Software Tool Types Flashcards
traceroute uses what two things to determine the path to a remote device?
TTL and ICMP error messages
what utility can help you determine if a WAN link is down or a web server isn’t responding?
Traceroute
What two reasons can asterisks imply when running traceroute?
1) response from the router took more than the default time-out value
2) the admin has disabled ICMP on the router that the packet is trying to hop through
What is the command to trace IPv6 packets? List for Windows, MAC/Linux, and Cisco
1) tracert -6 - Win
2) traceroute6 - MAC/Lnx
3) traceroute -6 - Cisco
What 3 extra key pieces of info does ipconfig /all (as opposed to just ipconfig) tell you?
MAC address
DHCP lease times
DNS addresses
Describe the differences between ipconfig and ifconfig
ipconfig is mainly used to view the TCP/IP config
if config does same but can be used to configure a protocol or network interface
the linux iptables utilities uses what 3 types of ‘chains’ to to allow or disallow traffic?
1) Input (controls for incoming connections)
2) Forward (for incoming non-local connections like a router would receive)
3) Output (controls outgoing connections)
what iptables command would block a connection from 192.168.10.1?
iptables -A INPUT -s 192.168.10.1 -j DROP
what is the default ping time-out?
1 second
The ‘-a’ switch in the ping utility does what?
name resolution
what is the ‘-6’ switch used for in ping utility? What is it for MAC?
pinging IPv6 address.
Ping6
what is the continuous ping option?
-t
what is checked to determine the IP address before a packet is sent to a host?
the ARP cache
IPv6 doesn’t need ARP. TRUE or FALSE?
TRUE (it uses the ND protocol)
what ARP command switch displays the whole ARP table?
-a (or -g)
How long do static entries last in the ARP table?
until the machine is rebooted
how do you delete dynamic and static ARP table entries?
for dynamic entries wait for the entries to time out. For static, use the “arp -d” switch with the entry you want to delete
nslookup allows you to do what?
query a name server and find out what name resolved to which IP address
the primary job of the xxxx utility is to tell you the different features of a domain name, the names of the servers that serve it and how they’re configured
nslookup (‘dig’ for unix)
What does the non-authoritative answer mean in an nslookup response?
the server that returned the the information is not responsible for the zone information of the domain you requested
Where is the hosts table stored in windows?
c:windows\system32\drivers\etc
which Unix utility combines the functions of traceroute and ping and also adds round-trip time and packet loss?
Mtr/My traceroute
What is Microsoft’s version of the linux mrt?
pathping
performing scans with certain flags set using nmap allows you to determine what 2 things?
1) if a port is open on a device
2) if the port is blocked by a firewall before it gets to the device
On a Unix box, how could you create a logical map of the network and determine the live hosts on a network?
use nmap command
What route command switch used with the add, change or delete will clear the routing table of entries that aren’t host routes, loopback or multicast routes?
-f
what route switch, if used with the add option, will add the route to the Registry (and thus still be there after a reboot)
-p (for persistent)
List 5 other options to use with the route command?
1) destination
2) gateway
3) metric
4) netmask / mask
5) if /interface
Deploying the nbtstat utility acheives what 3 things?
1) track NetBIOS over TCP/IP statistics
2) Shows incoming and outgoing NetBIOS over TCP/IP connections
3) Resolve NetBIOS names
which nbtstat command will get you the remote machine’s NetBIOS name table which will show all the NetBIOS names that machine knows of?
-a [remote machine name]
-A nbtstat differs from -a how?
instead of using -A with a NetBIOS name you enter the IP address
What command switch displays the NetBIOS name cache?
nbtstat -c
If you get the error “no names in cache” when using nbtstat, what has happened?
all entries in cache have expired because the NetBIOS services haven’t been accessed regularly enough
what nbtstat command gives you the local NetBIOS name table?
-n
what nbtstat command tells you how many NetBIOS names have been resolved to TCP/IP addresses?
-r
which nbtstat command can help you determine if the WINS server is configured correctly?
-r
Which nbtstat command purges the name table cache and allows you to reload the LMHOSTS file into memory?
-R
which nbtstat command lists the session to and from the host you run the command on?
-S
which command enables you to check the inbound and outbound TCP/IP connections and see packet statistics?
netstat
when using netstat, if the address of the destination computer can be found in the HOSTS file, what will display in the Foreign Address column?
The destination computer’s name
which most commonly used netstat switch shows all tcp/ip and udp connections and is used to check the status of a connection that appears to be hung?
-a
which netstat switch displays a summary of all the packets sent over the NIC as of that instant and which includes errors?
-e
which two netstat switch allow you to look at protocol statistics for just a specific protocol?
- s (displays all protocols)
- p [protocol name]
If in doubt, what file type should you set ftp to download files as?
Binary files
if the get command gets one file in ftp, how do you get multiple files?
use mget command
which utility is good for testing TCP connectivity?
Telnet
Which two commands will show you the routing table?
netstat -r and route print
If you wanted netstat to return IP addresses for Foreign Addresses instead of names, which switch would you use?
-n
What Unix command would you use to filter tcp traffic from host 192.168.1.1
tcpdump host 192.168.1.1
what does the unix command “tcpdump -i any” do?
captures tcp traffic on all interfaces
