NETWORK TOOLS Flashcards
Tracert/traceroute
Windows/Linux?
Differences?
When to use?
Route Tracing command
tracert is Windows, traceroute is Linux
tracert sends ICMP, traceroute sends UDP packets
Useful for understanding network topology or troubleshooting
nslookup/dig
function?
OS
compare/contrast?
command-line tool for querying DNS for mapping of DN and IP address. reversible.
Dig is more capable, nslookup is cleaner
windows doesn’t have dig, linux has both
ipconfig/ifconfig
Function?
OS?
command line tool that displays all current TCP/IP network configuration. Can also refresh or drop DHCP and DNS addresses/settings.
ipconfig is windows, ifconfig is linux.
ping
function?
OS?
command line tool for testing the reachability of a host on IP network. available in all OS.
Sends ICMP echo request packets to host and calculates times
-c flag sets number of results, -t flag will continue until stopped. -t flag can show if a system suddenly stops responding or if response time fluctuates.
pathping
Function?
OS?
windows command line tool that traces route to a destination while providing info about latency and packet loss.
pathping vs tracert/traceroute
tracert helps find the actual path from the source to the destination device, whereas pathping provides information about latency and data loss at intermediate hops between source and destination.
hping
function os
hping is used to assemble and analyze TCP/IP packets. This can be used to build a custom packet to test for an issue or vulnerability or to see if a firewall is responding properly.
netstat
provides network statistics by protocol and includes info about local address
Windows/Linux
Netcat
Network swiss army knife
reading from and writing to network connections using TCP or UDP. can also port scan.
cross platform
USE netcat to open a remote shell or transfer a file
IP scanners
scanless is an automated port scanner using 3rd party scanners to gather info.
ARP
ARP is basically a program used by a computer system to find another computers MAC based on its IP address. Is a protocol for mapping an IP address to a MAC address on a LAN.
cross platform, but the -a flag will show current ARP cache for each interface on windows, but the same flag shows alternate formatting for Linux.
arp /a will display the cache.
route
the route command displays or modifies the computers routing table. used to view or manipulate the IP routing table.
cross platform
cURL (client URL)
command for transferring data using various network protocols. Used to transfer data via URLs. can manually perform HTTP commands, can transfer files via FTP, FTPS, SFTP.
Linux only
theHarvester
OSINT command line tool for gathering email accounts, domains, usernames, etc.
sn1per
automated scanning tool that combines multiple tools for pen testers. highly capable, often used for pen testing.
