Blog : Network Commands

Network Commands

Objective: To know and learn about various network related commands [ping, tracert, netstat, at, net, route, arp, nbtstat] and few definitions cum settings. This material also has some linux practise commands.
PING:
ping:

  -t ==> repeatitive.

  -n ==> number of echo to be sent

  -l ==> sending buffer size [Max: 65500 bytes]

  -f ==> Dont fragment.

  -r count ==> record route for count hops [3rd layer device]

  -j ==> loose source route

  -k ==> strict source route

 

Example:

ping -t -l 60000 192.168.230.1

-f -l 1000

-l 1000

To see the difference between fragmenting and non-fragmenting, use -f

 

ping -r 3 192.168.230.1

 

Following routes:

strict route: MUST follow the route specified by us.

loose route: Optionally it can follow different route.

Note: For loopback address, you can ping it and get returns even when you are offline (not connected to any network). If you don't get any valid replies, then there's a problem with the computer's Network settings.
TRACERT:

tracert /?
NETSTAT:

  netstat /?

  -a  Displays all connections and listening ports.

  -e  Displays Ethernet statistics. This may be combined with the -s option.

  -n  Displays addresses and port numbers in numerical form.

  -p proto  Shows connections for the protocol specified by proto; proto may be TCP or UDP.  If used with the -s option to display per-protocol statistics, proto may be TCP, UDP, or IP.

  -r  Displays the routing table.

  -s  Displays per-protocol statistics.  By default, statistics are shown for TCP, UDP and IP; the -p option may be used to specify a subset of the default.

 

Example:

netstat -a

netstat -e

netstat -r --> try to find out which network card your PC is actually using. [routing table]
Note: always use -a so as to see UDP packets also. When you are offline, you shouldn't see any connection data!

Open a broswer connection to http and ftp server and see 'netstat -an'. Can be while offline and online.

 

 

AT:

 

/i  interactive, which opens any window to show the pinging -

[optional]

/c  indicates command.
AT [\\computername] [ [id] [/DELETE] | /DELETE [/YES]]

AT [\\computername] time [/INTERACTIVE]

  [ /EVERY:date[,...] | /NEXT:date[,...]] "command"

\\computername  Specifies a remote computer. Commands are scheduled on the local computer if this parameter is omitted.
id  Is an identification number assigned to a scheduled command.

/delete  Cancels a scheduled command. If id is omitted, all the scheduled commands on the computer are canceled.

 

/yes  Used with cancel all jobs command when no further confirmation is desired.

 

time  Specifies the time when command is to run.

 

/interactive  Allows the job to interact with the desktop of the user who is logged on at the time the job runs.

 

/every:date[,...]  Runs the command on each specified day(s) of the week or month. If date is omitted, the current day of the month is assumed.

 

/next:date[,...]  Runs the specified command on the next occurrence of the day (for example, next Thursday).  If date is omitted, the current day of the month is assumed.

 

"command"  Is the Windows NT command, or batch program to be run.

 

The at command does not automatically load cmd, the command interpreter, before running commands. Unless you are running an executable (.EXE) file, you must explicitly load CMD.EXE at the beginning of the command;

for example, cmd /c dir > c:\test.out.

 

at 13:15 /i cmd /c ping 192.168.232.2 -n 20

at \\ics-nwle2 13:15 /i cmd /c ping 192.168.234.245 -n 20

 

at 11:03am  cmd /c ping 192.168.230.1 -t -l 3000

at 5:15pm  cmd /c ping 192.168.231.1 -t -l 15000

 

 

NET Command:

net /?

 

net accounts --> details ... normally used in domain set-up

 

 
ROUTE Command

 

Manipulates network routing tables.

 

ROUTE [-f] [command [destination] [MASK netmask] [gateway]]

 

-f  Clears the routing tables of all gateway entries.  If this is used in conjunction with one of the commands, the tables are cleared prior to running the command.

