Command List

Question 1

crc32

Answer 1

show data of a file in hexadecimal

Question 2

(win) ipconfig /all

Answer 2

show the network settings for the current device

C:\Users\neonb>ipconfig /all

Windows IP Configuration

Host Name . . . . . . . . . . . . : Auto
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : lan

Ethernet adapter Ethernet 2:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : ExpressVPN TAP Adapter
Physical Address. . . . . . . . . : 00-FF-32-37-BB-62
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Unknown adapter Local Area Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : ExpressVPN TUN Driver
Physical Address. . . . . . . . . :
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Local Area Connection* 11:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft Wi-Fi Direct Virtual Adapter #3
Physical Address. . . . . . . . . : 22-2B-20-CC-6C-CB
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wi-Fi 2:

Connection-specific DNS Suffix . : lan
Description . . . . . . . . . . . : Realtek RTL8821CE 802.11ac PCIe Adapter #2
Physical Address. . . . . . . . . : 20-2B-20-CC-6C-CB
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2603:7081:d00:ac29:da3b:5338:d0bc:d81c(Preferred)
IPv6 Address. . . . . . . . . . . : fd00:f405:95d6:90e3::16e2(Preferred)
Lease Obtained. . . . . . . . . . : Tuesday, May 2, 2023 4:35:52 PM
Lease Expires . . . . . . . . . . : Thursday, May 4, 2023 5:01:05 PM
IPv6 Address. . . . . . . . . . . : fd00:f405:95d6:90e3:fa02:5e52:a9c3:7fc4(Preferred)
Temporary IPv6 Address. . . . . . : 2603:7081:d00:ac29:9188:fbb3:5825:74ff(Preferred)
Temporary IPv6 Address. . . . . . : fd00:f405:95d6:90e3:9188:fbb3:5825:74ff(Preferred)
Link-local IPv6 Address . . . . . : fe80::9de2:87cb:5ca8:17b0%9(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.1.147(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Tuesday, May 2, 2023 4:35:59 PM
Lease Expires . . . . . . . . . . : Wednesday, May 3, 2023 4:01:16 PM
Default Gateway . . . . . . . . . : fe80::f605:95ff:fed6:90e5%9
192.168.1.1
DHCP Server . . . . . . . . . . . : 192.168.1.1
DHCPv6 IAID . . . . . . . . . . . : 153103136
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-2A-93-13-19-00-E0-4C-E6-55-2B
DNS Servers . . . . . . . . . . . : 2603:7081:d00:ac29::1
192.168.1.1
NetBIOS over Tcpip. . . . . . . . : Enabled

Question 3

/?

Answer 3

shows the options for a command (cascading, it will not give you the cascades)

Question 4

(win) cls

Answer 4

clear the screen

Question 5

(linux) ifconfig

Answer 5

shows ip information for the current device

(05/03 05:43:13) cita220@cita220-vm: ~
$ ifconfig
enp0s3: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 137.37.121.40 netmask 255.255.252.0 broadcast 137.37.123.255
inet6 fe80::41e4:7f24:7b57:5a31 prefixlen 64 scopeid 0x20<link></link>
ether 08:00:27:02:a7:0c txqueuelen 1000 (Ethernet)
RX packets 24612 bytes 25589096 (25.5 MB)
RX errors 0 dropped 2 overruns 0 frame 0
TX packets 2816 bytes 303739 (303.7 KB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0

lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536
inet 127.0.0.1 netmask 255.0.0.0
inet6 ::1 prefixlen 128 scopeid 0x10<host>
loop txqueuelen 1000 (Local Loopback)
RX packets 207 bytes 18199 (18.1 KB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 207 bytes 18199 (18.1 KB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0</host>

