Windows includes several TCP/IP utilities you can use to troubleshoot networking problems.
In this part of the chapter, you learn to use ping, ipconfig, ifconfig, nslookup, tracert, the net commands, nbtstat, netstat, and netcom. Most of these program files are found in the \Windows\ System32 folder.
The ping (Packet InterNet Groper) command tests connectivity by sending an echo request to a remote computer.
If the remote computer is online, detects the signal, and is configured to respond to a ping, it responds. (Responding to a ping is the default Windows setting.) Use ping to test for connectivity or to verify name resolution is working.
ping 69.32.142.109
to test for connectivity using an Ip address. If the remote computer responds, the round-trip times are displaye
ping -a 69.32.142.109
the -a parameter tests for name resolution. Use it to display the host name and verify dNS is working.
ping -t 69.32.142.109
the -t parameter causes pinging to continue until interrupted. to display statistics, press Ctrl+Break. to stop pinging, press Ctrl+C
ping 127.0.0.1
a loopback address test. the Ip address 127.0.0.1 always refers to the local computer. If the local computer does not respond, you can assume there is a problem with the tCp/Ip configuration.
. ping www.cengage.com
Use a host name to find out the Ip address of a remote computer. If the computer does not respond, assume there is a problem with dNS. on the other hand, some computers are not configured to respond to ping
IpCoNfIg [/all] [/releaSe] [/reNew] [/dISplaydNS] [/flUShdNS] The ipconfig (IP configuration) command can
display TCP/IP configuration information and refresh the TCP/IP assignments to a connection, including its IP address
ipconfig /all
displays tCp/Ip information.
ipconfig /release
releases the Ip address when dynamic Ip addressing is being used.
ipconfig /release6
releases an Ipv6 address.
ipconfig /renew
leases a new Ip address from a dhCp server. Make sure you release the Ip address before you renew it.
ipconfig /renew6
leases a new Ipv6 address from a dhCp Ipv6 server. Make sure you release the Ipv6 address before you renew it.
ipconfig /displaydns
displays information about name resolutions that windows currently holds in the dNS resolver cache.
ipconfig /flushdns
flushes the name resolver cache, which might solve a problem when the browser cannot find a host on the Internet.
The ifconfig (interface configuration) command
similar to ipconfig, and is used on UNIX, Linux, and Mac OS X operating systems. S
ifconfig
displays details of active interfaces and their assigned Ip addresses. If a computer has only a single NIC, its interface name is most likely eth0
ifconfig -a
displays a list of active and inactive network interfaces.
ifconfig <interface name>
displays details of a specific network interface. for example: ifconfig eth0
ifconfig <interface name> up
enables a network interface. for example: ifconfig eth0 up
ifconfig <interface name> down
disables a network interface. disabling and enabling the network interface can sometimes solve a problem with network connectivity in linux, UNIX, or OS X
The nslookup (namespace lookup) command lets you read information from the Internet namespace by requesting information about domain name resolutions from the DNS server's zone data.
Zone data is information about domain names and their corresponding IP addresses kept by a DNS server. For example, to find out what your DNS server knows about the domain name www.microsoft.com, use this command:
nslookup www.microsoft.com
A reverse lookup
when you use the nslookup command to find the host name when you know a computer's IP address, such as: nslookup 192.168.1.102
The tracert (trace route) command can be useful when you're trying to resolve a problem reaching a destination host such as an FTP site or website.
The command sends a series of requests to the destination computer and displays each hop to the destination. (A hop happens when a packet moves from one router to another.) For example, to trace the route to the www.cengage.com site, enter this command in
tracert www.cengage.com The results of this command are shown in Figure 15-47. A packet is assigned a Time to Live (TTL), which is the number of hop counts it can make before a router drops the packet and sends an ICMP message back to the host that sent t
Internet Control Message Protocol (ICMP) messages are used by routers and hosts to communicate error messages and updates, and some routers don't send this information. The tracert command creates its report from these messages. If a router doesn't respon
The net command is several commands in one, and most of the net commands require an elevated command prompt window. In this section, you learn about the net use, net user, and net localgroup commands.
The net use command connects or disconnects a computer from a shared resource or can display information about connections.
For example, the following command makes a new connection to a remote computer and to a shared folder on that computer: net use \\b
The net user command manages user accounts. For example, recall that the built-in administrator account is disabled by default.
To activate the account, use this net user command: net user administrator /active:
The net localgroup command adds, displays, or modifies local user groups.
To display available local groups, use the following command: net localgroup
The nbtstat (NetBIOS over TCP/IP statistics) command is used to display statistics about the NetBT (NetBIOS over TCP/IP) protocol. NetBIOS is an older network protocol suite used before TCP/IP.
Occasionally, you find a legacy application still in use that relies on NetBIOS and NetBIOS computer names. The NetBT protocol was developed to allow NetBIOS to work over a TCP/IP network
nbtstat -n
displays the NetBIoS name table on the local computer
nbtstat -r
purges and rebuilds the NetBIoS name cache on the local computer using entries in the lmhosts file
nbtstat -RR
releases and renews the NetBIoS names kept by the wINS server
The netstat (network statistics) command
gives statistics about TCP/IP and network activity and includes several parameters.
netstat
lists statistics about the network connection, including the Ip addresses of active connections.
netstat >>netlog.txt
directs output to a text file.
netstat -b
lists programs that are using the connection (see figure 15-49) and is useful for finding malware that might be using the network. the -b switch requires an elevated command prompt.
netstat -b -o
Includes the process Id of each program listed. when you know the process Id, you can use the taskkill command to kill the process.
netstat -a
lists statistics about all active connections and the ports the computer is listening on.
The netdom (network domain) command allows administrators to manage Active Directory domains and trust relationships for Windows Server from the command prompt on the server or remotely from a Windows 8/7 workstation.
The netdom command must be run using an elevated command prompt.
netdom add
adds a workstation to the domain
netdom move
Moves a workstation to a new domain
netdom resetpwd
resets the password of the computer account for a domain controller
netdom verify
Verifies the connection is secure between a workstation and a domain controller
Port scanning software can be used to find out how vulnerable a computer is with open ports. This project requires the use of two computers on the same network to practice using port scanning software.
Do the following:
1. On Computer 1, download and install Advanced Port Scanner by Famatech at http://www.advanced-port- scanner.com. (Be careful to not accept other software offered while downloading.)
2. On Computer 2, set the network location to Public