Command List Flashcards by Tae Samuels

crc32

show data of a file in hexadecimal

How well did you know this?

Not at all

Perfectly

(win) ipconfig /all

show the network settings for the current device

C:\Users\neonb>ipconfig /all

Windows IP Configuration

Host Name . . . . . . . . . . . . : Auto
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : lan

Ethernet adapter Ethernet 2:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : ExpressVPN TAP Adapter
Physical Address. . . . . . . . . : 00-FF-32-37-BB-62
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Unknown adapter Local Area Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : ExpressVPN TUN Driver
Physical Address. . . . . . . . . :
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Local Area Connection* 11:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft Wi-Fi Direct Virtual Adapter #3
Physical Address. . . . . . . . . : 22-2B-20-CC-6C-CB
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wi-Fi 2:

Connection-specific DNS Suffix . : lan
Description . . . . . . . . . . . : Realtek RTL8821CE 802.11ac PCIe Adapter #2
Physical Address. . . . . . . . . : 20-2B-20-CC-6C-CB
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2603:7081:d00:ac29:da3b:5338:d0bc:d81c(Preferred)
IPv6 Address. . . . . . . . . . . : fd00:f405:95d6:90e3::16e2(Preferred)
Lease Obtained. . . . . . . . . . : Tuesday, May 2, 2023 4:35:52 PM
Lease Expires . . . . . . . . . . : Thursday, May 4, 2023 5:01:05 PM
IPv6 Address. . . . . . . . . . . : fd00:f405:95d6:90e3:fa02:5e52:a9c3:7fc4(Preferred)
Temporary IPv6 Address. . . . . . : 2603:7081:d00:ac29:9188:fbb3:5825:74ff(Preferred)
Temporary IPv6 Address. . . . . . : fd00:f405:95d6:90e3:9188:fbb3:5825:74ff(Preferred)
Link-local IPv6 Address . . . . . : fe80::9de2:87cb:5ca8:17b0%9(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.1.147(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Tuesday, May 2, 2023 4:35:59 PM
Lease Expires . . . . . . . . . . : Wednesday, May 3, 2023 4:01:16 PM
Default Gateway . . . . . . . . . : fe80::f605:95ff:fed6:90e5%9
192.168.1.1
DHCP Server . . . . . . . . . . . : 192.168.1.1
DHCPv6 IAID . . . . . . . . . . . : 153103136
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-2A-93-13-19-00-E0-4C-E6-55-2B
DNS Servers . . . . . . . . . . . : 2603:7081:d00:ac29::1
192.168.1.1
NetBIOS over Tcpip. . . . . . . . : Enabled

How well did you know this?

Not at all

Perfectly

shows the options for a command (cascading, it will not give you the cascades)

How well did you know this?

Not at all

Perfectly

(win) cls

clear the screen

How well did you know this?

Not at all

Perfectly

(linux) ifconfig

shows ip information for the current device

(05/03 05:43:13) cita220@cita220-vm: ~
$ ifconfig
enp0s3: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 137.37.121.40 netmask 255.255.252.0 broadcast 137.37.123.255
inet6 fe80::41e4:7f24:7b57:5a31 prefixlen 64 scopeid 0x20<link></link>
ether 08:00:27:02:a7:0c txqueuelen 1000 (Ethernet)
RX packets 24612 bytes 25589096 (25.5 MB)
RX errors 0 dropped 2 overruns 0 frame 0
TX packets 2816 bytes 303739 (303.7 KB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0

lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536
inet 127.0.0.1 netmask 255.0.0.0
inet6 ::1 prefixlen 128 scopeid 0x10<host>
loop txqueuelen 1000 (Local Loopback)
RX packets 207 bytes 18199 (18.1 KB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 207 bytes 18199 (18.1 KB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0</host>

How well did you know this?