Question 6

(linux) sudo ethtool enp0s3

Answer 6

shows the ethernet wire settings connected to the device

(05/03 05:45:47) cita220@cita220-vm: ~
$ sudo ethtool enp0s3
[sudo] password for cita220:
Settings for enp0s3:
Supported ports: [ TP ]
Supported link modes: 10baseT/Half 10baseT/Full
100baseT/Half 100baseT/Full
1000baseT/Full
Supported pause frame use: No
Supports auto-negotiation: Yes
Supported FEC modes: Not reported
Advertised link modes: 10baseT/Half 10baseT/Full
100baseT/Half 100baseT/Full
1000baseT/Full
Advertised pause frame use: No
Advertised auto-negotiation: Yes
Advertised FEC modes: Not reported
Speed: 1000Mb/s
Duplex: Full
Port: Twisted Pair
PHYAD: 0
Transceiver: internal
Auto-negotiation: on
MDI-X: off (auto)
Supports Wake-on: umbg
Wake-on: d
Current message level: 0x00000007 (7)
drv probe link
Link detected: yes

Question 7

(win) getmac

Answer 7

returns mac address information

C:\Users\neonb>getmac

Physical Address Transport Name
=================== ==========================================================
00-FF-32-37-BB-62 Media disconnected
N/A Media disconnected
20-2B-20-CC-6C-CB \Device\Tcpip_{321C9BB8-9C91-46A1-BB9F-3AD123449B61}

Question 8

(win) arp -a

Answer 8

Address Resolution Protocol (find an ip from a mac or vice versa). Shows queried mac addresses

C:\Users\neonb>arp -a

Interface: 192.168.1.147 — 0x9
Internet Address Physical Address Type
192.168.1.1 f4-05-95-d6-90-e5 dynamic
192.168.1.44 3c-9b-d6-2e-ed-9a dynamic
224.0.0.22 01-00-5e-00-00-16 static
224.0.0.251 01-00-5e-00-00-fb static
224.0.0.252 01-00-5e-00-00-fc static
239.255.255.250 01-00-5e-7f-ff-fa static
255.255.255.255 ff-ff-ff-ff-ff-ff static

Question 9

(linux) cntrl l

Answer 9

clear screen

Question 10

(linux) ip link

Answer 10

Shows the mac address (link address, ethernet address)

(05/03 05:46:19) cita220@cita220-vm: ~
$ ip link
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN mode DEFAULT group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
2: enp0s3: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP mode DEFAULT group default qlen 1000
link/ether 08:00:27:02:a7:0c brd ff:ff:ff:ff:ff:ff

Question 11

(linux) arp -n

Answer 11

Shows arp info, queued mac addresses for linux

(05/03 05:57:11) cita220@cita220-vm: ~
$ arp -n
Address HWtype HWaddress Flags Mask Iface
137.37.120.93 ether 00:50:56:0a:01:0b C enp0s3
137.37.120.1 ether 20:b3:99:57:db:b2 C enp0s3
137.37.122.20 ether 00:0c:29:a0:92:3c C enp0s3
(05/03 05:59:19) cita220@cita220-vm: ~

Question 12

(linux) ip n

Answer 12

Ip neighbor

(05/03 05:59:19) cita220@cita220-vm: ~
$ ip n
137.37.120.93 dev enp0s3 lladdr 00:50:56:0a:01:0b STALE
137.37.120.1 dev enp0s3 lladdr 20:b3:99:57:db:b2 STALE
137.37.122.20 dev enp0s3 lladdr 00:0c:29:a0:92:3c STALE

Question 13

(linux) sudo groupadd wireshark

Answer 13

adds wire shark the virtual machine

Question 14

(win) nslookup www.google.com

Answer 14

get the ip address of google . com that you are connecting to

C:\Users\neonb>nslookup www.google.com
Server: 2603-7081-0d00-ac29-0000-0000-0000-0001.res6.spectrum.com
Address: 2603:7081:d00:ac29::1

Name: www.google.com.lan
Address: 192.168.1.1

Question 15

(win) nslookup 2603:7081:d00:ac29::1

Answer 15

find the hostname from this ip address (ipv6 used in this example)

