IP ADDRESSipconfig -> shows IP, mask and gateway for every network interface
ipconfig /all -> Provides also DNS and MAC addresses of every interface
ipconfig /flushdns -> Purges DNS cache
ipconfig /release [adapter] -> release the IP addresses of network interfaces got by DHCP
ipconfig /renew [adapter] -> try a new DHCP request to assign IP addresses to the network interfaces
Note: [adapter] needes to be between "" when spaces are used and allow * scapes
COMPUTER NAME
hostname -> returns local computer name
net view -> shows local network available computer names
PING
Check if a computer is alive in network (if ICMP is not filtered by firwalls)
ping <ip> -> pings 4 times
ping <ip> -n 10 -> pings 10 times
ping <ip> -t -> pings until stoped
ROUTING TABLES
route PRINT -> Shows network interfaces, IPv4 and IPv6 routing tables
Adding a route:
route ADD 157.0.0.0 MASK 255.0.0.0 157.55.80.1 METRIC 3 IF 2
- destination: 157.0.0.0
- mask: 255.0.0.0
- gateway: 157.55.80.1
- metric: 3
- interface: 2
Changing a route: CHANGE is only used tomodify gateway or metric
route CHANGE 157.0.0.0 MASK 255.0.0.0 157.55.80.5 METRIC 2 IF 2
Deleting route: just need to indicate destination
route DELETE 157.0.0.0
Once a route is stablished we can test that works as should be with:
tracert <IP> -> will go to <IP> but presenting IP address of every step
MAC ADDRESS
ipconfig /all -> includes information about MAC address for every interface
arp -a -> present MAC address gateway asigned to every IP
getmac -> present list of mac addresses of the system and if the interfaces are connected or not
CHECKING DNS
nslookup [URL] -> checks if can resolve given URL getting the IP address
LOCAL ACTIVE PORTS
netstat -an -> Show all open ports
arnetstat -anb -> Show all open ports with software name that opened
netstat -r = route PRINT
For specific searches, output could be filtered:
netstat -an | find "443" -> Show every line of netstat -an that includes "443"
netstat -an | find "LISTENING" -> Show every port in "LISTENING" mode
TELNET
telnet [ip_addr] -> starts a telnet connection to specified host
telnet [ip_addr] [port] -> same as previous but in an specific port to know if there is a service in that port
REMOTE ACTIVE PORTS
(Need to install PortQryV2)
(Installed in C:\PortQryV2\)
portqry -local -> Usage of local ports
portqry -n <IP> -> explore 80 port in <IP>
portqry -n <IP> -e [p] -> explore [p] port in <IP>
portqry -n <IP> -r s:e -> explore ports between "s" and "e" in <IP>
portqry -n <IP> -r s:e | find /V "NOT LISTENING" -> explore ports from "s" to "e" in <IP> showing only LISTENING OR FILTERED ports
portqry -n <IP> -o [port_1],[port_2],[port_3],...,[port_N] -> explore comma separated port numbers in <IP>
portqry [options] -l [filename.log] -> save command output in [filename.log]
telnet <ip> <port> -> performs a connection to specified port of that IP.
Connection could be done, if its open, timedout, or rejected.
]]>