Not at all

Perfectly

(linux) sudo ethtool enp0s3

shows the ethernet wire settings connected to the device

(05/03 05:45:47) cita220@cita220-vm: ~
$ sudo ethtool enp0s3
[sudo] password for cita220:
Settings for enp0s3:
Supported ports: [ TP ]
Supported link modes: 10baseT/Half 10baseT/Full
100baseT/Half 100baseT/Full
1000baseT/Full
Supported pause frame use: No
Supports auto-negotiation: Yes
Supported FEC modes: Not reported
Advertised link modes: 10baseT/Half 10baseT/Full
100baseT/Half 100baseT/Full
1000baseT/Full
Advertised pause frame use: No
Advertised auto-negotiation: Yes
Advertised FEC modes: Not reported
Speed: 1000Mb/s
Duplex: Full
Port: Twisted Pair
PHYAD: 0
Transceiver: internal
Auto-negotiation: on
MDI-X: off (auto)
Supports Wake-on: umbg
Wake-on: d
Current message level: 0x00000007 (7)
drv probe link
Link detected: yes

How well did you know this?

Not at all

Perfectly

(win) getmac

returns mac address information

C:\Users\neonb>getmac

Physical Address Transport Name
=================== ==========================================================
00-FF-32-37-BB-62 Media disconnected
N/A Media disconnected
20-2B-20-CC-6C-CB \Device\Tcpip_{321C9BB8-9C91-46A1-BB9F-3AD123449B61}

How well did you know this?

Not at all

Perfectly

(win) arp -a

Address Resolution Protocol (find an ip from a mac or vice versa). Shows queried mac addresses

C:\Users\neonb>arp -a

Interface: 192.168.1.147 — 0x9
Internet Address Physical Address Type
192.168.1.1 f4-05-95-d6-90-e5 dynamic
192.168.1.44 3c-9b-d6-2e-ed-9a dynamic
224.0.0.22 01-00-5e-00-00-16 static
224.0.0.251 01-00-5e-00-00-fb static
224.0.0.252 01-00-5e-00-00-fc static
239.255.255.250 01-00-5e-7f-ff-fa static
255.255.255.255 ff-ff-ff-ff-ff-ff static

How well did you know this?

Not at all

Perfectly

(linux) cntrl l

clear screen

How well did you know this?

Not at all

Perfectly

(linux) ip link

Shows the mac address (link address, ethernet address)

(05/03 05:46:19) cita220@cita220-vm: ~
$ ip link
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN mode DEFAULT group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
2: enp0s3: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP mode DEFAULT group default qlen 1000
link/ether 08:00:27:02:a7:0c brd ff:ff:ff:ff:ff:ff

How well did you know this?

Not at all

Perfectly

(linux) arp -n

Shows arp info, queued mac addresses for linux

(05/03 05:57:11) cita220@cita220-vm: ~
$ arp -n
Address HWtype HWaddress Flags Mask Iface
137.37.120.93 ether 00:50:56:0a:01:0b C enp0s3
137.37.120.1 ether 20:b3:99:57:db:b2 C enp0s3
137.37.122.20 ether 00:0c:29:a0:92:3c C enp0s3
(05/03 05:59:19) cita220@cita220-vm: ~

How well did you know this?

Not at all

Perfectly

(linux) ip n

Ip neighbor

(05/03 05:59:19) cita220@cita220-vm: ~
$ ip n
137.37.120.93 dev enp0s3 lladdr 00:50:56:0a:01:0b STALE
137.37.120.1 dev enp0s3 lladdr 20:b3:99:57:db:b2 STALE
137.37.122.20 dev enp0s3 lladdr 00:0c:29:a0:92:3c STALE

How well did you know this?

Not at all

Perfectly

(linux) sudo groupadd wireshark

adds wire shark the virtual machine

How well did you know this?

Not at all

Perfectly

(win) nslookup www.google.com

get the ip address of google . com that you are connecting to

C:\Users\neonb>nslookup www.google.com
Server: 2603-7081-0d00-ac29-0000-0000-0000-0001.res6.spectrum.com
Address: 2603:7081:d00:ac29::1

Name: www.google.com.lan
Address: 192.168.1.1

How well did you know this?