C:\Users\neonb>nslookup 2603:7081:d00:ac29::1
Server: 2603-7081-0d00-ac29-0000-0000-0000-0001.res6.spectrum.com
Address: 2603:7081:d00:ac29::1

Name: 2603-7081-0d00-ac29-0000-0000-0000-0001.res6.spectrum.com
Address: 2603:7081:d00:ac29::1

Question 16

(win) ipconfig /release

Answer 16

release your current lease on your ip

C:\Users\neonb>ipconfig /release

Windows IP Configuration

No operation can be performed on Ethernet 2 while it has its media disconnected.
No operation can be performed on Local Area Connection* 1 while it has its media disconnected.
No operation can be performed on Local Area Connection* 2 while it has its media disconnected.

Ethernet adapter Ethernet 2:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :

Unknown adapter Local Area Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :

Wireless LAN adapter Local Area Connection* 1:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :

Wireless LAN adapter Local Area Connection* 2:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :

Wireless LAN adapter Wi-Fi:

Connection-specific DNS Suffix . :
IPv6 Address. . . . . . . . . . . : 2603:7081:d00:ac29:a9fc:2293:5229:c208
IPv6 Address. . . . . . . . . . . : fd00:f405:95d6:90e3::16e2
IPv6 Address. . . . . . . . . . . : fd00:f405:95d6:90e3::16e3
IPv6 Address. . . . . . . . . . . : fd00:f405:95d6:90e3:9e00:6bc2:feee:48b1
Temporary IPv6 Address. . . . . . : 2603:7081:d00:ac29:9547:936c:385f:59f5
Temporary IPv6 Address. . . . . . : fd00:f405:95d6:90e3:9547:936c:385f:59f5
Link-local IPv6 Address . . . . . : fe80::89db:49a4:1a4f:19c0%15
Default Gateway . . . . . . . . . : fe80::f605:95ff:fed6:90e5%15

Question 17

(win) ipconfig /renew

Answer 17

Renew your ip lease

C:\Users\neonb>ipconfig /renew

Windows IP Configuration

No operation can be performed on Ethernet 2 while it has its media disconnected.
No operation can be performed on Local Area Connection while it has its media disconnected.
No operation can be performed on Local Area Connection* 1 while it has its media disconnected.
No operation can be performed on Local Area Connection* 2 while it has its media disconnected.

Ethernet adapter Ethernet 2:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :

Unknown adapter Local Area Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :

Wireless LAN adapter Local Area Connection* 1:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :

Wireless LAN adapter Local Area Connection* 2:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :

Wireless LAN adapter Wi-Fi:

Connection-specific DNS Suffix . : lan
IPv6 Address. . . . . . . . . . . : 2603:7081:d00:ac29:a9fc:2293:5229:c208
IPv6 Address. . . . . . . . . . . : fd00:f405:95d6:90e3::16e2
IPv6 Address. . . . . . . . . . . : fd00:f405:95d6:90e3::16e3
IPv6 Address. . . . . . . . . . . : fd00:f405:95d6:90e3:9e00:6bc2:feee:48b1
Temporary IPv6 Address. . . . . . : 2603:7081:d00:ac29:9547:936c:385f:59f5
Temporary IPv6 Address. . . . . . : fd00:f405:95d6:90e3:9547:936c:385f:59f5
Link-local IPv6 Address . . . . . : fe80::89db:49a4:1a4f:19c0%15
IPv4 Address. . . . . . . . . . . : 192.168.1.147
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : fe80::f605:95ff:fed6:90e5%15
192.168.1.1

Question 18

(win) ping www.youtube.com

Answer 18

send data to youtube and try to establish connection with that website. You will get a good or bad response

C:\Users\neonb>ping www.youtube.com

Pinging youtube-ui.l.google.com [2607:f8b0:4006:822::200e] with 32 bytes of data:
Reply from 2607:f8b0:4006:822::200e: time=348ms
Reply from 2607:f8b0:4006:822::200e: time=194ms
Reply from 2607:f8b0:4006:822::200e: time=188ms
Reply from 2607:f8b0:4006:822::200e: time=39ms

