A categorized list of Windows CMD commands
CSVDE Import or Export Active Directory data
DSACLs Active Directory ACLs
DSAdd Add items to active directory (user group computer)
DSGet View items in active directory (user group computer)
DSQuery Search for items in active directory (user group computer)
DSMod Modify items in active directory (user group computer)
DSMove Move an Active directory Object
DSRM Remove items from Active Directory
CHOICE Accept keyboard input to a batch file
CLIP Copy STDIN to the Windows clipboard
CLS Clear the screen•
CMD Start a new CMD shell
COLOR Change colors of the CMD window•
DOSKEY Edit command line, recall commands, and create macros
ECHO Display message on screen•
ENDLOCAL End localisation of environment changes in a batch file•
EVENTCREATE Add a message to the Windows event log
EXIT Quit the current script/routine and set an errorlevel•
FOR /F Loop command: against a set of files•
FOR /F Loop command: against the results of another command•
FOR Loop command: all options Files, Directory, List•
GOTO Direct a batch program to jump to a labelled line•
IF Conditionally perform a command•
IFMEMBER Is the current user a member of a Workgroup
LOGEVENT Write text to the event viewer
LOGTIME Log the date and time in a file
MAPISEND Send email from the command line
MORE Display output, one screen at a time
PAUSE Suspend processing of a batch file and display a message•
PROMPT Change the command prompt•
REM Record comments (remarks) in a batch file•
RUN Start | RUN commands
RUNAS Execute a program under a different user account
SET Display, set, or remove session environment variables•
SETLOCAL Control the visibility of environment variables•
SETX Set environment variables
SORT Sort input
SHIFT Shift the position of batch file parameters•
SLEEP Wait for x seconds
START Start a program, command or batch file•
TIMEOUT Delay processing of a batch file
TITLE Set the window title for a CMD.EXE session•
WAITFOR Wait for or send a signal
WMIC WMI Commands
:: Comment / Remark•
BCDBOOT Create or repair a system partition
BCDEDIT Manage Boot Configuration Data
CONVERT Convert a FAT drive to NTFS
CHKDSK Check Disk - check and repair disk problems
CHKNTFS Check the NTFS file system
DEFRAG Defragment hard drive
DISKPART Disk Administration
DISKSHADOW Volume Shadow Copy Service
DriverQuery Display installed device drivers
FORMAT Format a disk
FREEDISK Check free disk space (in bytes)
LABEL Edit a disk label
MOUNTVOL Manage a volume mount point
NTBACKUP Backup folders to tape
SFC System File Checker
VOL Display a disk label•
ASSOCIAT One step file association
ATTRIB Change file attributes
BITSADMIN Background Intelligent Transfer Service
CACLS Change file permissions
CD Change Directory - move to a specific Folder•
CIPHER Encrypt or Decrypt files/folders
COMP Compare the contents of two files or sets of files
COMPACT Compress files or folders on an NTFS partition
COMPRESS Compress individual files on an NTFS partition
COPY Copy one or more files to another location•
CSCcmd Client-side caching (Offline Files)
DEL Delete one or more files•
DELTREE Delete a folder and all subfolders
DIR Display a list of files and folders•
ERASE Delete one or more files•
EXPAND Uncompress files
EXTRACT Uncompress CAB files
FC Compare two files
FIND Search for a text string in a file
FINDSTR Search for strings in files
FORFILES Batch process multiple files
FSUTIL File and Volume utilities
FTP File Transfer Protocol
FTYPE File extension file type associations•
iCACLS Change file and folder permissions
MD Create new folders•
MOVE Move files from one folder to another•
MKLINK Create a symbolic link (linkd)
OPENFILES Query or display open files
POPD Return to a previous directory saved by PUSHD•
PsFile Show files opened remotely
PUSHD Save and then change the current directory•
QGREP Search file(s) for lines that match a given pattern
RECOVER Recover a damaged file from a defective disk
REN Rename a file or files•
REPLACE Replace or update one file with another
RD Delete folder(s)•
RMTSHARE Share a folder or a printer
ROBOCOPY Robust File and Folder Copy
SHARE List or edit a file share or print share
SHORTCUT Create a windows shortcut (.LNK file)
SUBINACL Edit file and folder Permissions, Ownership and Domain
TAKEOWN Take ownership of a file
TOUCH Change file timestamps
TREE Graphical display of folder structure
TYPE Display the contents of a text file•
WHERE Locate and display files in a directory tree
WINDIFF Compare the contents of two files or sets of files
XCACLS Change file and folder permissions
XCOPY Copy files and folders
GPRESULT Display Resultant Set of Policy information
GPUPDATE Update Group Policy settings
MSIEXEC Microsoft Windows Installer
PsInfo List information about a system
PsShutdown Shutdown or reboot a computer
REGSVR32 Register or unregister a DLL
SHUTDOWN Shutdown the computer
SLMGR Software Licensing Management (Vista/2008)
WUAUCLT Windows Update
BROWSTAT Get domain, browser and PDC info
DNSSTAT DNS Statistics
GETMAC Display the Media Access Control (MAC) address
IPCONFIG Configure IP
NET Manage network resources
NETDOM Domain Manager
NETSH Configure Network Interfaces, Windows Firewall & Remote access
NBTSTAT Display networking statistics (NetBIOS over TCP/IP)
NETSTAT Display networking statistics (TCP/IP)
NSLOOKUP Name server lookup
PATHPING Trace route plus network latency and packet loss
PsPing Measure network performance
PING Test a network connection
ROUTE Manipulate network routing tables
TRACERT Trace route to a remote host
PATH Display or set a search path for executable files•
PsExec Execute process remotely
PsKill Kill processes by name or process ID
PsList List detailed information about processes
PsGetSid Display the SID of a computer or a user
PsSuspend Suspend processes
SCHTASKS Schedule a command to run at a specific time
SOON Schedule a command to run in the near future
TASKLIST List running applications and services
TASKKILL Remove a running process from memory
TLIST Task list with full path
MODE Configure a system device
PRINT Print a text file
PRINTBRM Print queue Backup/Recovery
PRNCNFG Display, configure or rename a printer
PRNMNGR Add, delete, list printers set the default printer
RUNDLL32 Run a DLL command (add/remove print connections)
REGEDIT Import or export registry settings
REGINI Change Registry Permissions
Query Process Display processes (TS/Remote Desktop)
Query Session Display all sessions (TS/Remote Desktop)
Query TermServer List all servers (TS/Remote Desktop)
Query User Display user sessions (TS/Remote Desktop)
MSTSC Terminal Server Connection (Remote Desktop Protocol)
RASDIAL Manage RAS connections
RASPHONE Manage RAS connections
Reset Session - Delete a Remote Desktop Session
TSSHUTDN Remotely shut down or reboot a terminal server
WINRM Windows Remote Management
WINRS Windows Remote Shell
NETSVC Command-line Service Controller
PORTQRY Display the status of ports and services
PsService View and control services
SC Service Control
SCLIST Display Services
DATE Display or set the date•
HELP Online Help
LOGMAN Manage Performance Monitor
MBSAcli Baseline Security Analyzer
MEM Display memory usage
MSINFO32 System Information
NTRIGHTS Edit user account rights
PERFMON Performance Monitor
PsLogList Event log records
SYSTEMINFO List system configuration
TIME Display or set the system time•
TypePerf Write performance data to a log file
VER Display version information•
VERIFY Verify that files have been saved•
WINMSDP Windows system report
WHOAMI Output the current UserName and domain
CERTREQ Request certificate from a certification authority
CleanMgr Automated cleanup of Temp files, recycle bin
CON2PRT Connect or disconnect a Printer
CMDKEY Manage stored usernames/passwords
DELPROF Delete user profiles
DIRUSE Display disk usage
GLOBAL Display membership of global groups
LOCAL Display membership of local groups
LOGOFF Log a user off
MOVEUSER Move a user from one domain to another
MSG Send a message
PERMS Show permissions for a user
POWERCFG Configure power settings
PsLoggedOn Who's logged on (locally or via resource sharing)
PsPasswd Change account password
SHOWGRPS List the Workgroups a user has joined
SHOWMBRS List the Users who are members of a Workgroup
SUBST Associate a path with a drive letter
USRSTAT List domain usernames and last login
Commands marked • are Internal commands only available within the CMD shell.
All other commands (not marked with •) are external commands.
External commands may be used under the CMD shell, PowerShell, or directly from START-RUN.
Examples
Show all MAC addresses in Table output:
getmac /fo table /nh /v
Show MAC addresses on server64
getmac /s server64
Show MAC addresses on server64 and authenticate as a different user:
getmac /s server64 /u ss64Dom\user583
Export a verbose listing of MAC addresses to a CSV file
getmac /v /fo csv > T:\macaddresses.csv
Configure IP (internet protocol configuration)
If the Adapter name contains spaces, use quotes: "Adapter Name" wildcard characters * and ? allowed, see the examples below The default is to display only the IP address, subnet mask and default gateway for each adapter bound to TCP/IP.
For Release and Renew, if no adapter name is specified, then the IP address leases for all adapters bound to TCP/IP will be released or renewed.
For Setclassid, if no ClassId is specified, then the ClassId is removed.
The NET Command is used to manage network resources as follows:
1. Manage Services
NET START, STOP, PAUSE, CONTINUE
The NET Command is used to manage services as follows:
To list the basic Services:
NET HELP SERVICES
To list the running Services:
NET START
If you try to start a service that is already running you will get this error message:
"The requested service has already been started. More help is available by typing NET HELPMSG 2182"
You can redirect and FIND this type of error as follows:
NET START alerter 2>&1|FIND "2182"
IF errorlevel 1 goto :sub_already_started
2. Connect to a file/print Share (Drive Map)
NET USE
The NET utilities are NetBIOS applications, this means that they rely on WINS (or the local LMHOSTS file) to resolve computer names to IP addresses.
