 |
LISTENING |
|
TCP |
c-12206-at:1028 |
c-12206-at:0 |
LISTENING |
|
TCP |
c-12206-at:1030 |
c-12206-at:0 |
LISTENING |
|
TCP |
c-12206-at:1035 |
c-12206-at:0 |
LISTENING |
|
TCP |
c-12206-at:netbios-ssn |
c-12206-at:0 |
LISTENING |
|
UDP |
c-12206-at:epmap |
*:* |
|
|
UDP |
c-12206-at:Microsoft-ds |
*:* |
|
|
UDP |
c-12206-at:1029 |
*:* |
|
|
UDP |
c-12206-at:1034 |
*:* |
|
|
UDP |
c-12206-at:3456 |
*:* |
|
|
UDP |
c-12206-at:netbios-ns |
*:* |
|
|
UDP |
c-12206-at:netbios-dgm |
*:* |
|
|
UDP |
c-12206-at:isakmp |
*:* |
|
*Certain
parts have been changed for anonymity.
Q. - What is the NET Command and how do I use it?
A. – The NET Command is a collection of several internal tools used for working with a network.
How to use the Net Command:
For a list of commands for Net at the DOS Prompt type the following:
[Prompt]> net /?
This will list the available commands. Each of the commands listed also have parameters that can be issues, and you can learn those by issuing the help command “/?”
Example Usage: To learn how to map a network drive using “NET USE” you can issue the following:
[Prompt]> net use /?
You should receive the following:
Connects
or disconnects your computer from a shared resource or displays information
about your connections.
NET USE
[drive: | *] [\\computer\directory [password | ?]]
[/SAVEPW:NO] [/YES] [/NO]
NET USE
[port:] [\\computer\printer [password | ?]]
[/SAVEPW:NO] [/YES] [/NO]
NET USE
drive: | \\computer\directory /DELETE [/YES]
NET USE
port: | \\computer\printer /DELETE [/YES]
NET USE
* /DELETE [/YES]
NET USE
drive: | * /HOME
Drive Specifies
the drive letter you assign to a shared directory.
* Specifies
the next available drive letter. If used with /DELETE, specifies to disconnect
all of your connections.
Port Specifies
the parallel (LPT) port name you assign to a shared printer.
Computer Specifies the name of the computer
sharing the resource.
Directory Specifies the name of the shared
directory.
Printer Specifies
the name of the shared printer.
password
Specifies the password for the
shared resource, if any.
? Specifies
that you want to be prompted for the password of the shared resource. You don't
need to use this option unless the password is optional.
/SAVEPW:NO Specifies that the password you type
should not be saved in your password-list file. You need to retype the password
the next time you connect to this resource.
/YES Carries
out the NET USE command without first prompting you to provide information or
confirm actions.
/DELETE Breaks the specified connection to a
shared resource.
/NO Carries out the NET USE command, responding with NO automatically when you are prompted to confirm actions.
/HOME Makes
a connection to your HOME directory if one is specified in your LAN Manager or
Windows NT user account.
To list
all of your connections, type NET USE without
options.
To see
this information one screen at a time, type the
following
at the command prompt:
NET USE
/? | MORE
or
NET HELP USE | MORE
Q. - What is the NBTSTAT Command and how do I use it?
A. – NBTSTAT displays protocol statistics and active connection using Net BIOS. (DOS Help Command)
How to use the NBTSTAT Command:
For a list of commands for NBTSTAT, at the DOS Prompt type the following:
[Prompt]> nbtstat /?
This will list the available commands.
Example Usage: To display the local Net-BIOS names issue the following command:
[Prompt]> nbtstat –n
You should receive something as following:
Local Area Connection:
Node
IpAddress: [213.23.3.03] Scope Id: []
NetBIOS Local Name Table
Name Type Status
----------------------------------------------------------------
C-12206-BT <00>
UNIQUE Registered
S-GCICB <00>
GROUP Registered
GCICB-12206-BT <03> UNIQUE Registered
GCICB-12206-BT$ <03> UNIQUE Registered
GCICB-12206-BT <20> UNIQUE Registered
S-GCICB <1E>
GROUP Registered
INet~Services <1C>
GROUP Registered
IS~CICB-12206-B <54> UNIQUE Registered
*Certain parts have been changed for anonymity.