Ping statistics for 2607:f8b0:4006:822::200e:
Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 39ms, Maximum = 348ms, Average = 192ms

Question 19

(win) ping 2603:7081:d00:ac29::1

Answer 19

send data to this ip address and see if it responds

C:\Users\neonb>ping 2603:7081:d00:ac29::1

Pinging 2603:7081:d00:ac29::1 with 32 bytes of data:
Reply from 2603:7081:d00:ac29::1: time=283ms
Reply from 2603:7081:d00:ac29::1: time=10ms
Reply from 2603:7081:d00:ac29::1: time=10ms
Reply from 2603:7081:d00:ac29::1: time=10ms

Ping statistics for 2603:7081:d00:ac29::1:
Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 10ms, Maximum = 283ms, Average = 78ms

Question 20

(win) tracert www.youtube.com

Answer 20

trace the ip route from your device to youtube.com servers

C:\Users\neonb>tracert www.youtube.com

Tracing route to youtube-ui.l.google.com [2607:f8b0:4006:808::200e]
over a maximum of 30 hops:

1 49 ms 5 ms 7 ms 2603-7081-0d00-ac29-0000-0000-0000-0001.res6.spectrum.com [2603:7081:d00:ac29::1]
2 16 ms 15 ms 11 ms 2603-90c5-0005-0116-0000-0000-0000-0001.inf6.spectrum.com [2603:90c5:5:116::1]
3 316 ms 318 ms 319 ms lag-62.ptsdny1602h.netops.charter.com [2604:6000:0:4:0:2003:0:1586]
4 22 ms 75 ms 296 ms lag-90.mcr11esyrnyaw.netops.charter.com [2604:6000:0:4:0:2003:0:16fe]
5 * * * Request timed out.
6 * * * Request timed out.
7 37 ms 40 ms 34 ms 2001:1998:0:8::60d
8 37 ms 35 ms 35 ms 2607:f8b0:8320::1
9 37 ms 34 ms 35 ms 2001:4860:0:1::5686
10 42 ms 36 ms 40 ms 2001:4860:0:100e::1b
11 45 ms 43 ms 43 ms 2001:4860::c:4002:a0c1
12 42 ms 43 ms 41 ms 2001:4860::c:4002:6522
13 42 ms 142 ms 263 ms 2001:4860::9:4003:205d
14 64 ms 60 ms 109 ms 2001:4860::12:0:bafd
15 42 ms * * 2001:4860:0:1::68b
16 45 ms 203 ms 51 ms lga25s70-in-x0e.1e100.net [2607:f8b0:4006:808::200e]

Trace complete.

Question 21

(win) route print

Answer 21

C:\Users\neonb>route print

displays the best ip path currently

Interface List
10…00 ff 32 37 bb 62 ……ExpressVPN TAP Adapter
12………………………ExpressVPN TUN Driver
16…22 2b 20 cc 6c cb ……Microsoft Wi-Fi Direct Virtual Adapter
22…a2 2b 20 cc 6c cb ……Microsoft Wi-Fi Direct Virtual Adapter #2
15…20 2b 20 cc 6c cb ……Realtek RTL8821CE 802.11ac PCIe Adapter
1………………………Software Loopback Interface 1
====================================

Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.1.1 192.168.1.147 35
127.0.0.0 255.0.0.0 On-link 127.0.0.1 331
127.0.0.1 255.255.255.255 On-link 127.0.0.1 331
127.255.255.255 255.255.255.255 On-link 127.0.0.1 331
192.168.1.0 255.255.255.0 On-link 192.168.1.147 291
192.168.1.147 255.255.255.255 On-link 192.168.1.147 291
192.168.1.255 255.255.255.255 On-link 192.168.1.147 291
224.0.0.0 240.0.0.0 On-link 127.0.0.1 331
224.0.0.0 240.0.0.0 On-link 192.168.1.147 291
255.255.255.255 255.255.255.255 On-link 127.0.0.1 331
255.255.255.255 255.255.255.255 On-link 192.168.1.147 291
====================================
Persistent Routes:
None

