basic network commands & network types Flashcards
one of the most basic tools for testing connectivity to other hosts. It sends an internet control message protocol (ICMP) echo request to a host and listens for the reply. If a reply is received, it will display the time it took and the time to live (TTL) left. has many options for setting attributes of the request, like the maximum TTL, IPv4/IPv6, and the number of requests to send. is useful in troubleshooting connectivity with other devices. If a reply is not received, you will receive a timeout message, which could indicate connectivity issues, firewall issues, or both issues with the other device. In addition, due to the time to get a response, the latency between two devices can be measured, enabling a network engineer to troubleshoot performance problems or a network architect to determine where to place devices to minimize response time to other systems and users.
ping
used to trace the route an IP packet takes to a destination. It displays each hop (next router) in a numerical list with the hop’s IP address and the time it takes to receive the packet. The command used to trace the route an IP packet takes to a destination. It displays each hop (next router) in a numerical list with the hop’s IP address and the time it takes to receive the packet. It can be useful in determining where a ping fails, troubleshooting performance issues, and other aspects regarding connectivity.
Traceroute and tracert
used for linux systems to trace the route
command traceroute
used for windows system to trace the route
tracert
it displays the path taken by a packet from its source to its destination. useful because it can be used by any user instead of needing superuser privileges. It is primarily used in Linux.
tracepath
provides the user with the IP, subnet mask, and default gateway for each network adapter by default with the /all option information, such as MAC address, DHCP status, and lease information.
ipconfig
The command ipconfig/release can be used to release all connections and renew all adapters. It is primarily used in Windows.
used to configure the kernel network interfaces. It is implemented at the time of booting to configure the necessary interfaces. Once the interfaces are configured, it is used for debugging or tuning the system. It is primarily used in Linux.
ifconfig
displays the IP to physical (MAC) address mappings for hosts that have been discovered in the ___ cache. can be used to add, remove, or modify entries in the __ cache. The hosts need to be on the local network, as these addresses are discovered by broadcasting to everyone on the network and noting the reply from the owner; broadcast traffic is not allowed through a router so that the system will maintain the MAC address of the router.
ARP (Address Resolution Protocol)
displays information about active ports and their state and can be useful in troubleshooting and capacity management. The command ___ -r displays routing information for network adapters. It is available in Windows, MacOS, and Linux.
netstat (network statistics)
displays information for displaying DNS information and troubleshooting DNS problems. It is useful in displaying names to IP address mappings.
Nslookup (name server lookup)
used to query the DNS name servers. It is helpful in troubleshooting DNS problems. It is also used for lookups and will display answers from the query. It is a replacement for nslookup.
Dig (domain information groper)
ool most often used to look up who owns a domain or block of IP addresses on the internet, including name, email address, and physical address. However, there are many privacy options that hide this information from being returned. It is primarily used in Linux.
Whois
used to display the current route tables on a host. can also be used to add or remove routes. This is used by the local host to determine where to send traffic (0.0.0.0 means the default gateway, where the router sends things if it is not otherwise defined in the routing table).
route
used to securely copy files between servers, leveraging SSH (secure shell) for authentication and encryption.
SCP (Secure Copy Protocol)
copies the file from one host to another host. The data is unencrypted. If encryption is needed, FTPS uses SSL/TLS (Secure Sockets Layer, replaced by Transport Layer Security; the same encryption used in https). Transfer uses TCP (transmission control protocol) for reliability and is often used on the internet and other wide-area networks, where errors may be more common.
FTP (file transfer protocol)
transfers a file from either a client to a server or from a server to a client using UDP (user datagram protocol) instead of TCP, and so it is usually used on reliable (local) networks.
TFTP (trivial file transfer protocol)
displays information about a user or users on a remote system, including things such as last log-in time and username. It is primarily used in Linux.
finger
scans networks to see what it can find in terms of hosts and open ports (including well-known ones for many applications). It is commonly used to determine what is deployed on a network for vulnerability analysis, security scans, and related activities. Nmap is not native to either Linux or Windows but can be downloaded for free and used with both.
Nmap (Network Mapper)
displays TCP/IP packets and other network packets that are being transmitted over the network system. It is a form of protocol analyzer (sometimes called a sniffer) and is designed to show the contents of network packets in human-readable form for troubleshooting, security analysis, etc. is not native to either Linux or Windows but can be downloaded for free and used with both.
Tcpdump
allow a user to manage accounts and devices remotely. The main difference between the two is that SSH is encrypted, and thus all data is secure from eavesdropping, while telnet is unencrypted.
Telnet and SSH (secure shell)
An organization needs to perform an analysis to identify vulnerabilities such as open firewall ports, unauthorized operating systems or device types, and weak passwords. Which tool is recommended?
nmap
can perform many types of vulnerability scans by sending specially crafted data packets and learning about the target(s) based on the responses of the target(s).
A server administrator is tasked to harden the database servers, and one of the requirements is to document any firewall ports that are open and closed. Which native Windows command line utility should the administrator use?
netstat
Which command should be run in Linux to ping an IP address 192.168.0.15 eight times before it automatically terminates the process?
ping -c 8 192.168.0.15
The -c switch is used in Linux to limits the number of pings within a single session. In this example, the ping command attempts transmission eight times and is the correct answer.
is a network that is centered around a person and their devices. allows for various devices, such as a person’s desktop computer, laptop, smartphone, tablet, headphones, wireless keyboard and mouse, and speakers to communicate with each other, often over Bluetooth in the case of wireless connections or USB in the case of wired connections. can be used to enable communication between the devices, such as a device sending music to speakers or headphones, or can be used as a jumping-off point for other devices to a network gateway, such as when a mobile phone acts as a Wi-Fi hotspot for other devices.
personal area network, or PAN
