Wednesday 14 December 2011

TCP/IP Utilities

You can use several utilities to verify TCP/IP function on Windows workstations:

Using the arp utility:
  1. Choose Start--->Run and enter cmd to open the MS-DOS Prompt window.
  2. type "arp -a", you'll get.


The arp utility is primarily useful for resolving duplicate IP addresses. For example, your workstation receives its IP address from a DHCP server, but it accidentally receives the same address as another workstation. Your workstation is trying to determine the MAC address, and it can't do so because two machines are reporting that they have the sane IP address. To display the entire current ARP table, use arp command with -a switch.

Using the netstat Utility:
  1. Open MS-DOS Prompt window
  2. enter "netstat /?", it will show all its coll switches and its functions.
'netstat' with switch '-a' is normally used to get a list of open ports on your own system, i.e. on the local system. This can be particularly useful to check and see whether your system has a Trojan installed or not. Remember, port numbers over 1024 are used by your system to connect to remote computers.
Trojans:  Netbus uses port number 12345 (TCP) and Back Orifice uses port number 31337(UDP)
"netstat -n" is numerical form of -a, its shows ip address of local and remote systems.


Using the ping Utility: We use ping utility for two primary puurposes; to find out if you can reach a host, to find out if a host is responding.
open MS-DOS window
ping hostname or IP address


Using tracert utility : It will show you every router interface a TCP/IP packet passes through on its way to a destination.
  1. open MS-DOS window
  2. enter "tracert hostname( or host's ip address)"
  3. It will respond with a list of DNS names and IP address of routers that the packet is passing through on its way.

 Using Telnet utility:: It  is used to open terminal sessions from remote system to server, it has evolved into a troubleshooting tool.
  1. open MS-DOS, type telnet hostname(or host ip address), make sure this facility is installed in your system. If installed then jump to  4 , otherwise follow the steps.
  2. Control Panel----> Programs-----> "Turn Windows features on or off", a dialog box will appear.
  3. Select telnet client and server or any other service which you want to install.
  4. It will ask for login name and password.
  5. Once login name and password is being verified, a telnet session get established.
  6. If the host supports SSH then use putty.
  7. If the telnet service is not running at the default port number on the host, then use telnet hostname:port number command.

Using nslookup Utility: It allows you to query a name server and quickly find out which name resolves to which IP address.
  1. open MS-DOS window.
  2. enter nslookup example.com 
















Posted by at 12:35
Labels: , , , , , , ,

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)