Active Routes:
If Metric Network Destination Gateway
15 51 ::/0 fe80::f605:95ff:fed6:90e5
1 331 ::1/128 On-link
15 51 2603:7081:d00:ac29::/64 On-link
15 291 2603:7081:d00:ac29::/64 fe80::f605:95ff:fed6:90e5
15 291 2603:7081:d00:ac29:9547:936c:385f:59f5/128
On-link
15 291 2603:7081:d00:ac29:a9fc:2293:5229:c208/128
On-link
15 51 fd00:f405:95d6:90e3::/64 On-link
15 291 fd00:f405:95d6:90e3::16e2/128
On-link
15 291 fd00:f405:95d6:90e3::16e3/128
On-link
15 291 fd00:f405:95d6:90e3:9547:936c:385f:59f5/128
On-link
15 291 fd00:f405:95d6:90e3:9e00:6bc2:feee:48b1/128
On-link
15 291 fe80::/64 On-link
15 291 fe80::89db:49a4:1a4f:19c0/128
On-link
1 331 ff00::/8 On-link
15 291 ff00::/8 On-link
====================================
Persistent Routes:
None

Question 22

(linux) nslookup www.amazon.com

Answer 22

lookup ip information for your device and the server for amazon.com that is serving you currently

$ nslookup www.amazon.com
Server: 127.0.0.53
Address: 127.0.0.53#53

Non-authoritative answer:
www.amazon.com canonical name = tp.47cf2c8c9-frontier.amazon.com.
tp.47cf2c8c9-frontier.amazon.com canonical name = d3ag4hukkh62yn.cloudfront.net.
Name: d3ag4hukkh62yn.cloudfront.net
Address: 108.138.115.136
Name: d3ag4hukkh62yn.cloudfront.net
Address: 2600:9000:24f1:a400:7:49a5:5fd2:8621
Name: d3ag4hukkh62yn.cloudfront.net
Address: 2600:9000:24f1:6200:7:49a5:5fd2:8621
Name: d3ag4hukkh62yn.cloudfront.net
Address: 2600:9000:24f1:b600:7:49a5:5fd2:8621
Name: d3ag4hukkh62yn.cloudfront.net
Address: 2600:9000:24f1:9400:7:49a5:5fd2:8621
Name: d3ag4hukkh62yn.cloudfront.net
Address: 2600:9000:24f1:2c00:7:49a5:5fd2:8621
Name: d3ag4hukkh62yn.cloudfront.net
Address: 2600:9000:24f1:8800:7:49a5:5fd2:8621
Name: d3ag4hukkh62yn.cloudfront.net
Address: 2600:9000:24f1:4a00:7:49a5:5fd2:8621
Name: d3ag4hukkh62yn.cloudfront.net
Address: 2600:9000:24f1:aa00:7:49a5:5fd2:8621

Question 23

(linux) dig www.amazon.com

Answer 23

dns server information, connection info from amazon.com

$ dig www.amazon.com

; «» DiG 9.16.1-Ubuntu «» www.amazon.com
;; global options: +cmd
;; Got answer:
;; -»HEADER«- opcode: QUERY, status: NOERROR, id: 17594
;; flags: qr rd ra; QUERY: 1, ANSWER: 3, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 65494
;; QUESTION SECTION:
;www.amazon.com. IN A

;; ANSWER SECTION:
www.amazon.com. 760 IN CNAME tp.47cf2c8c9-frontier.amazon.com.
tp.47cf2c8c9-frontier.amazon.com. 33 IN CNAME d3ag4hukkh62yn.cloudfront.net.
d3ag4hukkh62yn.cloudfront.net. 32 IN A 108.138.115.136

