nbtstat -a ip address
Some useful networking commands you can enter at the command prompt include the following:
net
Used to start, stop, and view many networking operations
Note: net is just the first part of the command; you'll need to combine it with a second command, for example, net config or net use . Available second commands vary depending on which version of Windows you have. To get a list of available options, enter net ? .
ipconfig
Displays the IP address and other TCP/IP configuration information for your workstation
hostname
Displays the Microsoft networking computer name
lpq
Displays the print queue status of an LPD printer; available only in Windows NT, 2000, and XP
ping
Verifies existence of remote host (connectivity)
nbtstat
NetBIOS over TCP/IP; gives statistics and technical NetBIOS information for the TCP/IP layer
netstat
Returns protocol statistics and current TCP/IP connections
ipxroute
Displays and modifies IPX routing tables
route
Manipulates TCP/IP routing information
tracert
Displays route taken by an ICMP to a remote host
finger
Displays information about the user; finger is turned off in IU's ADS Domain.
arp
Displays or modifies information in the ARP (Address Resolution Protocol) cache
getmac
Lists the MAC (Media Access Control) Address on the computer network interfaces; available in Windows XP and Vista only
TCP/IP and Networking Tools
Windows XP has a whole array of helpful command line tools for configuring and testing Internet and LAN connections. On this page is a discussion of some of the networking tools that can be useful to an average PC user.
There are dozens of networking tools available for Windows XP (For example, see this command-line reference.) Most of these are specialized and are mainly of interest to professionals who are maintaining a large network. Many, however, are relevant to the Internet and some of these can be helpful to the average PC user. The tools of interest to the discussion here are a few of of the TCP/IP utilities. (Go here for a complete list.) TCP/IP refers to the set of protocols that are used for Internet connections and on most networks. Discussing TCP/IP is beyond the scope of this page but more details are available on a separate page and in the references in the sidebar. Fortunately, it is not necessary to understand the gory details of TCP/IP in order to make practical use of the tools considered here.
All of the tools are run by opening a Command window and entering the appropriate command. Go to Start-Run and enter "cmd" to open a Command window.
Windows IP Configuration Tool (ipconfig)
The Windows IP Configuration tool (ipconfig) is the command-line equivalent of the accessory "Winipcfg" that was present in Windows 9X/Me. It is used to display the TCP/IP network configuration values. To open it, enter "ipconfig" in the command prompt. If you are connected directly to the Internet, you will obtain your IP address. (For a discussion of what an IP is, go here.) The figure below shows the result for a broadband connection where the IP is assigned automatically. Here the IP is your computer's temporary address on the Internet.
If you are on a local area network using a router, the information is different. You do not obtain the IP corresponding to the network's address on the Internet. (To obtain the IP that the Internet sees, go to a source such as DSL Reports Whois.) The IP given is the local address on the network. This information can be helpful in diagnosing network problems. Also listed is the "gateway" or router address on the local network. The figure below illustrates the result.
Switches for IPConfig
There are also a variety of switches for ipconfig that add functions. These are invoked by entering "ipconfig /{switch}". To obtain a list of switches, enter "ipconfig /?" or "ipconfig -?". These are shown in the figure below. The switches of most interest to everyday use are "release" and "renew". Note that IP addresses are typically assigned or "leased" for a period of time, often a day or more. It sometimes happens that IP addresses are no longer valid or are in conflict. Problems can often be solved by first releasing the IP address and then renewing it. Sometimes cable or DSL modems that seem to be disabled can be restored this way. If you travel and use broadband connections elsewhere, you will often find this procedure of releasing and renewing the IP address to be necessary.
For a detailed output of network parameters, you can use the command "ipconfig /all". Unless you are experienced with networks, however, this may be more than you want to know.
The switches "flushdns" and "displaydns" are are also sometimes useful in everyday use and they are discussed on another page at a sister site.
Ping
Ping is an old Unix tool that has been around for a long time but many PC users are unfamiliar with the Windows version. Ping sends out a packet to a designated internet host or network computer and measures its response time. The target computer will return (hopefully) a signal. It is a way of determining the quality of your connection to another site. You will also receive an IP address that corresponds to the user-friendly type of URL (see this page for further discussion of IPs and URLs). To use ping, open a command window (or DOS in Windows 9X/Me) and type: ping
The screen tells me that the IP for dell.com is 143.166.83.230 (For the moment, at least. This can change.) It also tells me that the average round trip time for a packet was 69 milliseconds, which means I have a good connection to dell.com. Long reply times of several hundred milliseconds are indicative of a slow connection. Note that some major sites such as microsoft.com do not like being pinged and block pings. In that case you will get a "Request timed out" message.