Q. - What is the PING Command and how do I use it?
A. – PING attempts to determine if a host if available. It does so by sending a special packet of information to a host (ICMP ECHO), if it receives a reply packet (ICMP ECHO-REPLY), the host is available.
How to use the PING Command:
For a list of PING’s Commands, at the DOS Prompt type the following:
[Prompt]> Ping /?
This will list the available commands.
Example Usage: To Ping an address, at a DOS Prompt type the following:
[Prompt]> Ping [IP or HostName]
You should receive something that follows:
Pinging
www.google.com [216.239.37.100] with 32 bytes of data:
Reply
from 216.239.37.100: bytes=32 time=295ms TTL=51
Reply
from 216.239.37.100: bytes=32 time=170ms TTL=51
Reply
from 216.239.37.100: bytes=32 time=175ms TTL=51
Reply
from 216.239.37.100: bytes=32 time=180ms TTL=51
Ping
statistics for 216.239.37.100:
Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),Approximate round
trip times in milli-seconds: Minimum
= 170ms, Maximum = 295ms, Average
= 205ms
Q. - What is the TRACERT Command and how do I use it?
A. – TRACERT displays the path of an IP packet from the source to the specified destination.
How to use the TRACERT Command:
For a list of TRACERT’s Commands, at the DOS Prompt type the following:
[Prompt]> Tracert
This will list the available commands.
Example Usage: To display the route of IP packets from your computer to a remote address, at a DOS Prompt type the following:
[Prompt]> Tracert [IP or HostName]
You should receive something that follows:
Tracing route to www.google.com [216.239.37.100] over a maximum of 30 hops:
1 115 ms 99 ms
94 ms 153.106.202.240
2 170 ms 144 ms
209 ms 153.43.12.6
3 140 ms 139 ms
134 ms
221.ATM6-0-0.HR1.STL3.ALTER.NET [152.63.93.90]
4 170 ms 139 ms
154 ms
146.at-6-0-0.XR1.STL3.ALTER.NET [152.63.101.2]
5 145 ms 138 ms
134 ms
0.so-1-0-0.TL1.STL3.ALTER.NET [152.63.88.241]
6 150 ms 139 ms
144 ms
0.so-6-0-0.TL1.CHI2.ALTER.NET [152.63.13.21]
7 160 ms 139 ms
134 ms
0.so-2-0-0.XL1.CHI2.ALTER.NET [152.63.67.126]
8 150 ms 140 ms
140 ms POS6-0.BR4.CHI2.ALTER.NET
[152.63.68.181]
9 150 ms 154 ms
190 ms
abovenet-uunet-oc12.ord2.above.net [208.184.231.49]
10 190 ms 174 ms
149 ms
core1-core3-oc48.ord2.above.net [208.185.0.189]
11 185 ms 224 ms
169 ms
dca2-ord2-oc48.dca2.above.net [64.125.31.45]
12 185 ms 249 ms
214 ms
iad1-dca2-oc192.iad1.above.net [208.184.233.126]
13 379 ms 334 ms
289 ms
core1-iad1-oc48.iad4.above.net [208.185.0.122]
14 184 ms 264 ms
189 ms
main1colo1-core1-oc48.iad4.above.net [208.184.232.74]
15 180 ms 164 ms
174 ms 63.243.149.2
16 290 ms 233 ms
219 ms vabi1-gige-1-1.google.com
[216.239.47.26]
17 205 ms 174 ms
224 ms www.google.com
[216.239.37.100]
Trace
complete.
Q. - What is the FTP Command and how do I use it?
A. – FTP is as the name implies, a command line File Transfer Protocol program.
How to use the FTP Command:
For a list of FTP Commands, at the DOS Prompt type the following:
[Prompt]> ftp
This will start the FTP program, for a list of available command type the following:
ftp>
?
This will list the available FTP commands.