;; Query time: 0 msec
;; SERVER: 127.0.0.53#53(127.0.0.53)
;; WHEN: Thu May 04 15:34:23 EDT 2023
;; MSG SIZE rcvd: 138

Question 24

(linux) ping -c 4 www.amazon.com

Answer 24

Ping amazon . com

$ ping -c 4 www.amazon.com
PING www-amazon-com.customer.fastly.net (162.219.225.118) 56(84) bytes of data.
64 bytes from 162.219.225.118 (162.219.225.118): icmp_seq=1 ttl=55 time=12.1 ms
64 bytes from 162.219.225.118 (162.219.225.118): icmp_seq=2 ttl=55 time=12.1 ms
64 bytes from 162.219.225.118 (162.219.225.118): icmp_seq=3 ttl=55 time=11.9 ms
64 bytes from 162.219.225.118 (162.219.225.118): icmp_seq=4 ttl=55 time=11.9 ms

— www-amazon-com.customer.fastly.net ping statistics —
4 packets transmitted, 4 received, 0% packet loss, time 3018ms
rtt min/avg/max/mdev = 11.894/12.026/12.143/0.116 ms

Question 25

(linux)traceroute www.amazon.com

Answer 25

trace the connection route to amazon

$ traceroute www.amazon.com
traceroute to www.amazon.com (108.138.115.136), 30 hops max, 60 byte packets
1 _gateway (137.37.120.1) 1.822 ms 1.787 ms 1.776 ms
2 asgard.canton.edu (137.37.254.5) 1.584 ms 1.552 ms 1.430 ms
3 137.37.100.1 (137.37.100.1) 1.282 ms 1.152 ms 1.023 ms
4 syr-9208-canton-cdn.nysernet.net (199.109.109.113) 6.628 ms 8.909 ms 8.779 ms
5 syr-57c3-syr-9208-cdn.nysernet.net (199.109.107.198) 6.728 ms 6.770 ms 6.566 ms
6 nyc32-55a1-syr-57c3-cdn.nysernet.net (199.109.107.206) 9.975 ms 11.936 ms 11.896 ms
7 de-cix.nyc.amazon.com (206.82.104.99) 12.240 ms 14.654 ms 12.179 ms
8 52.93.51.41 (52.93.51.41) 14.413 ms 52.93.51.33 (52.93.51.33) 20.095 ms 52.93.51.37 (52.93.51.37) 20.460 ms
9 52.93.1.52 (52.93.1.52) 12.224 ms 52.93.1.48 (52.93.1.48) 12.033 ms 52.93.1.60 (52.93.1.60) 14.394 ms

10 * * *
11 * * *
12 * * *
13 * * *
14 * * *
15 * * *
16 15.230.208.10 (15.230.208.10) 12.807 ms 10.704 ms 12.678 ms

17 * * *
18 * * *
19 * * *
20 * * *
21 * * *
22 * * *
23 * * *
24 * * *
25 * * *
26 * * *
27 * * *
28 * * *
29 * * *
30 * * *

Question 26

(linux) route

Answer 26

show the ip routing table

$ route
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
default _gateway 0.0.0.0 UG 100 0 0 enp0s3
137.37.120.0 0.0.0.0 255.255.252.0 U 100 0 0 enp0s3
link-local 0.0.0.0 255.255.0.0 U 1000 0 0 enp0s3

Question 27

(win) netstat -nap tcp -bo (admin)