Not at all

Perfectly

(win) nslookup 2603:7081:d00:ac29::1

find the hostname from this ip address (ipv6 used in this example)

C:\Users\neonb>nslookup 2603:7081:d00:ac29::1
Server: 2603-7081-0d00-ac29-0000-0000-0000-0001.res6.spectrum.com
Address: 2603:7081:d00:ac29::1

Name: 2603-7081-0d00-ac29-0000-0000-0000-0001.res6.spectrum.com
Address: 2603:7081:d00:ac29::1

How well did you know this?

Not at all

Perfectly

(win) ipconfig /release

Study These Flashcards

release your current lease on your ip

C:\Users\neonb>ipconfig /release

Windows IP Configuration

No operation can be performed on Ethernet 2 while it has its media disconnected.
No operation can be performed on Local Area Connection* 1 while it has its media disconnected.
No operation can be performed on Local Area Connection* 2 while it has its media disconnected.

Ethernet adapter Ethernet 2:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :

Unknown adapter Local Area Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :

Wireless LAN adapter Local Area Connection* 1:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :

Wireless LAN adapter Local Area Connection* 2:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :

Wireless LAN adapter Wi-Fi:

Connection-specific DNS Suffix . :
IPv6 Address. . . . . . . . . . . : 2603:7081:d00:ac29:a9fc:2293:5229:c208
IPv6 Address. . . . . . . . . . . : fd00:f405:95d6:90e3::16e2
IPv6 Address. . . . . . . . . . . : fd00:f405:95d6:90e3::16e3
IPv6 Address. . . . . . . . . . . : fd00:f405:95d6:90e3:9e00:6bc2:feee:48b1
Temporary IPv6 Address. . . . . . : 2603:7081:d00:ac29:9547:936c:385f:59f5
Temporary IPv6 Address. . . . . . : fd00:f405:95d6:90e3:9547:936c:385f:59f5
Link-local IPv6 Address . . . . . : fe80::89db:49a4:1a4f:19c0%15
Default Gateway . . . . . . . . . : fe80::f605:95ff:fed6:90e5%15

(win) ipconfig /renew

Study These Flashcards

Renew your ip lease

C:\Users\neonb>ipconfig /renew

Windows IP Configuration

No operation can be performed on Ethernet 2 while it has its media disconnected.
No operation can be performed on Local Area Connection while it has its media disconnected.
No operation can be performed on Local Area Connection* 1 while it has its media disconnected.
No operation can be performed on Local Area Connection* 2 while it has its media disconnected.

Ethernet adapter Ethernet 2:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :

Unknown adapter Local Area Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :

Wireless LAN adapter Local Area Connection* 1:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :

Wireless LAN adapter Local Area Connection* 2:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :

Wireless LAN adapter Wi-Fi:

Connection-specific DNS Suffix . : lan
IPv6 Address. . . . . . . . . . . : 2603:7081:d00:ac29:a9fc:2293:5229:c208
IPv6 Address. . . . . . . . . . . : fd00:f405:95d6:90e3::16e2
IPv6 Address. . . . . . . . . . . : fd00:f405:95d6:90e3::16e3
IPv6 Address. . . . . . . . . . . : fd00:f405:95d6:90e3:9e00:6bc2:feee:48b1
Temporary IPv6 Address. . . . . . : 2603:7081:d00:ac29:9547:936c:385f:59f5
Temporary IPv6 Address. . . . . . : fd00:f405:95d6:90e3:9547:936c:385f:59f5
Link-local IPv6 Address . . . . . : fe80::89db:49a4:1a4f:19c0%15
IPv4 Address. . . . . . . . . . . : 192.168.1.147
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : fe80::f605:95ff:fed6:90e5%15
192.168.1.1

(win) ping www.youtube.com

Study These Flashcards

send data to youtube and try to establish connection with that website. You will get a good or bad response