Example Usage: To connect to a host using FTP type the following at a DOS prompt:
[Prompt]> ftp
This will start the FTP program. Now type the following command:
ftp> Open
You should receive the following
To _
Enter the name of the FTP server you are trying to connect to:
To ftp.serverhere.com
You should be prompted for a username and password, once you have successfully logged in, you may now issue other commands and transfer file back and forth.
If you’re interested in more information on FTP commands, visit the following sites:
http://www.gsu.edu/~wwwhcs/DOCS/ftp/dosftp.html
http://www.computerhope.com/software/ftp.htm
http://www.htmlstuff.com/webmaster/tut/dosftp.html
Q. - What is the TELNET Command and how do I use it?
A. – TELNET is an external DOS program that allows access to a remote host running the telnet service.
How to use the TELNET Command:
To start the TELNET client, at a DOS command prompt type the following:
[Prompt]> Telnet [Remote Host IP] [Port]
This will launch the telnet client and connect to the specified host at the specified port.
For more information on Telnet & Telnet commands, visit the following sites:
http://www.orst.edu/aw/tutorials/telnet/
http://www.uwo.ca/its/doc/hdi/infoservices/i31-telnet.html
http://support.baynetworks.com/library/tpubs/html/router/soft1200/117358AA/B_35.HTM
http://www.ag.uiuc.edu/~iproject/telnet.html
http://www.lights.com/hytelnet/telnet.html
Part 2: NETWORKING TOOLS
Q. - What is a Port-Scanner?
A. – A Port Scanner is a program that attempts to report the state of TCP and/or UPD ports on a system.
Q. - Where can I get a Port Scanner?
A. – Port Scanners can be obtained from Internet shareware sites, as well as from a host of security sites.
Port
Scanner Resources:
|
Atelier
Port Scanner |
|
|
Blues
Port Scanner |
|
|
Blue
Globe Scanner |
|
|
Raw Logic
NetBrute |
|
|
IP Tools |
Q. - What is an IP-Scanner?
A. – IP-Scanners are programs that ping specified hosts to check if they are available. Most scanners allow individuals to scan entire blocks of IP’s to determine which are available.
Q. - Where can I get an IP-Scanner?
A. – Like Port-Scanners, IP-Scanners can also be found at major Internet shareware sites, as well as individual security sites.
IP-Scanner Resources:
|
Angry Ip Scanner |
Q. - What is a Sniffer?
A. – A sniffer is a program that captures the packets that are transmitted over a network. Sniffers store the captured information so that individuals can study the transmitted information at a later time.
Q. - Where can I get a Sniffer?
A. – There are several sniffers available for download on the Internet. Listed below are places to download them.
Sniffer Resources:
|
Ethereal |
|
|
WinPcap |
|
|
WinDump |
|
|
Snort |
Q. - What is a Net-BIOS Scanner?
A. – A Net-BIOS Scanner is a program that scans IP-ranges for open shares in Microsoft Windows Networks. Some Net-BIOS scanners have built-in features that attempt to access password protected shares by means of brute-force tactics.
Q. - Where can I get a Net-BIOS Scanner?
A. – Here are several Internet sites where you can acquire share scanners:
Net-BIOS Scanner Resources:
|
Raw Logic
NetBrute |
|
|
IP Tools |
Q. - What is a Key Logger?
A. – Key Loggers are programs that record the keystrokes of an individual; they usually employ stealth features that allow them to be hidden from the view of the user.
Q. - Where can I get a Key Logger?
A. – Key Loggers are widely available on the Internet; they can be found at major shareware sites, as well as individual security sites.
Key Logger Resources:
|
KeyInterceptor
|
|
|
KeyLogger
1.0 |
|
|
KeySpy |
Q. - What is an IDS?
A. – Intrusion Detection Systems are programs that are used to thoroughly record an attackers intrusion attempts. Some Intrusion Detection Systems employ countermeasure features to aid in prevention of network intrusion.
Q. - Where can I get an IDS?
A. – Here are some available resources for information on Intrusion Detection Systems.
IDS Resources:
|
Snort |
|
|
Shadow |