 

Command  Specifies one of four commands

  PRINT  Prints a route

ADD  Adds a route

DELETE  Deletes a route

CHANGE  Modifies an existing route

 

destination  Specifies the host to send command.

 

MASK  If the MASK keyword is present, the next parameter is interpreted as the netmask parameter.

 

netmask  If provided, specifies a sub-net mask value to be associated with this route entry.  If not specified, if defaults to 255.255.255.255.

 

gateway  Specifies gateway.

 

All symbolic names used for destination or gateway is looked up in the network and host name database files NETWORKS and HOSTS, respectively. If the command is print or delete, wildcards may be used for the destination and gateway, or the gateway argument may be omitted.

 

Example:

route PRINT --> prints the routing table.

route add mask metric

IF

--> destination is the destination network or ip address.

--> subnetmask is the subnet mask to be used

--> number after metric indicates the metric value.

--> number after IF indicates interface number

 

 
ARP: Address Resolution Protocol

 

ARP -s inet_addr eth_addr [if_addr]

ARP -d inet_addr [if_addr]

ARP -a [inet_addr] [-N if_addr]

 

 -a  Displays current ARP entries by interrogating the current protocol data.  If inet_addr is specified, the IP and Physical addresses for only the specified computer are displayed.  If more than one network interface uses ARP, entries for each ARP table are displayed.

 -g  (Same as -a)

  inet_addr  Specifies an internet address.

 -N if_addr  Displays the ARP entries for the network interface specified by if_addr.

 -d  Deletes the host specified by inet_addr.

 -s  Adds the host and associates the Internet address inet_addr with the Physical address eth_addr. The Physical address is given as 6 hexadecimal bytes separated by hyphens. The entry is permanent.

 

eth_addr  Specifies a physical address.

 

if_addr  If present, this specifies the Internet address of the interface whose address translation table should be modified.  If not present, the first applicable interface will be used.

 

nbtstat: Net Bios Stats [NetBios over TCP/IP]

 

Displays protocol statistics and current TCP/IP connections using NBT

 

NBTSTAT [-a RemoteName] [-A IP address] [-c] [-n] [-r] [-R] [-s]

[S]  [interval]

 

-a  (adapter status)  Lists the remote machine's name table given its name.

-A  (Adapter status)  Lists the remote machine's name table given its IP address.

-c  (cache)  Lists the remote name cache including the IP addresses.

-n  (names)  Lists local NetBIOS names.

-r  (resolved)  Lists names resolved by broadcast and via WINS

-R  (Reload)  Purges and reloads the remote cache name table

-S  (Sessions)  Lists sessions table with the destination IP addresses.

-s  (sessions)  Lists sessions table converting destination IP addresses to host names via the hosts file.

RemoteName  Remote host machine name.

IP address  Dotted decimal representation of the IP address.

interval  Redisplays selected statistics, pausing interval seconds between each display. Press Ctrl+C to stop redisplaying statistics.

 

Example:

nbtstat -a ics-ibm-srv --> gives information about each card, its services and mac address.

nbtstat -A 192.168.230.251 --> gives information about that concern that ip address along with mac address.

nbtstat -c --> finding cache entries for NetBios

nbtstat -S --> gives NetBios session information.

 

 

Some definitions:

 

Gopher: Powerful, yet simple, file retrieval tool. Its functionality lies somewhere between FTP and a web browser. It has a very simple menu interface that can be used to browse directories and retrieve files.

 

Email:

POP [Post Office Protocol]: All emails are downloaded when client connects to server. If once viewed at one place, the same cant be viewed at home.

IMAP [Internet Message Access Protocol]: Only new once are downloaded. Changes are made local and synchronized with the server [disconnected mode]. Has flags indicating status like seen, deleted or answered.

 

Samba server: To make Unix file system available to Windows Machines.

 

SMTP: MIME to compress the attachment along with processing [converting to binary format].