C:\Users\neonb>ping www.youtube.com

Pinging youtube-ui.l.google.com [2607:f8b0:4006:822::200e] with 32 bytes of data:
Reply from 2607:f8b0:4006:822::200e: time=348ms
Reply from 2607:f8b0:4006:822::200e: time=194ms
Reply from 2607:f8b0:4006:822::200e: time=188ms
Reply from 2607:f8b0:4006:822::200e: time=39ms

Ping statistics for 2607:f8b0:4006:822::200e:
Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 39ms, Maximum = 348ms, Average = 192ms

(win) ping 2603:7081:d00:ac29::1

Study These Flashcards

send data to this ip address and see if it responds

C:\Users\neonb>ping 2603:7081:d00:ac29::1

Pinging 2603:7081:d00:ac29::1 with 32 bytes of data:
Reply from 2603:7081:d00:ac29::1: time=283ms
Reply from 2603:7081:d00:ac29::1: time=10ms
Reply from 2603:7081:d00:ac29::1: time=10ms
Reply from 2603:7081:d00:ac29::1: time=10ms

Ping statistics for 2603:7081:d00:ac29::1:
Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 10ms, Maximum = 283ms, Average = 78ms

(win) tracert www.youtube.com

Study These Flashcards

trace the ip route from your device to youtube.com servers

C:\Users\neonb>tracert www.youtube.com

Tracing route to youtube-ui.l.google.com [2607:f8b0:4006:808::200e]
over a maximum of 30 hops:

1 49 ms 5 ms 7 ms 2603-7081-0d00-ac29-0000-0000-0000-0001.res6.spectrum.com [2603:7081:d00:ac29::1]
2 16 ms 15 ms 11 ms 2603-90c5-0005-0116-0000-0000-0000-0001.inf6.spectrum.com [2603:90c5:5:116::1]
3 316 ms 318 ms 319 ms lag-62.ptsdny1602h.netops.charter.com [2604:6000:0:4:0:2003:0:1586]
4 22 ms 75 ms 296 ms lag-90.mcr11esyrnyaw.netops.charter.com [2604:6000:0:4:0:2003:0:16fe]
5 * * * Request timed out.
6 * * * Request timed out.
7 37 ms 40 ms 34 ms 2001:1998:0:8::60d
8 37 ms 35 ms 35 ms 2607:f8b0:8320::1
9 37 ms 34 ms 35 ms 2001:4860:0:1::5686
10 42 ms 36 ms 40 ms 2001:4860:0:100e::1b
11 45 ms 43 ms 43 ms 2001:4860::c:4002:a0c1
12 42 ms 43 ms 41 ms 2001:4860::c:4002:6522
13 42 ms 142 ms 263 ms 2001:4860::9:4003:205d
14 64 ms 60 ms 109 ms 2001:4860::12:0:bafd
15 42 ms * * 2001:4860:0:1::68b
16 45 ms 203 ms 51 ms lga25s70-in-x0e.1e100.net [2607:f8b0:4006:808::200e]

Trace complete.

(win) route print

Study These Flashcards

C:\Users\neonb>route print

displays the best ip path currently

Interface List
10…00 ff 32 37 bb 62 ……ExpressVPN TAP Adapter
12………………………ExpressVPN TUN Driver
16…22 2b 20 cc 6c cb ……Microsoft Wi-Fi Direct Virtual Adapter
22…a2 2b 20 cc 6c cb ……Microsoft Wi-Fi Direct Virtual Adapter #2
15…20 2b 20 cc 6c cb ……Realtek RTL8821CE 802.11ac PCIe Adapter
1………………………Software Loopback Interface 1
====================================

Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.1.1 192.168.1.147 35
127.0.0.0 255.0.0.0 On-link 127.0.0.1 331
127.0.0.1 255.255.255.255 On-link 127.0.0.1 331
127.255.255.255 255.255.255.255 On-link 127.0.0.1 331
192.168.1.0 255.255.255.0 On-link 192.168.1.147 291
192.168.1.147 255.255.255.255 On-link 192.168.1.147 291
192.168.1.255 255.255.255.255 On-link 192.168.1.147 291
224.0.0.0 240.0.0.0 On-link 127.0.0.1 331
224.0.0.0 240.0.0.0 On-link 192.168.1.147 291
255.255.255.255 255.255.255.255 On-link 127.0.0.1 331
255.255.255.255 255.255.255.255 On-link 192.168.1.147 291
====================================
Persistent Routes:
None

Active Routes:
If Metric Network Destination Gateway
15 51 ::/0 fe80::f605:95ff:fed6:90e5
1 331 ::1/128 On-link
15 51 2603:7081:d00:ac29::/64 On-link
15 291 2603:7081:d00:ac29::/64 fe80::f605:95ff:fed6:90e5
15 291 2603:7081:d00:ac29:9547:936c:385f:59f5/128
On-link
15 291 2603:7081:d00:ac29:a9fc:2293:5229:c208/128
On-link
15 51 fd00:f405:95d6:90e3::/64 On-link
15 291 fd00:f405:95d6:90e3::16e2/128
On-link
15 291 fd00:f405:95d6:90e3::16e3/128
On-link
15 291 fd00:f405:95d6:90e3:9547:936c:385f:59f5/128
On-link
15 291 fd00:f405:95d6:90e3:9e00:6bc2:feee:48b1/128
On-link
15 291 fe80::/64 On-link
15 291 fe80::89db:49a4:1a4f:19c0/128
On-link
1 331 ff00::/8 On-link
15 291 ff00::/8 On-link
====================================
Persistent Routes:
None

(linux) nslookup www.amazon.com

Study These Flashcards

lookup ip information for your device and the server for amazon.com that is serving you currently

$ nslookup www.amazon.com
Server: 127.0.0.53
Address: 127.0.0.53#53

Non-authoritative answer:
www.amazon.com canonical name = tp.47cf2c8c9-frontier.amazon.com.
tp.47cf2c8c9-frontier.amazon.com canonical name = d3ag4hukkh62yn.cloudfront.net.
Name: d3ag4hukkh62yn.cloudfront.net
Address: 108.138.115.136
Name: d3ag4hukkh62yn.cloudfront.net
Address: 2600:9000:24f1:a400:7:49a5:5fd2:8621
Name: d3ag4hukkh62yn.cloudfront.net
Address: 2600:9000:24f1:6200:7:49a5:5fd2:8621
Name: d3ag4hukkh62yn.cloudfront.net
Address: 2600:9000:24f1:b600:7:49a5:5fd2:8621
Name: d3ag4hukkh62yn.cloudfront.net
Address: 2600:9000:24f1:9400:7:49a5:5fd2:8621
Name: d3ag4hukkh62yn.cloudfront.net
Address: 2600:9000:24f1:2c00:7:49a5:5fd2:8621
Name: d3ag4hukkh62yn.cloudfront.net
Address: 2600:9000:24f1:8800:7:49a5:5fd2:8621
Name: d3ag4hukkh62yn.cloudfront.net
Address: 2600:9000:24f1:4a00:7:49a5:5fd2:8621
Name: d3ag4hukkh62yn.cloudfront.net
Address: 2600:9000:24f1:aa00:7:49a5:5fd2:8621

(linux) dig www.amazon.com

Study These Flashcards

dns server information, connection info from amazon.com

$ dig www.amazon.com

; «» DiG 9.16.1-Ubuntu «» www.amazon.com
;; global options: +cmd
;; Got answer:
;; -»HEADER«- opcode: QUERY, status: NOERROR, id: 17594
;; flags: qr rd ra; QUERY: 1, ANSWER: 3, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 65494
;; QUESTION SECTION:
;www.amazon.com. IN A

;; ANSWER SECTION:
www.amazon.com. 760 IN CNAME tp.47cf2c8c9-frontier.amazon.com.
tp.47cf2c8c9-frontier.amazon.com. 33 IN CNAME d3ag4hukkh62yn.cloudfront.net.
d3ag4hukkh62yn.cloudfront.net. 32 IN A 108.138.115.136

