Command Line Security Tools 2.2 Flashcards

1
Q

ping

A

Uses Internet Control Message Protocol (ICMP). Usually the first thing you use, test to see if the device is there and responding.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

netstat

A

Available on many OS’s to provide you with network statistics.

  • a = show all active connections
  • b = show binaries (Windows)
  • n = do not resolve names (shows only IP addresses)
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

traceroute

A

Determines the routes a packet takes to a destination. Allows you to map the entire path.

Windows command = tracert
POSIX command = traceroute

Uses ICMP time to live to determine how many hops to destination. This is not seconds or minutes, only hops.

Not all devices will reply with ICMP time. Some firewalls filter ICMP.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

nslookup

A

Used to lookup canonical names, IP addresses, cache timers et.

nslookoup - both windows and POSIX-based. Used to lookup names and IP addresses. Still available but now deprecated. Recommended to now use dig

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

POSIX

A

Portable Operating System Interface (POSIX) is a family of standards specified by the IEEE Computer Society for maintaining compatibility between operating systems.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

dig

A

Domain Information Groper - More advanced version of nslookup with a lot more detail and more options.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Address Resolution Protocol (ARP)

A

Determines a MAC address based on an IP address. you need the hardware address to communicate.

Command = arp - a

Allows us to verify that the IP address and MAC address associations are correct for the devices we are connecting to.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

ipconfig & ifconfig

A

Most troubleshooting starts with IP address. Ping your local router/gateway. Both commands used to determine IP address and hardware address on your device.

ipconfig = windows
ifconfig = linux and other OS's
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

tcpdump

A

Captures packets at the command line. Available programs for most OS’s. Applies filters in real time to help you identify traffic patterns. Can save data packets in a protocol analyzer. Writes it in pcap format. Takes some practice to learn how to use.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Nmap

A

Network mapper to find and learn more about network devices. Port scans to identify open ports. Can learn what OS is running on a device w/o logging in. Service scan to find out what services are running on it and any additionally comes with some additional scripts to extend its capabilities.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

netcat

A

A utility to allow you to read or write information on a network. Think of it as an application similar to a browser to read or write to a network.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly