Chapter 17 - Supplement - Sheet1

Question 1

Protocol Analyzers

Answer 1

AKA sniffers / network monitors. Uysed to capture packets in their raw format as they cross the network.

Question 2

Examples of protocol analyzers

Answer 2

Wireshare, OmniPeek

Question 3

Promiscuous Mode

Answer 3

NIC processes all packets that it sees

Question 4

Throughput Testers

Answer 4

Usually software based, work much like a protocol analyzer in that they measure traffic, but these measure throughput of that traffic (network speeds)

Question 5

Connectivity Software

Answer 5

Designed to allow you to make a connection to a machine, its desktop, and perform any action you could perform while sitting in front of it.

Question 6

Traceroute

Answer 6

(AKA trace) displays the path a packet takes to get to a remote device by using IP Packet TTL, time-outs, and ICMP error messages.

Question 7

ipconfig / ifconfig

Answer 7

Display the current configuration of TCP/IP on a given workstation. Includes IP, DNS, WINS config and default gateway

Question 8

OSes that use ipconfig

Answer 8

New Macs, Windows

Question 9

ipconfig /all

Answer 9

ipconfig option that gives you hardware addresses, DHCP lease times, and DNS addresses

Question 10

ipconfig /release & ipconfig /renew

Answer 10

Renews the IP address lease, or gets a new one if applicable.

Question 11

OSes that use ifconfig

Answer 11

Linxus, Unix, Mac

Question 12

ifconfig

Answer 12

ipconfig equivalent. Short for interface configuration

Question 13

2 purposes to using the ping utility

Answer 13

To find out if a host is responding OR to find out if you can reach a host

Question 14

ping -t

Answer 14

Pings the specified host until stopped

Question 15

ping -a

Answer 15

Resolves addresses to hostnames

Question 16

ping - n count

Answer 16

Specified the number of echo requests to send. Default is 4. (4 “Reply from…”)

Question 17

ping -w timeout

Answer 17

Set the timeout time in milliseconds. Default is 1000, which is 1 second

Question 18

ARP

Answer 18

Address Resolutin Protocol. Used to translate TCP/IP addresses to MAC addresses using broadcasts.

Question 19

ARP Table

Answer 19

Windows table that includes a list of TCP/IP addresses and their associated physical (MAC) addresses. Cached in memory to reduce the need to perform lookups

Question 20

2 Types of Entries in the ARP Table

Answer 20

Dynamic and Static

Question 21

Dynamic ARP table entries

Answer 21

Created whenever the Windows TCP/IP stack performs an ARP lookup but the MAC address isn’t found in the ARP table. When MAC address is finally resolved (via Broadcast) that info is added to the table.

Question 22

Static ARP table entries

Answer 22

Manually added MAC addresses.

Question 23

arp -a

Answer 23

Dispays current ARP entries.

Question 24

arp -g

Answer 24

Dispays current ARP entries. Same as arp -a

Question 25

arp -a -v

Answer 25

Verbose ARP entries - shows all invalid entires and regular arp -a entries

Question 26

arp -s [IP Address] [MAC Address]

Answer 26

Add a static entry into the ARP table

Question 27

Unix's version of nslookup

Answer 27

dig

Question 28

nslookup

Answer 28

Allows you to query a name server and quickly find out which name resolves to which ip address

Question 29

Location of hosts table on Windows

Answer 29

C:\Windows\System32\drivers\etc\

Question 30

DOS Command to display the PC name

Answer 30

hostname

Question 31

mtr

Answer 31

AKA My traceroute. Computer program that c ombines the functions of the traceroute and pint utilities in a single network diagnostic tool.

Question 32

route

Answer 32

Command used to set network routing rules. Usually Windows takes care of this.

Question 33

netstat

Answer 33

Lists the inbound and outbound conections on your machine. Can also use it to view packet stats and errors

Question 34

netstat -e

Answer 34

Displays ethernet stats. Combined with -s, displays stats by protocol. Stats are for since the PC has been turned on.

Question 35

netstat -s

Answer 35

Displays ethernet stats by protocol. Stats are for since the PC has been turned on.

Question 36

netstat -r

Answer 36

Displays routing table. Same output as route print

Question 37

netstat -a

Answer 37

Displays all TCP/IP connections and UDP connections

Question 38

"bytes" in netstat -e tells you

Answer 38

Number of bytes sent or received at this PC's NIC. Good for determining if a network connection is actually transmitting.

Question 39

"unicast packets" in netstat -e tells you

Answer 39

Number of packets sent from or received at this PC.

Question 40

"non-unicast packets" in netstat -e tells you

Answer 40

Number of packets that weren't directly sent from a workstation to another. Example: Broadcast packets. Number of non-unicast packets should be smaller than unicase packets.

Question 41

"discards" in netstat -e tells you

Answer 41

Number of packets discarded by the NIC during transmission or reception b/c they weren't assembled correctly

Question 42

"unknown protocols" in netstat -e tells you

Answer 42

Number of received packets that the Windows networking stat couldn't interpret. Only in the received column. Certainly it wouldn't send unknown protocols

Question 43

netstat -s -p

Answer 43

netstat -s but allows you to specify the protocol after the -p switch

Question 44

-n switch for netstat

Answer 44

Works with other switches. Displays the IP address instead of the hostname

Question 45

Command to start FTP session in DOS

Answer 45

ftp

Question 46

Command to open FTP server in FTP mode

Answer 46

open servername.domain.com

Question 47

Common to quit FTP from DOS

Answer 47

quit

Question 48

Commands to set file type in FTP mode in dos

Answer 48

ascii, binary

Question 49

Command to download file in FTP mode from DOS

Answer 49

get filename.exe

Question 50

Command to download multiple files in FTP mode in dos

Answer 50

mget

Question 51

Use mget to download all txt files

Answer 51

mget *.txt

Question 52

At FTP command prompt, how do you navigate to a location on the local machine to position your self to upload a file in that directory?

Answer 52

lcd c:\path\to\directory

Question 53

FTP command from DOS to upload a file

Answer 53

put local-filename.txt remote-name.txt

Question 54

Why is it not recommended that you use telnet

Answer 54

Not encrypted. Insecure.

Question 55

What command can you type from a command prompt to see the hops a packet takes to get to a destination host?

Answer 55

Tracert

Question 56

What tool would you use to verify a complaint about a slow network?

Answer 56

Throughput tester

Question 57

You need your IP address, subnet mask, default gateway, and DNS information. What command will you type from a Windows command prompt?

Answer 57

ipconfig /all

Question 58

You need to log in as a dumb terminal to a server or UNIX host and run programs. What application will you use?

Answer 58

Telnet

Question 59

You need to add a route to your Windows server’s routing table. What command will you use?

Answer 59

route

Question 60

You want to log in to a server and transfer files. What application will you use?

Answer 60

FTP

Question 61

You need to check your name-resolution information on your host. What command will you type from the command prompt?

Answer 61

nslookup

Question 62

You want to use netstat, but you want to see only the IP address, not the names of the hosts. Which modifier will you use?

Answer 62

-n

Question 63

You want the IP configuration on a UNIX host. What command will you type at the command prompt?

Answer 63

ifconfig

Question 64

Which Windows command will show you the routing table of your host or server?

Answer 64

route print