;; Query time: 0 msec
;; SERVER: 127.0.0.53#53(127.0.0.53)
;; WHEN: Thu May 04 15:34:23 EDT 2023
;; MSG SIZE rcvd: 138

(linux) ping -c 4 www.amazon.com

Study These Flashcards

Ping amazon . com

$ ping -c 4 www.amazon.com
PING www-amazon-com.customer.fastly.net (162.219.225.118) 56(84) bytes of data.
64 bytes from 162.219.225.118 (162.219.225.118): icmp_seq=1 ttl=55 time=12.1 ms
64 bytes from 162.219.225.118 (162.219.225.118): icmp_seq=2 ttl=55 time=12.1 ms
64 bytes from 162.219.225.118 (162.219.225.118): icmp_seq=3 ttl=55 time=11.9 ms
64 bytes from 162.219.225.118 (162.219.225.118): icmp_seq=4 ttl=55 time=11.9 ms

— www-amazon-com.customer.fastly.net ping statistics —
4 packets transmitted, 4 received, 0% packet loss, time 3018ms
rtt min/avg/max/mdev = 11.894/12.026/12.143/0.116 ms

(linux)traceroute www.amazon.com

trace the connection route to amazon $ traceroute www.amazon.com traceroute to www.amazon.com (108.138.115.136), 30 hops max, 60 byte packets 1 _gateway (137.37.120.1) 1.822 ms 1.787 ms 1.776 ms 2 asgard.canton.edu (137.37.254.5) 1.584 ms 1.552 ms 1.430 ms 3 137.37.100.1 (137.37.100.1) 1.282 ms 1.152 ms 1.023 ms 4 syr-9208-canton-cdn.nysernet.net (199.109.109.113) 6.628 ms 8.909 ms 8.779 ms 5 syr-57c3-syr-9208-cdn.nysernet.net (199.109.107.198) 6.728 ms 6.770 ms 6.566 ms 6 nyc32-55a1-syr-57c3-cdn.nysernet.net (199.109.107.206) 9.975 ms 11.936 ms 11.896 ms 7 de-cix.nyc.amazon.com (206.82.104.99) 12.240 ms 14.654 ms 12.179 ms 8 52.93.51.41 (52.93.51.41) 14.413 ms 52.93.51.33 (52.93.51.33) 20.095 ms 52.93.51.37 (52.93.51.37) 20.460 ms 9 52.93.1.52 (52.93.1.52) 12.224 ms 52.93.1.48 (52.93.1.48) 12.033 ms 52.93.1.60 (52.93.1.60) 14.394 ms 10 * * * 11 * * * 12 * * * 13 * * * 14 * * * 15 * * * 16 15.230.208.10 (15.230.208.10) 12.807 ms 10.704 ms 12.678 ms 17 * * * 18 * * * 19 * * * 20 * * * 21 * * * 22 * * * 23 * * * 24 * * * 25 * * * 26 * * * 27 * * * 28 * * * 29 * * * 30 * * *

(linux) route

show the ip routing table $ route Kernel IP routing table Destination Gateway Genmask Flags Metric Ref Use Iface default _gateway 0.0.0.0 UG 100 0 0 enp0s3 137.37.120.0 0.0.0.0 255.255.252.0 U 100 0 0 enp0s3 link-local 0.0.0.0 255.255.0.0 U 1000 0 0 enp0s3