The NET Command is used to connect to a File/Printer Share as follows:
Join a file share (Drive MAP)
NET USE [driveletter:] \\ComputerName\ShareName /PERSISTENT:YES
NET USE [driveletter:] \\ComputerName\ShareName\folder1\folder2 /PERSISTENT:No
Make all future connections persistent (auto-reconnect at login)
NET USE /Persistent:Yes
or
NET USE /P:Yes
Make all future connections non-persistent (reconnect with login script)
NET USE /Persistent:No
or
NET USE /P:No
Join a file share (Drive MAP) - with a long share name
NET USE [driveletter:] "\\ComputerName\ShareName"
Connect a user to their HOME directory
NET USE [devicename | *] [password | *]] [/HOME]
This requires the users Home server/folder to be defined in ADUC
Join a password protected file share (Drive MAP)
NET USE [driveletter:] \\ComputerName\ShareName[\volume] [password | *] [/USER:[domainname\]username] [/PERSISTENT:No]
In the above command /USER can also be specified as:
[/USER:[dotted domain name\]username]
[/USER:[username@dotted domain name]
In a script, to map a drive and wait until the mapping has completed before continuing:
START /wait NET USE [driveletter:] \\ComputerName\ShareName
This will be a little slower, but ensures that files can be read from the mapped drive.
Join a Printer Share
NET USE [LPTx:] \\ComputerName\printer_share /PERSISTENT:YES
Join a Printer Share - with a "long" share name
NET USE [LPTx:] "\\ComputerName\printer_share"
Disconnect from a share
NET USE [driveletter:] /DELETE
Disconnect from a share and close all resources (undocumented)
NET USE [driveletter:] /DELETE /Y
Examples
NET USE H: /Home
NET USE J: \\MainServer\Users\%Username%
NET USE W: \\MainServer\GroupShare /Persistent:No
NET USE \\MainServer\SharedPrinter
NET USE command can map a network printer to an LPT port (for DOS type applications that print to a port.) but this does not add the printer to the Control Panel GUI.
By default all mapped drives have a 15 minute idle session timeout, you can modify this with the NET CONFIG command. In windows XP the explorer icon will change to show this change in status, this behaviour is designed to improve overall performance.
Drive Descriptions
Recent versions of Windows display a drive description for each share, this can be edited in the Explorer GUI. The text is stored in the registry.
3. Manage file and printer shares
NET SHARE, VIEW
The NET Command is used to manage File Shares, Printer Shares and sessions as follows:
Display a local share
NET SHARE sharename
Display a list of computers in the current domain.
NET VIEW
To see a list of shares on a remote computer
NET VIEW \\ComputerName
To see a list of all shares in the domain:
NET VIEW /DOMAIN
To see a list of shares on a different domain
NET VIEW /DOMAIN:domainname
To see a list of shares on a remote Netware computer
NET VIEW /NETWORK:NW [\\ComputerName]
Create a new local file share
NET SHARE sharename=drive:path /REMARK:"text" [/CACHE:Manual | Automatic | No ]
Limit the number of users who can connect to a share
NET SHARE sharename /USERS:number /REMARK:"text"
Remove any limit on the number of users who can connect to a share
NET SHARE sharename /UNLIMITED /REMARK:"text"
Delete a share
NET SHARE {sharename | devicename | drive:path} /DELETE
Delete all shares that apply to a given device
NET SHARE devicename /DELETE
In this case the devicename can be a printer (Lpt1) or a pathname (C:\Docs\)
Join a file share (Drive MAP)
NET USE
Display all the open shared files on a server and the lock-id
NET FILE
Close a shared file (disconnect other users and remove file locks)
NET FILE id /CLOSE
List all sessions connected to this machine
NET SESSION
List sessions from a given machine
NET SESSION \\ComputerName
Disconnect all sessions connected to this machine
NET SESSION /DELETE
Disconnect all sessions connected to this machine (without any prompts)
NET SESSION /DELETE /y
Disconnect sessions from a given machine
NET SESSION \\ComputerName /DELETE
Notes:
NET SESSION displays incoming connections only, in other words it must be run on the machine that is acting as the server.
To create file shares the SERVER service must be running, which in turn requires 'File and Print Sharing' to be installed.
4. Manage open files and user sessions
NET FILE, SESSIONS
The NET Command is used to manage open files and user sessions as follows:
Display all the open shared files on a server and the lock-id
NET FILE
Close a shared file (disconnect other users and remove file locks)
NET FILE id /CLOSE
List all sessions connected to this machine:
NET SESSION
or
NET SESSION | Find "\\"
List sessions from a given machine
NET SESSION \\ComputerName
Disconnect all sessions connected to this machine
NET SESSION /DELETE
Disconnect all sessions connected to this machine (without any prompts)
NET SESSION /DELETE /y
Disconnect sessions from a given machine
NET SESSION \\ComputerName /DELETE
Notes:
NET SESSION displays incoming connections only, in other words it must be run on the machine that is acting as the server.
To create file shares the SERVER service must be running, which in turn requires 'File and Print Sharing' to be installed.
5. Manage Network Time
NET TIME
The NET Command is used to manage Network Print jobs and Network Time as follows:
The NET TIME command requires the `server' service to be running on the machine that is serving the time.
Display the time at this computer plus the DATE in US Format
NET TIME \\%ComputerName%
Display the date and time from another computer
NET TIME \\machinename
Display the date and time from the logonserver
NET TIME %LOGONSERVER%
Display the time from the domain timeserver
NET TIME /DOMAIN
Display the time from another domain
NET TIME /DOMAIN:domainname
Define the time server for your domain
NET TIME /setsntp:ServerName.DomainName.com
List the time server(s) for your domain
NET TIME /querysntp
Synchronise the computer's clock with that of the domain.
NET TIME /DOMAIN /SET /Y
Synchronise the computer's clock with a different domain.
NET TIME /DOMAIN:domainname /SET
Synchronise the computer's clock with that of another computer
NET TIME \\servername /SET /YES
Also see the "w32tm" command
Synchronise the computer's clock with a time server in a different domain.
NET TIME /RTSDOMAIN:domainname /SET
6. Manage Network Print jobs
NET PRINT
The NET command is used to manage Network Print jobs. This command has been deprecated in Windows 7 and Windows Server 2008 R2. However, you can perform many of the same tasks using Prnjobs.vbs, Windows Management Instrumentation (WMI), or Windows PowerShell cmdlets.
Display the job# of current print jobs
NET PRINT \\ComputerName\ShareName
Hold a print job waiting in the printer queue
NET PRINT [\\ComputerName] job# /HOLD
Release a print job that has been held.
NET PRINT [\\ComputerName] job# /RELEASE
Delete a print job from a printer queue.
NET PRINT [\\ComputerName] job# /DELETE
List all available printers
NET VIEW \\MyServer |find "Print"
7. Security
NET ACCOUNTS, USER, GROUP, LOCALGROUP
The NET Command is used to manage network security resources as follows:
View user account password and logon requirements (also displays the machine type - NT Server or NT workstation)
NET ACCOUNTS
View password and logon requirements for the network domain.
NET ACCOUNTS /DOMAIN
Set the number of minutes a user has before being forced to log off when the account expires or valid logon hours expire
NET ACCOUNTS /FORCELOGOFF:minutes /DOMAIN
Prevent forced logoff when user accounts expire
NET ACCOUNTS /FORCELOGOFF:NO /DOMAIN
Set the minimum number of characters for a password.
NET ACCOUNTS /MINPWLEN:C /DOMAIN
The range is 0-14 characters; the default is 6 characters.
Set the maximum number of days that a password is valid.
NET ACCOUNTS /MAXPWAGE:dd /DOMAIN
The range is 1-49710; the default is 90 days.
Set passwords to never expire.
NET ACCOUNTS /MAXPWAGE:UNLIMITED /DOMAIN
Set a minimum number of days that must pass before a user can change a password (default = 0)
NET ACCOUNTS /MINPWAGE:dd /DOMAIN
Require that new passwords be different from 'x' number of previous passwords
NET ACCOUNTS /UNIQUEPW:x /DOMAIN
The range for 'x' is 1-24
Synchoronise the user accounts database (PDC and BDC)
NET ACCOUNTS /SYNC /DOMAIN
View user account details
NET USER [/DOMAIN]
Add a user account.
NET USER username {password | *} /ADD [options] [/DOMAIN]
Modify a user account.
NET USER [username [password | *] [options]] [/DOMAIN]
Delete a username
NET USER username [/DELETE] [/DOMAIN]
Generate a random password:
NET USER administrator /random
Add a Workgroup
NET GROUP groupname /ADD [/COMMENT:"text"] [/DOMAIN]
Edit a workgroup
NET GROUP [groupname [/COMMENT:"text"]] [/DOMAIN]
Delete a group
NET GROUP groupname /DELETE [/DOMAIN]
Add a user to a group
NET GROUP groupname username [...] /ADD [/DOMAIN]
Delete a user from a group
NET GROUP groupname username [...] /DELETE [/DOMAIN]
To View, Add or modify a local workgroup replace GROUP in the commands above with LOCALGROUP.
Examples
Create a group
C:\>NET LOCALGROUP spud /add
Add to guests
C:\>NET LOCALGROUP guests spud /add
Then remove
C:\>NET LOCALGROUP guests spud /delete
C:\>NET LOCALGROUP spud /delete
8. Network Messaging
NET NAME, SEND
The NET Command is used to send network messages as follows:
Network broadcast messages use "messaging names". A messaging name can be the ComputerName, your UserName or any other name you add as part of the NET NAME command line.
To send a broadcast message to another user
NET SEND j_smith Meeting changed to 3 p.m
To send a broadcast message to another machine
NET SEND mc_144 Meeting changed to 3 p.m
To send a message to all users who have a session with the server
NET SEND /USERS This server will shut down in 5 minutes.
To send a broadcast message to the whole domain
NET SEND * This server will shut down in 5 minutes.
To send a broadcast message to another domain
NET SEND /DOMAIN[:other domainname] This server will shut down in 5 minutes.
Messaging names:
To add an additional messaging name (for receiving messages.)
NET NAME extraname /ADD
To remove a messaging name (n.b. it is not possible to remove the ComputerName with this command)
NET NAME extraname /DELETE
To use NET SEND the Messenger service must be running, many organisations choose not to run this service.