Answer 27

shows tcp information for current device

C:\Users\neonb>netstat -nap tcp

Active Connections

Proto Local Address Foreign Address State
TCP 0.0.0.0:135 0.0.0.0:0 LISTENING
TCP 0.0.0.0:445 0.0.0.0:0 LISTENING
TCP 0.0.0.0:5040 0.0.0.0:0 LISTENING
TCP 0.0.0.0:6646 0.0.0.0:0 LISTENING
TCP 0.0.0.0:7680 0.0.0.0:0 LISTENING
TCP 0.0.0.0:49664 0.0.0.0:0 LISTENING
TCP 0.0.0.0:49665 0.0.0.0:0 LISTENING
TCP 0.0.0.0:49666 0.0.0.0:0 LISTENING
TCP 0.0.0.0:49667 0.0.0.0:0 LISTENING
TCP 0.0.0.0:49668 0.0.0.0:0 LISTENING
TCP 0.0.0.0:49670 0.0.0.0:0 LISTENING
TCP 127.0.0.1:2015 0.0.0.0:0 LISTENING
TCP 127.0.0.1:49682 0.0.0.0:0 LISTENING
TCP 127.0.0.1:49682 127.0.0.1:49684 ESTABLISHED
TCP 127.0.0.1:49684 127.0.0.1:49682 ESTABLISHED
TCP 137.37.244.66:49414 52.159.127.243:443 ESTABLISHED
TCP 137.37.244.66:60866 52.159.127.243:443 ESTABLISHED
TCP 137.37.244.66:61281 35.165.28.5:443 CLOSE_WAIT
TCP 137.37.244.66:63229 52.11.143.164:443 ESTABLISHED
TCP 137.37.244.66:63230 54.237.110.142:443 ESTABLISHED
TCP 137.37.244.66:63237 142.250.65.195:443 ESTABLISHED
TCP 137.37.244.66:63238 52.11.143.164:443 ESTABLISHED
TCP 137.37.244.66:63242 52.203.225.140:443 ESTABLISHED
TCP 137.37.244.66:63253 142.251.167.188:5228 ESTABLISHED
TCP 137.37.244.66:63257 142.251.41.13:443 ESTABLISHED
TCP 137.37.244.66:63260 172.217.165.132:443 ESTABLISHED
TCP 137.37.244.66:63265 142.251.40.142:443 ESTABLISHED
TCP 137.37.244.66:63269 142.250.65.227:443 ESTABLISHED
TCP 137.37.244.66:63273 142.251.41.14:443 ESTABLISHED
TCP 137.37.244.66:63275 20.189.173.4:443 TIME_WAIT
TCP 137.37.244.66:63276 137.37.32.10:53 TIME_WAIT
TCP 137.37.244.66:63277 137.37.32.10:53 TIME_WAIT
TCP 137.37.244.66:63278 142.251.40.162:443 ESTABLISHED
TCP 137.37.244.66:63279 137.37.32.10:53 TIME_WAIT
TCP 137.37.244.66:63280 137.37.32.10:53 TIME_WAIT
TCP 137.37.244.66:63282 137.37.32.10:53 TIME_WAIT
TCP 137.37.244.66:63284 142.251.32.110:443 ESTABLISHED
TCP 137.37.244.66:63285 137.37.32.10:53 TIME_WAIT
TCP 137.37.244.66:63286 137.37.32.10:53 TIME_WAIT
TCP 137.37.244.66:63287 13.107.136.8:443 ESTABLISHED
TCP 137.37.244.66:63288 13.107.4.52:80 TIME_WAIT
TCP 137.37.244.66:63289 137.37.32.10:53 TIME_WAIT
TCP 137.37.244.66:63290 137.37.32.10:53 TIME_WAIT
TCP 137.37.244.66:63291 142.251.40.202:443 ESTABLISHED
TCP 137.37.244.66:63292 137.37.32.10:53 TIME_WAIT
TCP 137.37.244.66:63293 137.37.32.10:53 TIME_WAIT
TCP 137.37.244.66:63294 142.250.65.202:443 ESTABLISHED
TCP 137.37.244.66:63295 137.37.32.10:53 TIME_WAIT
TCP 137.37.244.66:63296 137.37.32.10:53 TIME_WAIT
TCP 137.37.244.66:63297 54.161.18.217:443 CLOSE_WAIT
TCP 137.37.244.66:63298 137.37.32.10:53 TIME_WAIT
TCP 137.37.244.66:63300 142.251.32.110:443 ESTABLISHED
TCP 137.37.244.66:63301 137.37.32.10:53 TIME_WAIT
TCP 137.37.244.66:63302 137.37.32.10:53 TIME_WAIT
TCP 137.37.244.66:63304 162.247.243.29:443 ESTABLISHED
TCP 137.37.244.66:63305 162.247.243.29:443 ESTABLISHED
TCP 137.37.244.66:63306 162.247.243.29:443 ESTABLISHED
TCP 137.37.244.66:63307 137.37.32.10:53 TIME_WAIT
TCP 137.37.244.66:63308 137.37.32.10:53 TIME_WAIT
TCP 137.37.244.66:63309 142.250.65.238:443 ESTABLISHED
TCP 137.37.244.66:63310 137.37.32.10:53 TIME_WAIT
TCP 137.37.244.66:63312 35.201.66.137:443 ESTABLISHED
TCP 137.37.244.66:63313 104.71.130.43:443 ESTABLISHED