In addition to being used on the Internet, Ping is often used to test connections on local networks. More details can be found in this Microsoft article.
Tracert
Tracert (traceroute) is another old tool borrowed from Unix. The actual path between two computers on the Internet is not a straight line but consists of numerous segments or "hops" from one intermediate computer to another. Tracert shows each step of the path taken. It can be interesting to see just how convoluted it is. The times for each hop and the IP addresses for each intermediate computer are displayed. Tracert shows up to 30 hops. It is convenient for finding if there is one particular segment that is causing a slow or bad connection. A typical command might be "tracert dell.com".
Pathping
This command combines functions of Ping and Tracert. Pathping will first list the number of hops required to reach the address you are testing and then send multiple pings to each router between you and the destination. After that, it computes results based on the packets returned from each router. Because pathping displays the degree of packet loss at any given router or link, you can determine which routers or subnets might be having network problems. Note that the whole process may consume 5-10 minutes because many pings are being sent. There are switches to modify the process and these can be seen by entering "pathping /?" in the command prompt.
Netstat
Netstat displays the active TCP connections and ports on which the computer is listening, Ethernet statistics, the IP routing table, statistics for the IP, ICMP, TCP, and UDP protocols. It comes with a number of switches for displaying a variety of properties of the network and TCP connections. (One tricky point: the switches must be prefixed with a minus, not a slash.) More detail is at this page. One possible use for Netstat is to determine if spyware or Trojans have established connections that you do not know about. The command "netstat -a" will display all your connections. The command "netstat -b" will show the executable files involved in creating a connection. A figure showing all the switches and syntax is given below.
Nslookup
This command helps diagnose the Domain Name System (DNS) infrastructure and comes with a number of sub-commands. These are mainly for systems administrators. The primary interest for average PC users is its use to find the computer name corresponding to a numeric IP. For example, if you want to know who is "216.109.112.135" , enter "nslookup 216.109.112.135" and you will find that it is (or was anyway) a Yahoo computer. My firewall keeps a log of the IPs involved in the attempts to probe my computer and I sometimes look a few up to see who they are. (There are also Whois search sites available on the Web as mentioned in the Ipconfig section.)
Netsh, the Network Services Shell
A suite of command line networking tools called Netsh that comes with its own shell or interface is contained in a number of Windows operating systems and is discussed here.
Introduction to Netsh
As more and more home users set up networks, they are finding themselves to be de facto system administrators. Home networks are very nice but they require a certain amount of care and feeding. Fortunately, Windows XP comes with a large assortment of command-line tools that can help maintain your network. Although many are specialized and of interest only to administrators of large corporate setups, some tools can be quite helpful to the home user as well.
Many may find that the basic tools like ping, ipconfig, and netstat, which are discussed on another page, are all that they care to deal with but the more adventurous can take advantage of a complete suite of powerful tools called Netsh. This suite is invoked from the standard command-line but has it has own interface or shell with a large number of sub-commands. I will try to focus on the features of Netsh that I think can be helpful to the home user. The whole suite has many applications and those who want more details can go to this Microsoft reference.
The Network Services shell is opened by entering netsh into a regular command prompt. The shell has a hierarchical structure with some sub-shells that Microsoft calls "contexts". From the user's point of view, however, all that this means is that commands are entered as a sequence of terms. The following sections discuss the "contexts" of most use to the home user.
The "netsh diag" context
The diagnostic context "diag" contains useful tools for checking out a network and testing various components and functions. Table I shows the contexts and sub-commands of most interest to this discussion. A complete list and many details are given at this Microsoft reference.
Table I. Some sub-shells (contexts) and commands for Netsh diag
Context
Sub-context
Commands
diag
connect- Establishes, verifies, and then drops a connection
iphost, mail, news
ping- Verifies connectivity
adapter, iphost, mail, news
show- Lists network components and settings
all, client, ip, mail, modem
gui- Starts the network diagnostics tool in Help and Support Center.