9. Help
NET HELP, HELPMSG
The NET Command is used to display help as follows:
The syntax for displaying help differs from other NT commands:
Provide brief help with any NET command
NET option suboption /?
e.g.
NET CONFIG SERVER /?
Provide detailed help with any NET command
NET option suboption /HELP
or
NET HELP option suboption
e.g.
NET CONFIG SERVER /HELP
NET HELP CONFIG SERVER
To provide help with a Windows error message (Typically the 4 digit number from the Event Viewer system log)
NET HELPMSG message#
e.g.
NET HELPMSG 2184
Explanation of how to read NET HELP screens.
NET HELP SYNTAX
To display NET Help one screen at a time:
NET HELP option | MORE
10. Network configuration
NET COMPUTER, CONFIG_WORKSTATION, CONFIG_SERVER, STATISTICS_WORKSTATION, STATISTICS_SERVER
The NET Command is used to manage network resources as follows:
Managing Network configuration
To add a computer to the domain
NET COMPUTER \\ComputerName /ADD
This command is only available from the Server and is best run from the Primary Domain Controller (PDC)
To remove a computer from the domain
NET COMPUTER \\ComputerName /DEL
This command is only available from the Server and is best run from the Primary Domain Controller (PDC)
Change the idle session timeout (default = 15 minutes)
NET CONFIG SERVER /Autodisconnect:mm
To disable idle timeouts altogether
NET CONFIG SERVER /Autodisconnect:-1
Note this may reduce overall performance - see related KBase articles below.
To hide a machine from Network Neighbourhood (by not sending announcements to domain browsers you may reduce network traffic.)
NET CONFIG SERVER /hidden:yes
Change the comment displayed in My Computer (detail view)
NET CONFIG SERVER /Srvcomment:"YourText"
Display or change the Workstation Service communication device settings
NET CONFIG WORKSTATION /?
Display statistics
NET STATISTICS WORKSTATION
NET STATISTICS SERVER
Note: When you use NET commands in a batch file, you can use the Y or N switch to unconditionally answer Yes or No to questions returned by the Net command
ARP - Address Resolution Protocol
Display and modify the IP-to-Physical address translation tables used by address resolution protocol.
If two hosts on the same sub-net cannot ping each other successfully, try running ARP -a to list the addresses on each computer to see if they have the correct MAC addresses.
A host's MAC address can be checked using IPCONFIG. If another host with a duplicate IP address exists on the network, the ARP cache may have had the MAC address for the other computer placed in it. ARP -d is used to delete an entry that may be incorrect.
Examples
Display the ARP cache tables for all interfaces:
C:\> arp -a
Display the ARP cache table for the interface on IP address 10.1.4.99:
C:\> arp -a -N 10.1.4.99
Add a static ARP cache entry on IP addr 10.1.4.77 to the physical address 00-AA-21-4A-2F-9A:
C:\> arp -s 10.1.4.77 00-AA-21-4A-2F-9A
Get domain, browser and PDC info.
Syntax
BROWSTAT option
Options:
BROWSTAT Dumpnet
BROWSTAT dn : Display the transports bound to browser
BROWSTAT GetPdc Transport Domain
BROWSTAT gp Transport Domain : List the PDC name (via NetBIOS)
BROWSTAT GetMaster Transport Domain
BROWSTAT gm Transport Domain : List the remote Master Browser name(via NetBIOS)
BROWSTAT Getblist Transport
BROWSTAT gb Transport : List the backup DNS Servers.
BROWSTAT ListWfw
BROWSTAT wfw : WindowsForWorkgroups servers running browser.
BROWSTAT Stats \\ServerName
BROWSTAT sts \\ServerName : List all browser statistics
BROWSTAT Status : Display Transport,Primary DNS
BROWSTAT sta and Backup DNS servers.
BROWSTAT Status -v domain : Verbose Status Display
BROWSTAT sta -v domain include Server OS and active browsers.
BROWSTAT Tickle
BROWSTAT Tic : Force remote master to stop.
BROWSTAT Elect
BROWSTAT el : Force election on remote domain
BROWSTAT View Transport
BROWSTAT vw Transport
BROWSTAT vw Transport ‹domain›
BROWSTAT vw Transport \\Server
BROWSTAT vw Transport \\‹Server› /DOMAIN ‹DomainToQuery›
The VIEW options can enumerate server services running across a server or domain. Other Browstat features will only work only within a single network subnet. To span subnets/routers across a domain, run browstat via psexec.
In the list displays, the following flags are used:
W = Workstation NT = Windows NT
S = Server W95 = Windows95
SQL = SQLServer WFW = WindowsForWorkgroups
SS = StandardServer MFPN= MS Netware
PDC = PrimaryDomainController NV = Novell
BDC = BackupDomainController XN = Xenix
TS = Time Source
MBC = Member Server
PQ = Print Queue Server
DL = Dial-in Server
AFP = AFP Server
OSF = OSF Server
VMS = VMS Server
PBR = Potential Browser
BBR = Backup Browser,
MBR = Master Browser
DMB = DomainMaster Browser
DFS = Distributed File System
Examples
Display transports:
C:\>browstat dn
List of transports currently bound to the browser
1 \Device\NetBT_Tcpip_{B1AFFCA2-6410-4644-9FE7-BA6C274FD4F3}
List the backup DNS servers for transport #1:
C:\>browstat gb 1
Browser: \\PC00096
Browser: \\PC00082
List Print queues for transport #1:
C:\> BROWSTAT vw 1 |find "PQ"
Domain Manager - Manage Machine Accounts and Passwords. NetDom is available as part of the RSAT feature on a Windows 7 / 2008 R2 server (or by default, with the AD DS or AD LDS server roles.)
Display current TCP/IP network connections and protocol statistics.
Lookup IP addresses on a NameServer.
Example:
C:\> nslookup -querytype=TXT -timeout=10 porttest.dns-oarc.net
Trace route and provide network latency and packet loss for each router and link in the path. Combines the functionality of PING and TRACERT.
Pathping is invaluable for determining which routers or subnets may be having network problems - it displays the degree of packet loss at any given router or link.
Pathping sends multiple Echo Request messages to each router between a source and destination over a period of time and computes aggregate results based on the packets returned from each router.
Pathping performs the equivalent of the tracert command by identifying which routers are on the path.
To avoid network congestion and to minimize the effect of burst losses, pings should be sent at a sufficiently slow pace (not too frequently.)
When -p is specified, pings are sent individually to each intermediate hop. When -w is specified, multiple pings can be sent in parallel. It's therefore possible to choose a Timeout parameter that is less than the wait Period * Number of hops.
FirewallsLike tracert PathPing uses Internet Control Message Protocol (ICMP) over TCP/IP. Many firewalls will block ICMP traffic by default. If an attacker is able to forge ICMP redirect packets, he or she can alter the routing tables on the host and possibly subvert the security of the host by causing traffic to flow via a path you didn't intend.
Measure network performance. In addition to standard ICMP ping functionality, PsPing can report the latency of connecting to TCP ports, the latency of TCP round-trip communication between systems, and the TCP bandwidth available to a connection between systems. Besides obtaining min, max, and average values in 0.01ms resolution, you can also use PsPing to generate histograms of the results that are easy to import into a spreadsheet.
Installation: Copy PsPing onto your executable path. Typing "psping" will display help.
Examples:
Execute an ICMP ping test for 10 iterations with 3 warmup iterations:
psping -n 10 -w 3 workstation64
To execute a TCP connect test, specify the port number. The following command executes connect attempts against the target as quickly as possible, only printing a summary when finished with the 100 iterations and 1 warmup iteration:
psping -n 100 -i 0 -q workstation64:80
To configure a server for latency and bandwidth tests, simply specify the -s option and the source address and port the server will bind to:
psping -s 10.5.2.2:5000
A buffer size is required to perform a TCP latency test. This example measures the round trip latency of sending an 8KB packet to the target server, printing a histogram with 100 buckets when completed:
psping -l 8192 -n 10000 -h 100 192.168.2.2:5000
This is the same command except with a -b option, which executed against the same server performs a bandwidth test. Note that the test must run for at least one second after warmup for a histogram to generate:
psping -b -l 8192 -n 10000 -h 100 192.168.2.2:5000
Test a network connection - if successful, ping returns the ip address.
A response of "Request timed out" means there was no response to the ping attempt in the default time period of one second.
If the latency of the response is more than one second. Use the -w option on the ping command to increase the time-out. For example, to allow responses within five seconds, use ping -w 5000.
The IPv6 options are only available on versions of Windows that support IPv6, e.g. Windows 7 /2008
A successful PING does NOT always return an %errorlevel% == 0
Therefore to reliably detect a successful ping - pipe the output into FIND and look for the text "TTL"
Note that "Reply" in the output of PING does not always indicate a positive response. You may receive a message from a router such as: Reply from 192.168.1.254: Destination Net Unreachable.
Four steps to test an IP connection with ping:
1) Ping the loopback address to verify that TCP/IP is installed and configured correctly on the local computer.
PING 127.0.0.1
2) Ping the IP address of the local computer to verify that it was added to the network correctly.
PING IP_address_of_local_host
3) Ping the IP address of the default gateway to verify that the default gateway is functioning and that you can communicate with a local host on the local network.
PING IP_address_of_default_gateway
4) Ping the IP address of a remote host to verify that you can communicate through a router.
PING IP_address_of_remote_host
Examples
Ping a server just once:
PING -n 1 Server64
Check if a host is reachable:
PING Server64 |find "TTL=" && ECHO MyHost found
Check if a host is not reachable:
PING Server64 |find "TTL=" || ECHO MyHost not found
Test which iSCSI IP on a specific NIC is functioning or if a specific teamed NIC is operating as it should:
Ping –S (Source IP: XXX.XXX.XXX.XXX) (Destination IP: XXX.XXX.XXX.XXX)
Ping –S 10.5.7.64 10.5.7.1
Ping a website 5 times:
PING -n 5 -w 7500 www.microsoft.com
PAUSE for 1 or more seconds by pinging the loopback address (127.0.0.1):
e.g. for a delay of 30 seconds:
PING -n 31 127.0.0.1>nul
In tests this consumes less processor time than Sleep or Timeout - see Clay Calvert's original newsgroup posting.