(win) netstat -nap tcp -bo (admin)

shows tcp information for current device C:\Users\neonb>netstat -nap tcp Active Connections Proto Local Address Foreign Address State TCP 0.0.0.0:135 0.0.0.0:0 LISTENING TCP 0.0.0.0:445 0.0.0.0:0 LISTENING TCP 0.0.0.0:5040 0.0.0.0:0 LISTENING TCP 0.0.0.0:6646 0.0.0.0:0 LISTENING TCP 0.0.0.0:7680 0.0.0.0:0 LISTENING TCP 0.0.0.0:49664 0.0.0.0:0 LISTENING TCP 0.0.0.0:49665 0.0.0.0:0 LISTENING TCP 0.0.0.0:49666 0.0.0.0:0 LISTENING TCP 0.0.0.0:49667 0.0.0.0:0 LISTENING TCP 0.0.0.0:49668 0.0.0.0:0 LISTENING TCP 0.0.0.0:49670 0.0.0.0:0 LISTENING TCP 127.0.0.1:2015 0.0.0.0:0 LISTENING TCP 127.0.0.1:49682 0.0.0.0:0 LISTENING TCP 127.0.0.1:49682 127.0.0.1:49684 ESTABLISHED TCP 127.0.0.1:49684 127.0.0.1:49682 ESTABLISHED TCP 137.37.244.66:49414 52.159.127.243:443 ESTABLISHED TCP 137.37.244.66:60866 52.159.127.243:443 ESTABLISHED TCP 137.37.244.66:61281 35.165.28.5:443 CLOSE_WAIT TCP 137.37.244.66:63229 52.11.143.164:443 ESTABLISHED TCP 137.37.244.66:63230 54.237.110.142:443 ESTABLISHED TCP 137.37.244.66:63237 142.250.65.195:443 ESTABLISHED TCP 137.37.244.66:63238 52.11.143.164:443 ESTABLISHED TCP 137.37.244.66:63242 52.203.225.140:443 ESTABLISHED TCP 137.37.244.66:63253 142.251.167.188:5228 ESTABLISHED TCP 137.37.244.66:63257 142.251.41.13:443 ESTABLISHED TCP 137.37.244.66:63260 172.217.165.132:443 ESTABLISHED TCP 137.37.244.66:63265 142.251.40.142:443 ESTABLISHED TCP 137.37.244.66:63269 142.250.65.227:443 ESTABLISHED TCP 137.37.244.66:63273 142.251.41.14:443 ESTABLISHED TCP 137.37.244.66:63275 20.189.173.4:443 TIME_WAIT TCP 137.37.244.66:63276 137.37.32.10:53 TIME_WAIT TCP 137.37.244.66:63277 137.37.32.10:53 TIME_WAIT TCP 137.37.244.66:63278 142.251.40.162:443 ESTABLISHED TCP 137.37.244.66:63279 137.37.32.10:53 TIME_WAIT TCP 137.37.244.66:63280 137.37.32.10:53 TIME_WAIT TCP 137.37.244.66:63282 137.37.32.10:53 TIME_WAIT TCP 137.37.244.66:63284 142.251.32.110:443 ESTABLISHED TCP 137.37.244.66:63285 137.37.32.10:53 TIME_WAIT TCP 137.37.244.66:63286 137.37.32.10:53 TIME_WAIT TCP 137.37.244.66:63287 13.107.136.8:443 ESTABLISHED TCP 137.37.244.66:63288 13.107.4.52:80 TIME_WAIT TCP 137.37.244.66:63289 137.37.32.10:53 TIME_WAIT TCP 137.37.244.66:63290 137.37.32.10:53 TIME_WAIT TCP 137.37.244.66:63291 142.251.40.202:443 ESTABLISHED TCP 137.37.244.66:63292 137.37.32.10:53 TIME_WAIT TCP 137.37.244.66:63293 137.37.32.10:53 TIME_WAIT TCP 137.37.244.66:63294 142.250.65.202:443 ESTABLISHED TCP 137.37.244.66:63295 137.37.32.10:53 TIME_WAIT TCP 137.37.244.66:63296 137.37.32.10:53 TIME_WAIT TCP 137.37.244.66:63297 54.161.18.217:443 CLOSE_WAIT TCP 137.37.244.66:63298 137.37.32.10:53 TIME_WAIT TCP 137.37.244.66:63300 142.251.32.110:443 ESTABLISHED TCP 137.37.244.66:63301 137.37.32.10:53 TIME_WAIT TCP 137.37.244.66:63302 137.37.32.10:53 TIME_WAIT TCP 137.37.244.66:63304 162.247.243.29:443 ESTABLISHED TCP 137.37.244.66:63305 162.247.243.29:443 ESTABLISHED TCP 137.37.244.66:63306 162.247.243.29:443 ESTABLISHED TCP 137.37.244.66:63307 137.37.32.10:53 TIME_WAIT TCP 137.37.244.66:63308 137.37.32.10:53 TIME_WAIT TCP 137.37.244.66:63309 142.250.65.238:443 ESTABLISHED TCP 137.37.244.66:63310 137.37.32.10:53 TIME_WAIT TCP 137.37.244.66:63312 35.201.66.137:443 ESTABLISHED TCP 137.37.244.66:63313 104.71.130.43:443 ESTABLISHED