Graphical user interface
This group of commands provides ways to test some of the most common functions of interest to home users. For example, you can test if your email server is working or check your email settings by the command netsh diag connect mail (Note that this may not work for email clients like AOL.). Another example is to list important settings withnetsh diag show all
The graphical user interface
One way to simplify diagnostic tasks is to use the Help Center interface that can be invoked by entering netsh diag gui With this interface, you can carry out a number of diagnostic tests with one operation. Figure 1 shows the available functions.
Figure 1. Settings for GUI function of Netsh diag
The "netsh interface ip" context
This context is another with functions that might interest a home user. It provides a way to add, delete, modify, and display various IP addresses and TCP/IP settings. Table II lists several functions. More detail and additional functions are discussed in this Microsoft reference. An example of its use is to display TCP/IP settings with the command netsh interface ip show configThis can also be written netsh int ip show config
Table II. Some commands for "netsh interface ip"
Context
Sub-context
Function
interface iporint ip
set address
Configures an IP address and a default gateway on a specified interface
show address
Displays address for specified interface
Reset Internet Protocol (TCP/IP)
Another example of using the Netsh Internet Ip context is resetting TCP/IP. For several reasons, including infestation from spyware, these settings might get corrupted. Netsh contains a command that will reset the TCP/IP stack to the original settings that existed when the operating system was installed. These settings may not be the most up-to-date for your system but they will allow you to reconfigure after a spyware invasion or other problem. The command to reset TCP/IP is netsh int ip reset {logfile} Note that you must include the name of a file where a log of the actions will be placed. Thus, if the log file is C:\tcplog.txt, the command is netsh int ip reset C:\tcplog.txt A detailed description of reinstalling TCP/IP is given at this Microsoft reference. Also, see the Winsock section below.
The "netsh winsock" context
Service pack 2 for Windows XP includes some additions to the Netsh suite. These are discussed here and include a new tool for repairing the Windows network socket or "winsock". Uninstalling spyware or poorly written applications can corrupt the winsock settings and result in loss of network connectivity. There are two commands for managing the settings. To display a list of various installed services (LSP, BSP, NSP) use netsh winsock show catalog This list may not be too meaningful for the average PC user but it can be helpful for more experienced users. To reset the winsock to the default configuration use netsh winsock reset catalog Note that any installed software that uses Internet connections may be partially disabled by this action and have to be reinstalled. This would include most software that updates itself and anti-virus programs that use proxy servers. Therefore, this command should only be used for cases where the degree of corruption makes it necessary. See this reference for some alternative methods.
Netsh Firewall Helper in Windows XP SP2
Microsoft changed the way the firewall in Windows XP works when it issued service pack 2. It also added capability to Netsh for extensive configuring of the firewall with a new context "netsh firewall" that Microsoft calls the Firewall Helper. Its use in troubleshooting firewall problems in SP2 is extensively discussed in this knowledge base article. With the Firewall Helper Microsoft says you can now
• Configure the default state of Windows Firewall. (Options include Off, On, and On with no exceptions.) • Configure the ports that must be open. • Configure the ports to enable global access or to restrict access to the local subnet. • Set ports to be open on all interfaces or only on a specific interface. • Configure the logging options. • Configure the Internet Control Message Protocol (ICMP) handling options. • Add or remove programs from the exceptions list
The number of possible commands is quite large but two main sub-contexts are netsh firewall set and netsh firewall show
Windows XP/2000 Commands & Tools
By Joshua ErdmanDigital Foundation, inc.
digg_url = 'http://www.networkclue.com/os/Windows/commands/index.aspx';
Here's the ultimate Windows XP/2000 command list that will make any Linux user feel at home at the command prompt. A lot of these commands are intended for administrating a network, but they are great for savvy home users as well. We even listed which OS you need for these commands.
at (windows XP/2000)Scheduling utility.
bootcfg (XP only)This utility allows you to set up your boot options, such as your default OS and other loading options.
cacls (XP, 2000, & NT4.0)Changes the ACLs (security Settings) of files and folders. Very similar to chmod in Linux.
comp (XP & 2000)This utility is very similar to diff in Linux. Use the /? switch to get examples of command usage.
contig (works with NT4.0 and newer)A great defrag utility for NTFS partitions.
control (XP only) - unpublished!Allows you to launch control panel applets from the command line. control userpasswords2, for example will launch a helpful local user admin utility.
defrag (XP only - NT4.0 and Win2k use contig)Yes, XP comes with a command line disk defrag utility. If you are running Win2k or NT4.0 there is still hope. Contig is a free defrag program that I describe on the defrag page.