Script to monitor your connection to a website (example.com) every 15 seconds:
The script above can be used to test an Internet connection, just replace example.com with your ISP's Default Gateway IP address. This represents the first physical device on the ISP's side of your connection. You can find the Default Gateway on your router status screen.
Note: some ISP’s or network admins may not appreciate you performing frequent or continual pings to their server, try not to overdo it!
PING is named after the sound that a sonar makes.
Ping response times below 10 milliseconds often have low accuracy. A time of 10 milliseconds is roughly equal to a distance of 1860 Miles, travelling a straight line route at the speed of light, (or a round trip of 2 × 930 miles). From this you can see that Ping response times only give a very rough estimate of the distance to a remote host.
Manipulate network routing tables. Route packets of network traffic from one subnet to another by modifying the route table.
Note that routes added to the table are not made persistent unless the -p switch is specified. Non-persistent routes only last until the computer is rebooted.
Symbolic names used for Destination_Host are looked up in the network database file NETWORKS.
The symbolic names for gateway are looked up in the host name database file HOSTS.
If the command is PRINT or DELETE. Destination or gateway can be a wildcard ('*'), or the gateway argument may be omitted.
An IP address mask of 0.0.0.0 means everything. (rather like the *.* wildcard). In other words it says: When matching this pattern, don’t worry about matching any of the bits - everything matches.
If Destination_Host contains a * or ?, it is treated as a shell pattern, and only matching destination routes are printed. The '*' matches any string, and '?' matches any one char.
Examples:
157.*.1
157.*
127.*
*224*
Trace Route - Find the IP address of any remote host. TRACERT is useful for troubleshooting large networks where several paths can be taken to arrive at the same point, or where many intermediate systems (routers or bridges) are involved.
The functionality of TRACERT is the same under all versions of windows but the output is cosmetically improved under XP.
Tracert uses the IP TTL field and ICMP error messages to determine the route from one host to another through a network.
Care must be taken with tracert as it shows the optimal route, not necessarily the actual route. To be accurate, it is possible to ping from a UNIX machine back to the PC using the -R option to record the route taken - but only if the particular network devices support it.
This diagnostic tool determines the path taken to a destination by sending ICMP Echo Request messages with varying Time to Live (TTL) values to the destination.
TTL (Time to Live) calculation
TTL is effectively a count of the (maximum) number of links to the destination host. Each router along the path decrements the TTL in an IP packet by at least 1 before forwarding it.
When the TTL on a packet reaches 0, the router is expected to return an ICMP Time Exceeded message to the source computer.
Tracert determines the path by sending the first Echo Request message with a TTL of 1 and incrementing the TTL by 1 on each subsequent transmission until either the target host responds or the maximum number of hops is reached.
This process relys on intermediate routers to return ICMP Time Exceeded messages. However, some routers do not return Time Exceeded messages for packets with expired TTL values and are invisible to the tracert command. In this case, a row of asterisks (*) is displayed for that hop.
FirewallsMany firewalls will block ICMP traffic by default. If an attacker is able to forge ICMP redirect packets, he or she can alter the routing tables on the host and possibly subvert the security of the host by causing traffic to flow via a path you didn't intend.
Examples
Active Directory
ADmodcmd Active Directory Bulk ModifyCSVDE Import or Export Active Directory data
DSACLs Active Directory ACLs
DSAdd Add items to active directory (user group computer)
DSGet View items in active directory (user group computer)
DSQuery Search for items in active directory (user group computer)
DSMod Modify items in active directory (user group computer)
DSMove Move an Active directory Object
DSRM Remove items from Active Directory
Batch Files
CALL Call one batch program from another•CHOICE Accept keyboard input to a batch file
CLIP Copy STDIN to the Windows clipboard
CLS Clear the screen•
CMD Start a new CMD shell
COLOR Change colors of the CMD window•
DOSKEY Edit command line, recall commands, and create macros
ECHO Display message on screen•
ENDLOCAL End localisation of environment changes in a batch file•
EVENTCREATE Add a message to the Windows event log
EXIT Quit the current script/routine and set an errorlevel•
FOR /F Loop command: against a set of files•
FOR /F Loop command: against the results of another command•
FOR Loop command: all options Files, Directory, List•
GOTO Direct a batch program to jump to a labelled line•
IF Conditionally perform a command•
IFMEMBER Is the current user a member of a Workgroup
LOGEVENT Write text to the event viewer
LOGTIME Log the date and time in a file
MAPISEND Send email from the command line
MORE Display output, one screen at a time
PAUSE Suspend processing of a batch file and display a message•
PROMPT Change the command prompt•
REM Record comments (remarks) in a batch file•
RUN Start | RUN commands
RUNAS Execute a program under a different user account
SET Display, set, or remove session environment variables•
SETLOCAL Control the visibility of environment variables•
SETX Set environment variables
SORT Sort input
SHIFT Shift the position of batch file parameters•
SLEEP Wait for x seconds
START Start a program, command or batch file•
TIMEOUT Delay processing of a batch file
TITLE Set the window title for a CMD.EXE session•
WAITFOR Wait for or send a signal
WMIC WMI Commands
:: Comment / Remark•
Disk Management
BOOTCFG Edit Windows boot settingsBCDBOOT Create or repair a system partition
BCDEDIT Manage Boot Configuration Data
CONVERT Convert a FAT drive to NTFS
CHKDSK Check Disk - check and repair disk problems
CHKNTFS Check the NTFS file system
DEFRAG Defragment hard drive
DISKPART Disk Administration
DISKSHADOW Volume Shadow Copy Service
DriverQuery Display installed device drivers
FORMAT Format a disk
FREEDISK Check free disk space (in bytes)
LABEL Edit a disk label
MOUNTVOL Manage a volume mount point
NTBACKUP Backup folders to tape
SFC System File Checker
VOL Display a disk label•
Files and Folders
ASSOC Change file extension associations•ASSOCIAT One step file association
ATTRIB Change file attributes
BITSADMIN Background Intelligent Transfer Service
CACLS Change file permissions
CD Change Directory - move to a specific Folder•
CIPHER Encrypt or Decrypt files/folders
COMP Compare the contents of two files or sets of files
COMPACT Compress files or folders on an NTFS partition
COMPRESS Compress individual files on an NTFS partition
COPY Copy one or more files to another location•
CSCcmd Client-side caching (Offline Files)
DEL Delete one or more files•
DELTREE Delete a folder and all subfolders
DIR Display a list of files and folders•
ERASE Delete one or more files•
EXPAND Uncompress files
EXTRACT Uncompress CAB files
FC Compare two files
FIND Search for a text string in a file
FINDSTR Search for strings in files
FORFILES Batch process multiple files
FSUTIL File and Volume utilities
FTP File Transfer Protocol
FTYPE File extension file type associations•
iCACLS Change file and folder permissions
MD Create new folders•
MOVE Move files from one folder to another•
MKLINK Create a symbolic link (linkd)
OPENFILES Query or display open files
POPD Return to a previous directory saved by PUSHD•
PsFile Show files opened remotely
PUSHD Save and then change the current directory•
QGREP Search file(s) for lines that match a given pattern
RECOVER Recover a damaged file from a defective disk
REN Rename a file or files•
REPLACE Replace or update one file with another
RD Delete folder(s)•
RMTSHARE Share a folder or a printer
ROBOCOPY Robust File and Folder Copy
SHARE List or edit a file share or print share
SHORTCUT Create a windows shortcut (.LNK file)
SUBINACL Edit file and folder Permissions, Ownership and Domain
TAKEOWN Take ownership of a file
TOUCH Change file timestamps
TREE Graphical display of folder structure
TYPE Display the contents of a text file•
WHERE Locate and display files in a directory tree
WINDIFF Compare the contents of two files or sets of files
XCACLS Change file and folder permissions
XCOPY Copy files and folders
Group Policy/Windows Installer
DevCon Device Manager Command Line UtilityGPRESULT Display Resultant Set of Policy information
GPUPDATE Update Group Policy settings
MSIEXEC Microsoft Windows Installer
PsInfo List information about a system
PsShutdown Shutdown or reboot a computer
REGSVR32 Register or unregister a DLL
SHUTDOWN Shutdown the computer
SLMGR Software Licensing Management (Vista/2008)
WUAUCLT Windows Update
Networking
ARP Address Resolution ProtocolBROWSTAT Get domain, browser and PDC info
DNSSTAT DNS Statistics
GETMAC Display the Media Access Control (MAC) address
IPCONFIG Configure IP
NET Manage network resources
NETDOM Domain Manager
NETSH Configure Network Interfaces, Windows Firewall & Remote access
NBTSTAT Display networking statistics (NetBIOS over TCP/IP)
NETSTAT Display networking statistics (TCP/IP)
NSLOOKUP Name server lookup
PATHPING Trace route plus network latency and packet loss
PsPing Measure network performance
PING Test a network connection
ROUTE Manipulate network routing tables
TRACERT Trace route to a remote host
Processes
KILL Remove a program from memoryPATH Display or set a search path for executable files•
PsExec Execute process remotely
PsKill Kill processes by name or process ID
PsList List detailed information about processes
PsGetSid Display the SID of a computer or a user
PsSuspend Suspend processes
SCHTASKS Schedule a command to run at a specific time
SOON Schedule a command to run in the near future
TASKLIST List running applications and services
TASKKILL Remove a running process from memory
TLIST Task list with full path
Printing
CON2PRT Connect or disconnect a PrinterMODE Configure a system device
PRINT Print a text file
PRINTBRM Print queue Backup/Recovery
PRNCNFG Display, configure or rename a printer
PRNMNGR Add, delete, list printers set the default printer
RUNDLL32 Run a DLL command (add/remove print connections)
Registry
REG Registry: Read, Set, Export, Delete keys and valuesREGEDIT Import or export registry settings
REGINI Change Registry Permissions
Remote Desktop
CHANGE Change Terminal Server Session propertiesQuery Process Display processes (TS/Remote Desktop)
Query Session Display all sessions (TS/Remote Desktop)
Query TermServer List all servers (TS/Remote Desktop)
Query User Display user sessions (TS/Remote Desktop)
MSTSC Terminal Server Connection (Remote Desktop Protocol)
RASDIAL Manage RAS connections
RASPHONE Manage RAS connections
Reset Session - Delete a Remote Desktop Session
TSSHUTDN Remotely shut down or reboot a terminal server
WINRM Windows Remote Management
WINRS Windows Remote Shell
Services
CASPOL Code Access Security Policy Tool.NETSVC Command-line Service Controller
PORTQRY Display the status of ports and services
PsService View and control services
SC Service Control
SCLIST Display Services
System Information
NOW Display the current Date and TimeDATE Display or set the date•
HELP Online Help
LOGMAN Manage Performance Monitor
MBSAcli Baseline Security Analyzer
MEM Display memory usage
MSINFO32 System Information
NTRIGHTS Edit user account rights
PERFMON Performance Monitor
PsLogList Event log records
SYSTEMINFO List system configuration
TIME Display or set the system time•
TypePerf Write performance data to a log file
VER Display version information•
VERIFY Verify that files have been saved•
WINMSDP Windows system report
WHOAMI Output the current UserName and domain
User Administration
ADDUSERS Add or list users to/from a CSV fileCERTREQ Request certificate from a certification authority
CleanMgr Automated cleanup of Temp files, recycle bin
CON2PRT Connect or disconnect a Printer
CMDKEY Manage stored usernames/passwords
DELPROF Delete user profiles
DIRUSE Display disk usage
GLOBAL Display membership of global groups
LOCAL Display membership of local groups
LOGOFF Log a user off
MOVEUSER Move a user from one domain to another
MSG Send a message
PERMS Show permissions for a user
POWERCFG Configure power settings
PsLoggedOn Who's logged on (locally or via resource sharing)
PsPasswd Change account password
SHOWGRPS List the Workgroups a user has joined
SHOWMBRS List the Users who are members of a Workgroup
SUBST Associate a path with a drive letter
USRSTAT List domain usernames and last login
Commands marked • are Internal commands only available within the CMD shell.
