Network Tools and the Command (5.3) Flashcards
Wireless Analyzer
▪ Ensures you have the proper coverage and helps prevent overlap
between wireless access point coverage zones and channels
Protocol Analyzer
▪ Used to capture and analyze signals and data traffic over a
communication channel
Packet Capturing Tool
▪ Used to capture packets running over a network connection in real time and then save them for later analysis ● Ethereal ● Protocol expert ● Netasyst ● Network analyzer ● Observer ● LanHound ● EtherPeek ● tcpdump ● WinDump ● PRTG network monitor ● SolarWinds ● NetworkMiner
Bandwidth Speed Test
▪ Verifies the real-world throughput from a client device all the way out to
the Internet and back
Port Scanner
▪ Determines which ports are open on a network
iPerf
▪ Gathers an active measurement of the maximum achievable bandwidth
on an IP-based network
NetFlow Analyzer
▪ Performs monitoring, troubleshooting and in-depth inspection,
interpretation, and synthesis of traffic flow data
Trivial File Transfer Protocol (TFTP)
▪ Protocol for exchanging files between two TCP/IP machines
TFTP Server
▪ Used for simple file transfers on a network and boot-loading of remote
devices
Terminal Emulator
▪ Allows a host computer to access another computer through a commandline interface or a graphical one using either Telnet or SSH
▪ Always use SSH instead of Telnet
Terminal Emulator
▪ Allows a host computer to access another computer through a commandline interface or a graphical one using either Telnet or SSH
▪ Always use SSH instead of Telnet
Other terminal emulators:
o Cmder
o ZOC
o Mintty
If you are working on a Linux client:
o GNOME
o Konsole
o xterm
If you are working on an OS X client:
o iTerm2
o MacTerm
o Kitty
IP Scanner
▪ Used to search for and detect IP addresses and other information related
to devices on the network
Ping
▪ Used to check IP connectivity between two devices, most often for
network troubleshooting
▪ Similar to Windows version, except it runs forever by default (like –t in
Windows)
Traceroute/ Tracert
▪ Displays the path between your device (the source) and the destination
IP address, showing each route hop along the path
Hop
▪ Any router or firewall that is in the path of the transmission from the client to the destination ● If cannot ping google.com o ping 8.8.8.8 ● If cannot ping 8.8.8.8 o ping default gateway ● If cannot ping default gateway o ping local client’s IP address ● If cannot ping local IP address o ping local host of 127.0.0.
Hop
▪ Any router or firewall that is in the path of the transmission from the client to the destination ● If cannot ping google.com o ping 8.8.8.8 ● If cannot ping 8.8.8.8 o ping default gateway ● If cannot ping default gateway o ping local client’s IP address ● If cannot ping local IP address o ping local host of 127.0.0.
IP Configuration (ipconfig)
▪ Displays all of the current TCP/IP network configuration values and
refreshes DHCP and DNS settings for a Windows client/server
Interface Configuration (ifconfig)
▪ Command line tool used in Unix, Linux, and OS X systems to display IP
address information
▪ ifconfig is considered officially deprecated
ip
▪ Assigns an address to a network interface or configures network interface
parameters on a Unix, Linux, or OS X operating system
Name Server Lookup (nslookup)
▪ Used to query the DNS to provide the mapping between domain names
and IP addresses or other DNS records
▪ In Windows, use set q=mx to search for mail exchange records
▪ In Linux, use set type=mx to search for mail exchange records
dig
▪ Used to conduct queries against DNS nameservers and is only available
for Linux, Unix, and OS X systems by default
hostname
▪ Used to display the hostname portion of the full computer name for a
given system
Address Resolution Protocol (arp)
▪ Used to display and modify entries in the Address Resolution Protocol (or
ARP) cache on a system
▪ An ARP entry in the cache will get deleted after 21,600 seconds (6 hours)
● arp -d
route
▪ Used to view and manipulate the IP routing table in a Windows, Linux,
Unix, or OS X system
Default Route
▪ Route that takes effect when no other route is available for an IP
destination address
nbtstat
▪ Used to view the current connections and statistics for devices
communicating using the NetBIOS over TCP/IP protocol
Network Statistics (netstat)
▪ Displays information for IP-based connections on a client including its
current sessions, its source and destination IPs, and port numbers
telnet
▪ Provides a bidirectional interactive text-oriented communication facility
using a virtual terminal connection
tcpdump
▪ Allows for the display of TCP/IP and other packets being transmitted or
received over a network to the client’s screen
Network Mapper (nmap)
▪ Discovers hosts and services on a computer network by sending packets
and analyzing the responses
Network Platform
▪ Refers to any router, switch, or firewall, regardless of the brand or
manufacturer
Cisco
o show interface
Juniper
o show interfaces
PoE+ 802.3at Sidewinder
o cf interface
Cisco
o show config
Juniper
o show configuration
PoE+ 802.3at Sidewinder
o cf config
Cisco
o show route
Juniper
o show route
PoE+ 802.3at Sidewinder
o cf route status
show interface
▪ Displays statistics for the network interfaces on the device
show config
▪ Displays the current system configuration on the screen
show route
▪ Displays the current state of the routing table on the device