 

Internet Connection sharing:

1.  Start à Settings à Control Panel à Network and Dial-up connections

2.  Double-click on a network card

3.  Click on Properties.

4.  Click on Sharing tab.

5.  Enable the option ‘Enable Internet Connection Sharing for this connection’.

 

 

 
Some useful UNIX commands to Practice
 

RPM related commands:

 

Install using RPM

rpm –ivh filename.rpm

 

Check whether it is already there

rpm -qa | grep apache

 

Query for the location and presence of RPM

rpm –q –l  apache

 

Removing the RPM installed package

rpm -e packagename

 

Little more information:

 

@ If the setup didnt start

fsck / --> after issuing the root password

 

 

@ xinetd configuration

@ This is used to start or stop any service -- similar to services option in Windows

@ To view about xinetd

@ A secure replacement for inetd

 

man xinetd

man xinetd.conf

 

@ The configuration file is present as

/etc/xinetd.conf

 

@ The various services setting are available at this directory

/etc/xinetd.d/

 

@ To check whether the service is running or activate the modifications

xinetd -d

@ Look for various errors mentioned there.

@ Compare its instruction with the instruction on the files in /etc/xinetd.d directory

 

@ Some commands

cp source destination

mv source destination --> rename

cat filename --> view a file

history -c --> Remove the history entries

ls

clear

cd ..

man ls --> gives manual pages

hostname

 

To setup IP address:

ifconfig eth0 netmask 255.255.0.0 default 192.168.232.230 192.168.232.1

 

@ Unzip and Tar

gunzip filename.tgz

tar -xvf filename.tar --> To get the files from the archive

tar -cvf --> Create archive

 

@ View files

pico filename

vi filename

 

@ Checking for shell

echo $SHELL

 

@ changing shell

bash --> to move to bash

csh --> to move to csh

 

 

@ Check for installed packages:

whereis packagename

which packagename

 

@ ipchains settings

@ check whether ipchains is already there or not by using whereis or which

whereis ipchains

 

@ If ipchains doesnt exist in the system

rpm -ivh ipchains???.rpm

 

@ Make arrangements for forwarding of packets and ipchains rules

@ Put the above in /etc/rc.d/rc.local before the last fi

echo 1 > /proc/sys/net/ipv4/ip_forward

/sbin/ipchains -A forward -i eth0

/sbin/ipchains -A output -d 192.168.233.2 -j DENY

 

@ To make the execution of /etc/rc.d/rc.local

sh /etc/rc.d/rc.local

 

@ Test the ipchains settings

ping 192.168.233.2

 

@ iptables setup

@ View the manual page of it.

@ This is very similar to ipchains so do the same rule as you did before in iptables.

@ RedHat 7.2 doesnt possess ipchains and so we should learn iptables also.

@ Open a text file named 'iptablerules'at the /root directory and add the rules

echo 1 > /proc/sys/net/ipv4/ip_forward  --> Enables packet forwarding

iptables --flush  --> Flush all the rules in filter and nat tables

iptables -I INPUT -s 192.168.233.2 -j DROP   

 

@ Allow WWW http access to web server

iptables -A INPUT -s 0/0 -d 0/0 80 -p tcp -y -j ACCEPT   

 

@ Allow DHCP/BOOTPC

iptables -A INPUT -s 0/0 67:68 -d 0/0 67:68 -p udp -i eth0 -j ACCEPT

iptables -A INPUT -s 0/0 67:68 -d 0/0 67:68 -p udp -i eth1 -j ACCEPT

 

@ Open ftp port and permit access

iptables -A INPUT -p tcp -i eth0 --dport 21 -j ACCEPT

 

@ To deactivate what we have setup as iptables. Put this in a text file 'iptablesremove'

echo 0 > /proc/sys/net/ipv4/ip_forward  --> Disable packet forwarding

iptables --flush

 

@ To execute the rules

sh iptablerules

 

Reference:

  Refer to ICS 431 {Operating Systems} lab notes for basic Linux commands.
  For various NT Commands, http://www.cotse.com/Ntcommands/