All other commands (not marked with •) are external commands.
External commands may be used under the CMD shell, PowerShell, or directly from START-RUN.
Networking Commands
GetMac.exe
Display the Media Access Control (MAC) address and list of network protocols associated with each address for all network cards in each computer, either locally or across a network.Syntax
getmac [/s Computer [/u Domain\User [/p Password]]]
[/fo {TABLE|LIST|CSV}] [/nh] [/v]
Key
/s Computer The name or IP address of a remote computer(do not use backslashes). Default = local computer.
/u Domain\User Run the command with the account permissions of the user specified. Default = the currently logged on user.
/p Password The password of the user account that is specified in the /u parameter.
/fo { TABLE | LIST | CSV }
Format the output. Default = TABLE.
/nh Omit the header row from the displayed driver information.
Valid when the /fo parameter is set to TABLE or CSV.
/v Display verbose information.
/? Display Help.
Examples
Show all MAC addresses in Table output:
getmac /fo table /nh /v
Show MAC addresses on server64
getmac /s server64
Show MAC addresses on server64 and authenticate as a different user:
getmac /s server64 /u ss64Dom\user583
Export a verbose listing of MAC addresses to a CSV file
getmac /v /fo csv > T:\macaddresses.csv
IPCONFIG
Configure IP (internet protocol configuration)
Syntax
IPCONFIG /all Display full configuration information.
IPCONFIG /release [adapter]
Release the IP address for the specified adapter.
IPCONFIG /renew [adapter]
Renew the IP address for the specified adapter.
IPCONFIG /flushdns Purge the DNS Resolver cache.
IPCONFIG /registerdns Refresh all DHCP leases and re-register DNS names.
IPCONFIG /displaydns Display the contents of the DNS Resolver Cache.
IPCONFIG /showclassid adapter
Display all the DHCP class IDs allowed for adapter.
IPCONFIG /setclassid adapter [classid]
Modify the dhcp class id.
If the Adapter name contains spaces, use quotes: "Adapter Name" wildcard characters * and ? allowed, see the examples below The default is to display only the IP address, subnet mask and default gateway for each adapter bound to TCP/IP.
For Release and Renew, if no adapter name is specified, then the IP address leases for all adapters bound to TCP/IP will be released or renewed.
For Setclassid, if no ClassId is specified, then the ClassId is removed.
Examples:
> ipconfig ... Show information.
> ipconfig /all ... Show detailed information
> ipconfig /renew ... renew all adapters
> ipconfig /renew EL* ... renew any connection that has its name starting with EL
> ipconfig /release *Con* ... release all matching connections, eg. "Local Area Connection 1" or "Local Area Connection 2"
> ipconfig /setclassid "Local Area Connection" TEST
... set the DHCP class ID for the
named adapter to = TEST
NET.exe
The NET Command is used to manage network resources as follows:
1. Manage Services
NET START, STOP, PAUSE, CONTINUE
The NET Command is used to manage services as follows:
Syntax
NET START [service]
NET STOP [service]
NET PAUSE [service]
NET CONTINUE [service]
Key
service : The service name as shown in Control Panel, Services
To list the basic Services:
NET HELP SERVICES
To list the running Services:
NET START
If you try to start a service that is already running you will get this error message:
"The requested service has already been started. More help is available by typing NET HELPMSG 2182"
You can redirect and FIND this type of error as follows:
NET START alerter 2>&1|FIND "2182"
IF errorlevel 1 goto :sub_already_started
2. Connect to a file/print Share (Drive Map)
NET USE
The NET utilities are NetBIOS applications, this means that they rely on WINS (or the local LMHOSTS file) to resolve computer names to IP addresses.
The NET Command is used to connect to a File/Printer Share as follows:
Join a file share (Drive MAP)
NET USE [driveletter:] \\ComputerName\ShareName /PERSISTENT:YES
NET USE [driveletter:] \\ComputerName\ShareName\folder1\folder2 /PERSISTENT:No
Make all future connections persistent (auto-reconnect at login)
NET USE /Persistent:Yes
or
NET USE /P:Yes
Make all future connections non-persistent (reconnect with login script)
NET USE /Persistent:No
or
NET USE /P:No
Join a file share (Drive MAP) - with a long share name
NET USE [driveletter:] "\\ComputerName\ShareName"
Connect a user to their HOME directory
NET USE [devicename | *] [password | *]] [/HOME]
This requires the users Home server/folder to be defined in ADUC
Join a password protected file share (Drive MAP)
NET USE [driveletter:] \\ComputerName\ShareName[\volume] [password | *] [/USER:[domainname\]username] [/PERSISTENT:No]
In the above command /USER can also be specified as:
[/USER:[dotted domain name\]username]
[/USER:[username@dotted domain name]
In a script, to map a drive and wait until the mapping has completed before continuing:
START /wait NET USE [driveletter:] \\ComputerName\ShareName
This will be a little slower, but ensures that files can be read from the mapped drive.
Join a Printer Share
NET USE [LPTx:] \\ComputerName\printer_share /PERSISTENT:YES
Join a Printer Share - with a "long" share name
NET USE [LPTx:] "\\ComputerName\printer_share"
Disconnect from a share
NET USE [driveletter:] /DELETE
Disconnect from a share and close all resources (undocumented)
NET USE [driveletter:] /DELETE /Y
Examples
NET USE H: /Home
NET USE J: \\MainServer\Users\%Username%
NET USE W: \\MainServer\GroupShare /Persistent:No
NET USE \\MainServer\SharedPrinter
NET USE command can map a network printer to an LPT port (for DOS type applications that print to a port.) but this does not add the printer to the Control Panel GUI.
By default all mapped drives have a 15 minute idle session timeout, you can modify this with the NET CONFIG command. In windows XP the explorer icon will change to show this change in status, this behaviour is designed to improve overall performance.
Drive Descriptions
Recent versions of Windows display a drive description for each share, this can be edited in the Explorer GUI. The text is stored in the registry.
HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\##ComputerName#ShareName
_LabelFromReg=<description of drive mapping>
(string REG_SZ)
3. Manage file and printer shares
NET SHARE, VIEW
The NET Command is used to manage File Shares, Printer Shares and sessions as follows:
Display a local share
NET SHARE sharename
Display a list of computers in the current domain.
NET VIEW
To see a list of shares on a remote computer
NET VIEW \\ComputerName
To see a list of all shares in the domain:
NET VIEW /DOMAIN
To see a list of shares on a different domain
NET VIEW /DOMAIN:domainname
To see a list of shares on a remote Netware computer
NET VIEW /NETWORK:NW [\\ComputerName]
Create a new local file share
NET SHARE sharename=drive:path /REMARK:"text" [/CACHE:Manual | Automatic | No ]
Limit the number of users who can connect to a share
NET SHARE sharename /USERS:number /REMARK:"text"
Remove any limit on the number of users who can connect to a share
NET SHARE sharename /UNLIMITED /REMARK:"text"
Delete a share
NET SHARE {sharename | devicename | drive:path} /DELETE
Delete all shares that apply to a given device
NET SHARE devicename /DELETE
In this case the devicename can be a printer (Lpt1) or a pathname (C:\Docs\)
Join a file share (Drive MAP)
NET USE
Display all the open shared files on a server and the lock-id
NET FILE
Close a shared file (disconnect other users and remove file locks)
NET FILE id /CLOSE
List all sessions connected to this machine
NET SESSION
List sessions from a given machine
NET SESSION \\ComputerName
Disconnect all sessions connected to this machine
NET SESSION /DELETE
Disconnect all sessions connected to this machine (without any prompts)
NET SESSION /DELETE /y
Disconnect sessions from a given machine
NET SESSION \\ComputerName /DELETE
Notes:
NET SESSION displays incoming connections only, in other words it must be run on the machine that is acting as the server.
To create file shares the SERVER service must be running, which in turn requires 'File and Print Sharing' to be installed.