diskpart (XP only)Use this command to manage your disk partitions. This is the text version for the GUI Disk Manager.
driverquery (XP only)Produces a list of drivers, their properties, and their versions. Great for computer documentation.
eudcedit (XP only) - unpublished!Private Character editor. Yes with this program built into Windows XP you can create your own font!
findstrFind String - similar to Linux's Grep.
fsutil (XP only) - unpublished!This is a utility with a lot of capability. Come back soon for great examples.
getmac (XP & 2000)This command gets the Media Access Control (MAC) address of your network cards.
gpresult (XP & 2000)This generates a summary of the user settings and computer group policy settings.
gpupdate (XP only)Use this utility to manually apply computer and user policy from your windows 2000 (or newer) domain.
ipconfig (XP, 2000 & NT4.0)This handy tool displays IP settings of the current computer and much more.
MMC (XP, 2000 & NT4.0) - Microsoft Management ConsoleThis is the master tool for Windows, it is the main interface in which all other tools use starting primarily in Windows 2000 and newer systems.
moreUtility used to display text output one screen at a time. Ex. more c:\windows\win.ini
msconfig (XP only)The ultimate tool to change the services and utilities that start when your Windows machine boots up. You can also copy the executable from XP and use it in Win2k.
msinfo32 (XP &smp; 2000)An awesome diagnostic tool. With it you can get a list of running processes, including the residing path of the executable (great for manually removing malware) and get detailed information about hardware and system diagnostics.
narrator (XP only)Turns on the system narrator (can also be found in accessibility options in control panel). Will will allow your computer to dictate text to you.
netsh (XP & 2000)A network configuration tool console. At the 'netsh>' prompt, use the '?' to list the available commands and type "exit" to get back to a command prompt.
netstat (XP)A local network port tool - try netstat -ano.
nslookup (all)A DNS name resolution tool.
openfiles (XP Only)Allows an administrator to display or disconnect open files in XP professional. Type "openfiles /?" for a list of possible parameters.
Pathping (XP & 2000)A cross between the ping and traceroute utilities. Who needs Neotrace when you can use this? Type "pathping <ip address>" and watch it go.
recover (XP & 2000)This command can recover readable information from a damaged disk and is very easy to use.
reg (XP & 2000)A console registry tool, great for scripting Registry edits.
sc (XP & 2000)A command line utility called the Service Controller. A power tool to make service changes via a logon/logoff or startup/shutdown script.
schtasks (XP only)A newer version of the AT command. This allows an administrator to schedule and manage scheduled tasks on a local and remote machines.
secedit (XP & 2000)Use this utility to manually apply computer and user policy from your windows 2000 (or newer) domain. Example to update the machine policy: secedit /refreshpolicy machine_policy /enforceTo view help on this, just type secedit.NOTE: In Windows XP SP1 and news, this command is superceded by: gpupdate /force
sfc (XP & 2000)The system file checker scans important system files and replaces the ones you (or your applications) hacked beyond repair with the real, official Microsoft versions.
shutdown (XP & 2000)With this tool, You can shut down or restart your own computer, or an administrator can shut down or restart a remote computer.
sigverif (XP only)Microsoft has created driver signatures. A signed driver is Microsoft tested and approved. With the sigverif tool you can have all driver files analyzed to verify that they are digitally signed. Just type 'sigverif' at the command prompt.
systeminfo (XP only)Basic system configuration information, such as the system type, the processor type, time zone, virtual memory settings, system uptime, and much more. This program is great for creating an inventory of computers on your network.
sysedit (XP/2000)System Configuration File Editor. An old tool that was very handy for the Windows 9X days. msconfig is what you want to use now.
tasklist (XP pro only)Tasklist is the command console equivalent to the task manager in windows. It is a must have when fighting scumware and viruses. Try the command:tasklist /svcto view the memory resources your services take up.
taskkill (XP only)Taskkill contains the rest of the task manager functionality. It allows you to kill those unneeded or locked up applications.
tree (XP & 2000)An amazing experience everyone should try! This command will provide a 'family tree' style display of the drive/folder you specify.
WMIC (XP & 2000)Windows Management Instrumentation Command tool. This allows you to pull an amazing amount of low-level system information from a command line scripting interface.
Of course this list in note exhaustive. We wanted to focus on tools that are particularly helpful that everyone would use. For the official list, please visit:Microsoft Windows XP Pro Command Reference
No comments:
Post a Comment