(powershell) test-netconnection -computername ip.add.ress.here -port #

Test if a port is open on the provided ip address

(linux) netstat -nat

display open tcp ports $ netstat -nat Active Internet connections (servers and established) Proto Recv-Q Send-Q Local Address Foreign Address State tcp 0 0 127.0.0.1:631 0.0.0.0:* LISTEN tcp 0 0 127.0.0.53:53 0.0.0.0:* LISTEN tcp 0 0 137.37.121.238:60998 185.125.188.55:443 ESTABLISHED tcp 0 0 137.37.121.238:42974 91.189.91.42:443 ESTABLISHED tcp 0 0 137.37.121.238:39086 185.125.190.27:443 ESTABLISHED tcp 0 0 137.37.121.238:42982 91.189.91.42:443 ESTABLISHED tcp6 0 0 ::1:631 :::* LISTEN tcp6 0 0 :::80 :::* LISTEN

(linux) sudo netstat -nat -p

show active internet connections (05/11 10:43:02) cita220@cita220-vm: ~ $ sudo netstat -nat -p [sudo] password for cita220: Active Internet connections (servers and established) Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name tcp 0 0 127.0.0.1:631 0.0.0.0:* LISTEN 968/cupsd tcp 0 0 127.0.0.53:53 0.0.0.0:* LISTEN 661/systemd-resolve tcp6 0 0 ::1:631 :::* LISTEN 968/cupsd tcp6 0 0 :::80 :::* LISTEN 890/apache2

(linux) netstat -nau

display open udp ports $ netstat -nau Active Internet connections (servers and established) Proto Recv-Q Send-Q Local Address Foreign Address State udp 0 0 127.0.0.53:53 0.0.0.0:* udp 0 0 137.37.121.238:68 137.37.32.34:67 ESTABLISHED udp 0 0 0.0.0.0:631 0.0.0.0:* udp 0 0 0.0.0.0:5353 0.0.0.0:* udp 0 0 0.0.0.0:46806 0.0.0.0:* udp6 0 0 :::5353 :::* udp6 0 0 :::60406 :::*

(linux) netstat -nau -p

enhanced udp open port search, requires password (05/11 10:44:29) cita220@cita220-vm: ~ $ sudo netstat -nau -p Active Internet connections (servers and established) Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name udp 0 0 127.0.0.53:53 0.0.0.0:* 661/systemd-resolve udp 0 0 137.37.121.238:68 137.37.32.34:67 ESTABLISHED 717/NetworkManager udp 0 0 0.0.0.0:631 0.0.0.0:* 792/cups-browsed udp 0 0 0.0.0.0:5353 0.0.0.0:* 709/avahi-daemon: r udp 0 0 0.0.0.0:46806 0.0.0.0:* 709/avahi-daemon: r udp6 0 0 :::5353 :::* 709/avahi-daemon: r udp6 0 0 :::60406 :::* 709/avahi-daemon: r

(linux) nmap -p port# ip.add.ress.here

see if this ip address has this port open

Command List Flashcards

(33 cards)