4. Manage open files and user sessions
NET FILE, SESSIONS
The NET Command is used to manage open files and user sessions as follows:
Display all the open shared files on a server and the lock-id
NET FILE
Close a shared file (disconnect other users and remove file locks)
NET FILE id /CLOSE
List all sessions connected to this machine:
NET SESSION
or
NET SESSION | Find "\\"
List sessions from a given machine
NET SESSION \\ComputerName
Disconnect all sessions connected to this machine
NET SESSION /DELETE
Disconnect all sessions connected to this machine (without any prompts)
NET SESSION /DELETE /y
Disconnect sessions from a given machine
NET SESSION \\ComputerName /DELETE
Notes:
NET SESSION displays incoming connections only, in other words it must be run on the machine that is acting as the server.
To create file shares the SERVER service must be running, which in turn requires 'File and Print Sharing' to be installed.
5. Manage Network Time
NET TIME
The NET Command is used to manage Network Print jobs and Network Time as follows:
The NET TIME command requires the `server' service to be running on the machine that is serving the time.
Display the time at this computer plus the DATE in US Format
NET TIME \\%ComputerName%
Display the date and time from another computer
NET TIME \\machinename
Display the date and time from the logonserver
NET TIME %LOGONSERVER%
Display the time from the domain timeserver
NET TIME /DOMAIN
Display the time from another domain
NET TIME /DOMAIN:domainname
Define the time server for your domain
NET TIME /setsntp:ServerName.DomainName.com
List the time server(s) for your domain
NET TIME /querysntp
Synchronise the computer's clock with that of the domain.
NET TIME /DOMAIN /SET /Y
Synchronise the computer's clock with a different domain.
NET TIME /DOMAIN:domainname /SET
Synchronise the computer's clock with that of another computer
NET TIME \\servername /SET /YES
Also see the "w32tm" command
Synchronise the computer's clock with a time server in a different domain.
NET TIME /RTSDOMAIN:domainname /SET
6. Manage Network Print jobs
NET PRINT
The NET command is used to manage Network Print jobs. This command has been deprecated in Windows 7 and Windows Server 2008 R2. However, you can perform many of the same tasks using Prnjobs.vbs, Windows Management Instrumentation (WMI), or Windows PowerShell cmdlets.
Display the job# of current print jobs
NET PRINT \\ComputerName\ShareName
Hold a print job waiting in the printer queue
NET PRINT [\\ComputerName] job# /HOLD
Release a print job that has been held.
NET PRINT [\\ComputerName] job# /RELEASE
Delete a print job from a printer queue.
NET PRINT [\\ComputerName] job# /DELETE
List all available printers
NET VIEW \\MyServer |find "Print"
7. Security
NET ACCOUNTS, USER, GROUP, LOCALGROUP
The NET Command is used to manage network security resources as follows:
View user account password and logon requirements (also displays the machine type - NT Server or NT workstation)
NET ACCOUNTS
View password and logon requirements for the network domain.
NET ACCOUNTS /DOMAIN
Set the number of minutes a user has before being forced to log off when the account expires or valid logon hours expire
NET ACCOUNTS /FORCELOGOFF:minutes /DOMAIN
Prevent forced logoff when user accounts expire
NET ACCOUNTS /FORCELOGOFF:NO /DOMAIN
Set the minimum number of characters for a password.
NET ACCOUNTS /MINPWLEN:C /DOMAIN
The range is 0-14 characters; the default is 6 characters.
Set the maximum number of days that a password is valid.
NET ACCOUNTS /MAXPWAGE:dd /DOMAIN
The range is 1-49710; the default is 90 days.
Set passwords to never expire.
NET ACCOUNTS /MAXPWAGE:UNLIMITED /DOMAIN
Set a minimum number of days that must pass before a user can change a password (default = 0)
NET ACCOUNTS /MINPWAGE:dd /DOMAIN
Require that new passwords be different from 'x' number of previous passwords
NET ACCOUNTS /UNIQUEPW:x /DOMAIN
The range for 'x' is 1-24
Synchoronise the user accounts database (PDC and BDC)
NET ACCOUNTS /SYNC /DOMAIN
View user account details
NET USER [/DOMAIN]
Add a user account.
NET USER username {password | *} /ADD [options] [/DOMAIN]
Modify a user account.
NET USER [username [password | *] [options]] [/DOMAIN]
Delete a username
NET USER username [/DELETE] [/DOMAIN]
Generate a random password:
NET USER administrator /random
Add a Workgroup
NET GROUP groupname /ADD [/COMMENT:"text"] [/DOMAIN]
Edit a workgroup
NET GROUP [groupname [/COMMENT:"text"]] [/DOMAIN]
Delete a group
NET GROUP groupname /DELETE [/DOMAIN]
Add a user to a group
NET GROUP groupname username [...] /ADD [/DOMAIN]
Delete a user from a group
NET GROUP groupname username [...] /DELETE [/DOMAIN]
To View, Add or modify a local workgroup replace GROUP in the commands above with LOCALGROUP.
Examples
Create a group
C:\>NET LOCALGROUP spud /add
Add to guests
C:\>NET LOCALGROUP guests spud /add
Then remove
C:\>NET LOCALGROUP guests spud /delete
C:\>NET LOCALGROUP spud /delete
8. Network Messaging
NET NAME, SEND
The NET Command is used to send network messages as follows:
Network broadcast messages use "messaging names". A messaging name can be the ComputerName, your UserName or any other name you add as part of the NET NAME command line.
To send a broadcast message to another user
NET SEND j_smith Meeting changed to 3 p.m
To send a broadcast message to another machine
NET SEND mc_144 Meeting changed to 3 p.m
To send a message to all users who have a session with the server
NET SEND /USERS This server will shut down in 5 minutes.
To send a broadcast message to the whole domain
NET SEND * This server will shut down in 5 minutes.
To send a broadcast message to another domain
NET SEND /DOMAIN[:other domainname] This server will shut down in 5 minutes.
Messaging names:
To add an additional messaging name (for receiving messages.)
NET NAME extraname /ADD
To remove a messaging name (n.b. it is not possible to remove the ComputerName with this command)
NET NAME extraname /DELETE
To use NET SEND the Messenger service must be running, many organisations choose not to run this service.
9. Help
NET HELP, HELPMSG
The NET Command is used to display help as follows:
The syntax for displaying help differs from other NT commands:
Provide brief help with any NET command
NET option suboption /?
e.g.
NET CONFIG SERVER /?
Provide detailed help with any NET command
NET option suboption /HELP
or
NET HELP option suboption
e.g.
NET CONFIG SERVER /HELP
NET HELP CONFIG SERVER
To provide help with a Windows error message (Typically the 4 digit number from the Event Viewer system log)
NET HELPMSG message#
e.g.
NET HELPMSG 2184
Explanation of how to read NET HELP screens.
NET HELP SYNTAX
To display NET Help one screen at a time:
NET HELP option | MORE
10. Network configuration
NET COMPUTER, CONFIG_WORKSTATION, CONFIG_SERVER, STATISTICS_WORKSTATION, STATISTICS_SERVER
The NET Command is used to manage network resources as follows:
Managing Network configuration
To add a computer to the domain
NET COMPUTER \\ComputerName /ADD
This command is only available from the Server and is best run from the Primary Domain Controller (PDC)
To remove a computer from the domain
NET COMPUTER \\ComputerName /DEL
This command is only available from the Server and is best run from the Primary Domain Controller (PDC)
Change the idle session timeout (default = 15 minutes)
NET CONFIG SERVER /Autodisconnect:mm
To disable idle timeouts altogether
NET CONFIG SERVER /Autodisconnect:-1
Note this may reduce overall performance - see related KBase articles below.
To hide a machine from Network Neighbourhood (by not sending announcements to domain browsers you may reduce network traffic.)
NET CONFIG SERVER /hidden:yes
Change the comment displayed in My Computer (detail view)
NET CONFIG SERVER /Srvcomment:"YourText"
Display or change the Workstation Service communication device settings
NET CONFIG WORKSTATION /?
Display statistics
NET STATISTICS WORKSTATION
NET STATISTICS SERVER
Note: When you use NET commands in a batch file, you can use the Y or N switch to unconditionally answer Yes or No to questions returned by the Net command
ARP.exe
ARP - Address Resolution Protocol
Display and modify the IP-to-Physical address translation tables used by address resolution protocol.
Syntax
View the contents of the local ARP cache table
ARP -a [ip_addr] [-N if_addr]
Add a static Arp entry for frequent accessed hosts
ARP -s ip_addr eth_addr [if_addr]
Delete an entry
ARP -d ip_addr [if_addr]
Key
-a Display current ARP entries.
May include more than one network interface.
If ip_addr is specified, the IP and Physical
addresses for only the specified computer are displayed.
-g Same as -a.
-N if_addr Display the ARP entries for the network interface specified
by if_addr.
-d ip_addr Delete the host specified by ip_addr.
-d * will delete all hosts.
-s Add the host and associates the Internet address ip_addr
with the Physical address eth_addr. The Physical address is
given as 6 hexadecimal bytes separated by hyphens. The entry
is permanent.
eth_addr Specifies a physical address.
if_addr If present, this specifies the Internet address of the
interface whose address translation table should be modified.
If not present, the first applicable interface will be used.
If two hosts on the same sub-net cannot ping each other successfully, try running ARP -a to list the addresses on each computer to see if they have the correct MAC addresses.
A host's MAC address can be checked using IPCONFIG. If another host with a duplicate IP address exists on the network, the ARP cache may have had the MAC address for the other computer placed in it. ARP -d is used to delete an entry that may be incorrect.
Examples
Display the ARP cache tables for all interfaces:
C:\> arp -a
Display the ARP cache table for the interface on IP address 10.1.4.99:
C:\> arp -a -N 10.1.4.99
Add a static ARP cache entry on IP addr 10.1.4.77 to the physical address 00-AA-21-4A-2F-9A:
C:\> arp -s 10.1.4.77 00-AA-21-4A-2F-9A
BROWSTAT.exe (Resource Kit)
Get domain, browser and PDC info.