Question 28

(powershell) test-netconnection -computername ip.add.ress.here -port #

Answer 28

Test if a port is open on the provided ip address

Question 29

(linux) netstat -nat

Answer 29

display open tcp ports

$ netstat -nat
Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address Foreign Address State
tcp 0 0 127.0.0.1:631 0.0.0.0:* LISTEN
tcp 0 0 127.0.0.53:53 0.0.0.0:* LISTEN
tcp 0 0 137.37.121.238:60998 185.125.188.55:443 ESTABLISHED
tcp 0 0 137.37.121.238:42974 91.189.91.42:443 ESTABLISHED
tcp 0 0 137.37.121.238:39086 185.125.190.27:443 ESTABLISHED
tcp 0 0 137.37.121.238:42982 91.189.91.42:443 ESTABLISHED
tcp6 0 0 ::1:631 :::* LISTEN
tcp6 0 0 :::80 :::* LISTEN

Question 30

(linux) sudo netstat -nat -p

Answer 30

show active internet connections

(05/11 10:43:02) cita220@cita220-vm: ~
$ sudo netstat -nat -p
[sudo] password for cita220:
Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 127.0.0.1:631 0.0.0.0:* LISTEN 968/cupsd
tcp 0 0 127.0.0.53:53 0.0.0.0:* LISTEN 661/systemd-resolve
tcp6 0 0 ::1:631 :::* LISTEN 968/cupsd
tcp6 0 0 :::80 :::* LISTEN 890/apache2

Question 31

(linux) netstat -nau

Answer 31

display open udp ports

$ netstat -nau
Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address Foreign Address State
udp 0 0 127.0.0.53:53 0.0.0.0:*
udp 0 0 137.37.121.238:68 137.37.32.34:67 ESTABLISHED
udp 0 0 0.0.0.0:631 0.0.0.0:*
udp 0 0 0.0.0.0:5353 0.0.0.0:*
udp 0 0 0.0.0.0:46806 0.0.0.0:*
udp6 0 0 :::5353 :::*
udp6 0 0 :::60406 :::*

Question 32

(linux) netstat -nau -p

Answer 32

enhanced udp open port search, requires password

(05/11 10:44:29) cita220@cita220-vm: ~
$ sudo netstat -nau -p
Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
udp 0 0 127.0.0.53:53 0.0.0.0:* 661/systemd-resolve
udp 0 0 137.37.121.238:68 137.37.32.34:67 ESTABLISHED 717/NetworkManager
udp 0 0 0.0.0.0:631 0.0.0.0:* 792/cups-browsed
udp 0 0 0.0.0.0:5353 0.0.0.0:* 709/avahi-daemon: r
udp 0 0 0.0.0.0:46806 0.0.0.0:* 709/avahi-daemon: r
udp6 0 0 :::5353 :::* 709/avahi-daemon: r
udp6 0 0 :::60406 :::* 709/avahi-daemon: r

Question 33

(linux) nmap -p port# ip.add.ress.here

Answer 33

see if this ip address has this port open