Syntax
BROWSTAT option
Options:
BROWSTAT Dumpnet
BROWSTAT dn : Display the transports bound to browser
BROWSTAT GetPdc Transport Domain
BROWSTAT gp Transport Domain : List the PDC name (via NetBIOS)
BROWSTAT GetMaster Transport Domain
BROWSTAT gm Transport Domain : List the remote Master Browser name(via NetBIOS)
BROWSTAT Getblist Transport
BROWSTAT gb Transport : List the backup DNS Servers.
BROWSTAT ListWfw
BROWSTAT wfw : WindowsForWorkgroups servers running browser.
BROWSTAT Stats \\ServerName
BROWSTAT sts \\ServerName : List all browser statistics
BROWSTAT Status : Display Transport,Primary DNS
BROWSTAT sta and Backup DNS servers.
BROWSTAT Status -v domain : Verbose Status Display
BROWSTAT sta -v domain include Server OS and active browsers.
BROWSTAT Tickle
BROWSTAT Tic : Force remote master to stop.
BROWSTAT Elect
BROWSTAT el : Force election on remote domain
BROWSTAT View Transport
BROWSTAT vw Transport
BROWSTAT vw Transport ‹domain›
BROWSTAT vw Transport \\Server
BROWSTAT vw Transport \\‹Server› /DOMAIN ‹DomainToQuery›
The VIEW options can enumerate server services running across a server or domain. Other Browstat features will only work only within a single network subnet. To span subnets/routers across a domain, run browstat via psexec.
In the list displays, the following flags are used:
W = Workstation NT = Windows NT
S = Server W95 = Windows95
SQL = SQLServer WFW = WindowsForWorkgroups
SS = StandardServer MFPN= MS Netware
PDC = PrimaryDomainController NV = Novell
BDC = BackupDomainController XN = Xenix
TS = Time Source
MBC = Member Server
PQ = Print Queue Server
DL = Dial-in Server
AFP = AFP Server
OSF = OSF Server
VMS = VMS Server
PBR = Potential Browser
BBR = Backup Browser,
MBR = Master Browser
DMB = DomainMaster Browser
DFS = Distributed File System
Examples
Display transports:
C:\>browstat dn
List of transports currently bound to the browser
1 \Device\NetBT_Tcpip_{B1AFFCA2-6410-4644-9FE7-BA6C274FD4F3}
List the backup DNS servers for transport #1:
C:\>browstat gb 1
Browser: \\PC00096
Browser: \\PC00082
List Print queues for transport #1:
C:\> BROWSTAT vw 1 |find "PQ"
NETDOM.exe (Windows Server 2003/2008)
Domain Manager - Manage Machine Accounts and Passwords. NetDom is available as part of the RSAT feature on a Windows 7 / 2008 R2 server (or by default, with the AD DS or AD LDS server roles.)
Syntax
NETDOM ADD Add a workstation or server account to the domain
NETDOM COMPUTERNAME Manage computer names
NETDOM HELP
NETDOM JOIN Join a workstation or member server to the domain
NETDOM MoveNT4BDC Rename an NT4 backup domain controller
NETDOM MOVE Move a workstation or member server to a new domain
NETDOM QUERY Query the domain for information
NETDOM TRUST Manage or verify the trust relationship between domains
NETDOM REMOVE Remove a workstation or server from the domain.
NETDOM RENAMECOMPUTER Rename a computer.
NETDOM RESETPWD Reset the machine account password for a domain controller
NETDOM RESET Reset the secure connection between a workstation and a DC
NETDOM VERIFY Verify the secure connection between a workstation and a DC
NETSTAT.exe
Display current TCP/IP network connections and protocol statistics.
Syntax
NETSTAT [options] [-p protocol] [interval]
Key -a Display All connections and listening ports.
-e Display Ethernet statistics. (may be combined with -s)
-n Display addresses and port numbers in Numerical form.
-r Display the Routing table.
-o Display the Owning process ID associated with each connection.
-b Display the exe involved in creating each connection or listening port.*
-v Verbose - use in conjunction with -b, to display the sequence of components involved for all executables.
-p protocol
Show only connections for the protocol specified;
may be any of: TCP, UDP, TCPv6 or UDPv6.
If used with the -s option then the following protocols
may also be specified: IP, IPv6, ICMP,or ICMPv6.
-s Display per-protocol statistics. By default, statistics are
shown for IP, IPv6, ICMP, ICMPv6, TCP, TCPv6, UDP, and UDPv6;
(The v6 protocols are not available under 2k and NT4)
The -p option may be used to display just a subset of these.
interval Redisplay statistics, pausing interval seconds between
each display. (default=once only) Press CTRL+C to stop.
NSLOOKUP (TCP/IP)
Lookup IP addresses on a NameServer.
Syntax
Lookup the ip address of MyHost:
NSLOOKUP [-option] MyHost
Lookup ip address of MyHost on MyNameServer:
NSLOOKUP [-option] MyHost MyNameServer
Enter "command mode":
NSLOOKUP
Command Mode options:
help or ? - print a list of Command Mode options
exit or ^C - exit "command mode"
set all - print options, current server and host
finger [USER] - finger the optional NAME at the current default host
MyHost - print ip address of MyHost
MyHost MyNameServer - print ip address of MyHost on MyNameServer
set [no]debug - print debugging info
set [no]d2 - print exhaustive debugging info
set domain=NAME - set default domain name to NAME
set root=NAME - set root server to NAME
root - set current default server to the root
server NAME - set default server to NAME, using current default server
lserver NAME - set default server to NAME, using initial server
set srchlist=N1[/N2/.../N6] - set domain to N1 and search list to N1, N2,...
set retry=X - set number of retries to X
set timeout=X - set initial time-out interval to X seconds
set [no]defname - append domain name to each query
set [no]recurse - ask for recursive answer to query
set [no]search - use domain search list
set [no]vc - always use a virtual circuit
set class=X - set query class (for example, IN (Internet), ANY)
set [no]msxfr - use MS fast zone transfer
set ixfrver=X - current version to use in IXFR transfer request
set type=X - set query type
set querytype=X - set query type
(e.g. A, ANY, CNAME, MX, NS, PTR, SOA, SRV)
ls [opt] DOMAIN [> FILE] - list addresses in DOMAIN
(and optionally output to FILE)
-d - list all records
-t TYPE - list records of the given Type (for example, A, CNAME,
MX, NS, PTR, and so on)
-a - list Aliases and canonical names.
view FILE - sort an 'ls' output file and view it with pg
Example:
C:\> nslookup -querytype=TXT -timeout=10 porttest.dns-oarc.net
PATHPING
Trace route and provide network latency and packet loss for each router and link in the path. Combines the functionality of PING and TRACERT.
Syntax
PATHPING [-n] [-h max_hops] [-g host_list] [-p period]
[-q num_queries] [-w timeout] [-i IPAddress] [-4 ] [-6 ][TargetName]
Key
-g host_list - Loose source route along host-list.
-h max_hops - Maximum number of hops to search for target.
-i address - Use the specified source address.
-n - Do not resolve addresses to hostnames.
-p period - Wait period milliseconds between pings.
-q num_queries - Number of queries per hop.
-w timeout - Wait timeout milliseconds for each reply.
-P - Test for RSVP PATH connectivity.
-R - Test if each hop is RSVP aware.
-T - Test connectivity to each hop with Layer-2 priority tags.
-4 - Force using IPv4.
-6 - Force using IPv6.
Pathping is invaluable for determining which routers or subnets may be having network problems - it displays the degree of packet loss at any given router or link.
Pathping sends multiple Echo Request messages to each router between a source and destination over a period of time and computes aggregate results based on the packets returned from each router.
Pathping performs the equivalent of the tracert command by identifying which routers are on the path.
To avoid network congestion and to minimize the effect of burst losses, pings should be sent at a sufficiently slow pace (not too frequently.)
When -p is specified, pings are sent individually to each intermediate hop. When -w is specified, multiple pings can be sent in parallel. It's therefore possible to choose a Timeout parameter that is less than the wait Period * Number of hops.
FirewallsLike tracert PathPing uses Internet Control Message Protocol (ICMP) over TCP/IP. Many firewalls will block ICMP traffic by default. If an attacker is able to forge ICMP redirect packets, he or she can alter the routing tables on the host and possibly subvert the security of the host by causing traffic to flow via a path you didn't intend.
PsPing (PsTools)
Measure network performance. In addition to standard ICMP ping functionality, PsPing can report the latency of connecting to TCP ports, the latency of TCP round-trip communication between systems, and the TCP bandwidth available to a connection between systems. Besides obtaining min, max, and average values in 0.01ms resolution, you can also use PsPing to generate histograms of the results that are easy to import into a spreadsheet.
Syntax (ICMP ping)
psping [[-6]|[-4]] [-h [buckets]] [-i interval] [-l requestsize
[-q] [-t|-n count] [-w count] destination
Key
-h Print histogram (default bucket count is 20).
-i Interval in seconds. Specify 0 for fast ping.
-l Request size.
-n Number of pings.
-q Don't output during pings.
-t Ping until stopped with Ctrl+C and type Ctrl+Break for statistics.
-w Warmup with the specified number of iterations (default is 1).
-4 Force using IPv4.
-6 Force using IPv6. For high-speed ping tests use -q and -i 0.
-? I Usage for ICMP ping.
Syntax (TCP ping)
psping [[-6]|[-4]] [-h [buckets]] [-i interval] [-l requestsize
[-q] [-t|-n count] [-w count] destination:destport
Key
-h Print histogram (default bucket count is 20).
-i Interval in seconds. Specify 0 for fast ping.
-l Request size.
-n Number of pings.
-q Don't output during pings.
-t Ping until stopped with Ctrl+C and type Ctrl+Break for statistics.
-w Warmup with the specified number of iterations (default is 1).
-4 Force using IPv4.
-6 Force using IPv6. For high-speed ping tests use -q and -i 0.
-? T Usage for TCP ping.
Syntax (TCP latency)
server: psping [[-6]|[-4]] -s source:sourceport client: psping
[[-6]|[-4]] [-h [buckets]] [-r] -l requestsize]
-n count [-w count] destination:destport
Key
-h Print histogram (default bucket count is 20).
-l Request size.
-n Number of sends/receives.
-r Receive from the server instead of sending.
-w Warmup with the specified number of iterations (default is 5).
-4 Force using IPv4.
-6 Force using IPv6.
-? L Usage for Latency test.
The server can serve both latency and bandwidth tests and remains active until you terminate it with Control-C.
Syntax (TCP bandwidth)
server: psping [[-6]|[-4]] -s source:sourceport client: psping
[[-6]|[-4]] -b [-h [buckets]] [-r] -l requestsize -n count
[-i outstanding] [-w count] destination:destport
Key
-b Bandwidth test.
-h Print histogram (default bucket count is 20).
-i Number of outstanding I/Os (default is min of 16 and 2x CPU cores).
-l Request size.
-n Number of sends/receives.
-r Receive from the server instead of sending.
-w Warmup for the specified iterations (default is 2x CPU cores).
-4 Force using IPv4.
-6 Force using IPv6.
-? B Usage for Bandwidth test.
The server can serve both latency and bandwidth tests and remains active until you terminate it with Control-C.
Installation: Copy PsPing onto your executable path. Typing "psping" will display help.
Examples:
Execute an ICMP ping test for 10 iterations with 3 warmup iterations:
psping -n 10 -w 3 workstation64
To execute a TCP connect test, specify the port number. The following command executes connect attempts against the target as quickly as possible, only printing a summary when finished with the 100 iterations and 1 warmup iteration:
psping -n 100 -i 0 -q workstation64:80
To configure a server for latency and bandwidth tests, simply specify the -s option and the source address and port the server will bind to:
psping -s 10.5.2.2:5000
A buffer size is required to perform a TCP latency test. This example measures the round trip latency of sending an 8KB packet to the target server, printing a histogram with 100 buckets when completed:
psping -l 8192 -n 10000 -h 100 192.168.2.2:5000
This is the same command except with a -b option, which executed against the same server performs a bandwidth test. Note that the test must run for at least one second after warmup for a histogram to generate:
psping -b -l 8192 -n 10000 -h 100 192.168.2.2:5000
PING
Test a network connection - if successful, ping returns the ip address.
Syntax
PING [options] destination_host
Options
-w timeout Timeout in milliseconds to wait for each reply.
-i TTL Time To Live.
-v TOS Type Of Service.
-a Resolve addresses to hostnames.
-n count Number of echo requests to send.
-t Ping the destination host until interrupted.
To see statistics and continue type Control-Break;
To stop type Control-C.
-l size Send buffer size.
-f Set don’t Fragment flag in packet (IPv4-only).
-r count Record route for count hops (IPv4-only).
-s count Timestamp for count hops (IPv4-only).
-j host_list Loose source route along host_list (IPv4-only).
-k host_list Strict source route along host_list (IPv4-only).
destination_host The name of the remote host
-R Use routing header to test reverse route also (IPv6-only).
-S srcaddr Source address to use.
-4 Force using IPv4.
-6 Force using IPv6.
A response of "Request timed out" means there was no response to the ping attempt in the default time period of one second.
If the latency of the response is more than one second. Use the -w option on the ping command to increase the time-out. For example, to allow responses within five seconds, use ping -w 5000.
The IPv6 options are only available on versions of Windows that support IPv6, e.g. Windows 7 /2008
A successful PING does NOT always return an %errorlevel% == 0
Therefore to reliably detect a successful ping - pipe the output into FIND and look for the text "TTL"
Note that "Reply" in the output of PING does not always indicate a positive response. You may receive a message from a router such as: Reply from 192.168.1.254: Destination Net Unreachable.
Four steps to test an IP connection with ping:
1) Ping the loopback address to verify that TCP/IP is installed and configured correctly on the local computer.
PING 127.0.0.1
2) Ping the IP address of the local computer to verify that it was added to the network correctly.
PING IP_address_of_local_host
3) Ping the IP address of the default gateway to verify that the default gateway is functioning and that you can communicate with a local host on the local network.
PING IP_address_of_default_gateway
4) Ping the IP address of a remote host to verify that you can communicate through a router.
PING IP_address_of_remote_host
Examples
Ping a server just once:
PING -n 1 Server64
Check if a host is reachable:
PING Server64 |find "TTL=" && ECHO MyHost found
Check if a host is not reachable:
PING Server64 |find "TTL=" || ECHO MyHost not found
Test which iSCSI IP on a specific NIC is functioning or if a specific teamed NIC is operating as it should:
Ping –S (Source IP: XXX.XXX.XXX.XXX) (Destination IP: XXX.XXX.XXX.XXX)
Ping –S 10.5.7.64 10.5.7.1
Ping a website 5 times:
PING -n 5 -w 7500 www.microsoft.com
PAUSE for 1 or more seconds by pinging the loopback address (127.0.0.1):
e.g. for a delay of 30 seconds:
PING -n 31 127.0.0.1>nul
In tests this consumes less processor time than Sleep or Timeout - see Clay Calvert's original newsgroup posting.
Script to monitor your connection to a website (example.com) every 15 seconds:
@Echo off
Echo Logging ping responses, press CTRL-C to stop
:start
Ping -n 1 example.com | find "TTL=" >>c:\pingtest.txt
Echo .
Ping -n 16 127.0.0.1>nul
goto start
The script above can be used to test an Internet connection, just replace example.com with your ISP's Default Gateway IP address. This represents the first physical device on the ISP's side of your connection. You can find the Default Gateway on your router status screen.
Note: some ISP’s or network admins may not appreciate you performing frequent or continual pings to their server, try not to overdo it!
PING is named after the sound that a sonar makes.
Ping response times below 10 milliseconds often have low accuracy. A time of 10 milliseconds is roughly equal to a distance of 1860 Miles, travelling a straight line route at the speed of light, (or a round trip of 2 × 930 miles). From this you can see that Ping response times only give a very rough estimate of the distance to a remote host.
ROUTE.exe
Manipulate network routing tables. Route packets of network traffic from one subnet to another by modifying the route table.
Syntax
Display route details:
ROUTE [-f] PRINT [destination_host] [MASK subnet_mask_value] [gateway]
[METRIC metric] [IF interface_no.]
Add a route:
ROUTE [-f] [-p] ADD [destination_host] [MASK subnet_mask_value] [gateway]
[METRIC metric] [IF interface_no.]
Change a route:
ROUTE [-f] CHANGE [destination_host] [MASK subnet_mask_value] [gateway]
[METRIC metric] [IF interface_no.]
Delete a route:
ROUTE [-f] DELETE [destination_host] [MASK subnet_mask_value] [gateway]
[METRIC metric] [IF interface_no.]
Key
-f Clear (flush) the routing tables of all gateway entries. If this is
used in conjunction with one of the commands, the tables are
cleared prior to running the command.
destination_host
The address (or set of addresses) that you want to reach.
-p Create a persistent route - survives system reboots.
(not supported in Windows 95)
subnet_mask_value
The subnet mask value for this route entry.
This defines how many addresses are there.
If not specified, it defaults to 255.255.255.255.
gateway The gateway.
interface The interface number (1,2,...) for the specified route.
If the option `IF interface_no` is not given, ROUTE will try
to find the best interface available.
metric The metric, ie. cost for the destination.
Note that routes added to the table are not made persistent unless the -p switch is specified. Non-persistent routes only last until the computer is rebooted.
Symbolic names used for Destination_Host are looked up in the network database file NETWORKS.
The symbolic names for gateway are looked up in the host name database file HOSTS.
If the command is PRINT or DELETE. Destination or gateway can be a wildcard ('*'), or the gateway argument may be omitted.
An IP address mask of 0.0.0.0 means everything. (rather like the *.* wildcard). In other words it says: When matching this pattern, don’t worry about matching any of the bits - everything matches.
If Destination_Host contains a * or ?, it is treated as a shell pattern, and only matching destination routes are printed. The '*' matches any string, and '?' matches any one char.
Examples:
157.*.1
157.*
127.*
*224*
TRACERT
Trace Route - Find the IP address of any remote host. TRACERT is useful for troubleshooting large networks where several paths can be taken to arrive at the same point, or where many intermediate systems (routers or bridges) are involved.
Syntax TRACERT [options] target_name
Key
target_name The HTTP or UNC name of the host
Options:
-d Do not resolve addresses to hostnames.
(avoids performing a DNS lookup)
-h max_hops Maximum number of hops to search for target.(default=30)
-j host-list Trace route along given host-list.
up to 9 hosts in dotted decimal notation, separated by spaces.
-w timeout Wait timeout milliseconds for each reply.
The functionality of TRACERT is the same under all versions of windows but the output is cosmetically improved under XP.
Tracert uses the IP TTL field and ICMP error messages to determine the route from one host to another through a network.
Care must be taken with tracert as it shows the optimal route, not necessarily the actual route. To be accurate, it is possible to ping from a UNIX machine back to the PC using the -R option to record the route taken - but only if the particular network devices support it.
This diagnostic tool determines the path taken to a destination by sending ICMP Echo Request messages with varying Time to Live (TTL) values to the destination.
TTL (Time to Live) calculation
TTL is effectively a count of the (maximum) number of links to the destination host. Each router along the path decrements the TTL in an IP packet by at least 1 before forwarding it.
When the TTL on a packet reaches 0, the router is expected to return an ICMP Time Exceeded message to the source computer.
Tracert determines the path by sending the first Echo Request message with a TTL of 1 and incrementing the TTL by 1 on each subsequent transmission until either the target host responds or the maximum number of hops is reached.
This process relys on intermediate routers to return ICMP Time Exceeded messages. However, some routers do not return Time Exceeded messages for packets with expired TTL values and are invisible to the tracert command. In this case, a row of asterisks (*) is displayed for that hop.
FirewallsMany firewalls will block ICMP traffic by default. If an attacker is able to forge ICMP redirect packets, he or she can alter the routing tables on the host and possibly subvert the security of the host by causing traffic to flow via a path you didn't intend.
Examples
TRACERT www.doubleclick.net
TRACERT 123.45.67.89
TRACERT local_server
No comments:
Post a Comment