network commands
DESCRIPTION
network diagram keys are discussedTRANSCRIPT
ArpThearpcommand lets you view and manage the Address Resolution Protocol (ARP) cache. In other words,arpdisplays and modifies the IP address-to-MAC address translation tables used by the ARP protocol. In order for thearpcommand to be meaningful and helpful, you need to first understand the purpose of the Address Resolution Protocol. As DNS translates between host names and IP addresses, ARP translates between MAC addresses (Layer 2) and IP addresses (Layer 3). When a host attempts to communicate with another host on the same subnet, it must first know the destination hosts MAC address. If there is no entry in the sending hosts ARP cache for the destination MAC address, ARP sends out a broadcast (to all hosts in the subnet) asking the host with the target IP address to send back its MAC address. These IP-to-MAC mappings build up in the ARP cache which thearpcommand lets you view and modify.Be aware that the ARP cache is a tempting target for hackers. It can be vulnerable tocache poisoningattacks in which false entries are inserted into the ARP cache, causing the compromised host to unknowingly send data (often unencrypted) to the attacker.Arp for WindowsThe defaultarpcommand syntax in Windows is:arp -s inet_addr eth_addr [if_addr]arp -d inet_addr [if_addr]arp -a [inet_addr] [-N if_addr] [-v]Arp command switches (Windows)Description
arp -aorarp -gDisplays both the IP and MAC addresses in the ARP cache for all network interfaces using ARP.
arp -d [inet_addr]Deletes all entries from the ARP cache which causes ARP queries for local network hosts to be re-processed. For example,arp -d 10.57.10.32.
arp -N [if_addr]Displays the ARP entries for the network interface specified by[if_addr]. Used in conjunction with-aor-g. For example:arp -a -N 192.168.20.15, where 192.168.20.15 is the IP address of your (or one of your) network interfaces.
arp -sAdds a static (permanent) entry to the ARP cache. This command is a countermeasure to ARP spoofing attacks. For example, this command adds a static entry:arp -s 157.55.85.212 00-aa-00-62-c6-09.
arp -vDisplays current ARP entries in verbose mode. All invalid entries and entries on the loopback interface will be shown. Used in conjunction witharp -aorarp -g.
[eth_addr]Specifies a physical (MAC) address.
[if_addr]If present, this specifies the Internet address of theinterfaceon your computer whose address translation table should be modified. Useful if your computer has multiple network interfaces. If not present, the first applicable interface will be used.
[inet_addr]Specifies an IP address entry in the ARP cache. Used in conjunction with-aor-g. For example, the commandarp -a 192.168.10.20will query the cache to display the MAC address of host 192.168. 10.20.
. Up to command listArp for LinuxThe defaultarpcommand syntax in Linux is as follows:arp [-evn] [-H type] [-i if] -a [hostname]arp [-v] [-i if] -d hostname [pub]arp [-v] [-H type] [-i if] -s hostname hw_addr [temp]arp [-v] [-H type] [-i if] -s hostname hw_addr [netmask nm] pubarp [-v] [-H type] [-i if] -Ds hostname ifa [netmask nm] pubarp [-vnD] [-H type] [-i if] -f [filename]Each complete entry in the ARP cache will be marked with theC(complete) flag. Permanent entries are marked withM(perManent) and published entries have theP(publish) flag.Note thatarpis deprecated in Linux, as describedhere.Arp command switches (Linux)Description
arp -a [hostname]or--all [hostname]Shows the entries of the specified hosts. If the[hostname]parameter is not used, all entries will be displayed.
arp -d [ip_addr]or--delete [ip_addr]Removes the ARP cache entry for the specified host.arp -d *will delete all hosts in the cache (note the space between -d and *).
arp -Dor--use-deviceUses the hardware address associated with the specified interface.
arp -eShows the entries in default (Linux) style.
arp -f [filename]or--file [filename]Similar to the-soption, only this time the address info is taken from file that[filename]set up. The name of the data file is very often /etc/ethers, but this is not official. If no[filename]is specified, /etc/ethers is used as default.
arp -Hor--hw-type [type]or-t [type]When setting or reading the ARP cache, this optional parameter tellsarpwhich class of entries it should check for. The default value of this parameter isether(i.e. hardware code 0x01 for IEEE 802.3 10Mbps Ethernet).
arp -i [int]or--device [int]Selects an interface. When dumping the ARP cache only entries matching the specified interface will be printed. For example,arp -i eth0 -s 10.21.31.41 A321.ABCF.321Acreates a static ARP entry associating IP address 10.21.31.41 with MAC address A321.ABCF.321Aoneth0.
arp -nor--numericShows IP addresses instead of trying to determine domain names.
arp -s [hostname] [hw_addr]or--set [hostname]Manually creates a static ARP address mapping entry for host[hostname]with the hardware address set to[hw_addr].
arp -vUses verbose mode to provide more details.
. Up to command listFTPSpecified inRFC 959, FTP (File Transfer Protocol) does what its name implies: it is used for transferring files between hosts on TCP/IP networks. One common use of FTP is to upload updated web content to web servers. Although it can be utilized in a command line interface, there are several graphical clients for FTP that are very popular and capable. Examples of these GUI clients includeFileZilla,FireFTP,WS_FTP,SmartFTP, andWinSCP. Additionally modern browsers such as Firefox or Internet Explorer can be used to download files from FTP servers.FTP suffers from the same security-related flaws as telnet it does not support encryption or strong authentication. Therefore FTP should be used with caution. It is recommended to transition toSFTP.After you connect to an FTP server with theftpcommand, you enter interactive mode wherein the prompt changes fromC:\or$toftp>.
FTP for WindowsIn Windows theftpcommand follows this syntax:ftp [v] [n] [i] [d] [g] [s:[file_name]] [-a] [-A] [-w:[window_size]] [ftp_server]FTP command options (Windows)Description
ftp -aSpecifies that any local interface can be used when binding the FTP data connection.
ftp -ALogs in to the FTP server as an anonymous user.
ftp -b:[AsyncBuffers]Overrides the default async buffer count of 3.
ftp -dEnables debugging which displays all commands passed between the FTP client and the FTP server.
ftp -gDisables file name globbing. By default, globbing is on. Globbing permits the use of the asterisk (*) and question mark (?) as wildcard characters in local file or path names.
ftp -iDisables interactive prompting during multiple file transfers.
ftp -nSuppresses the ability to log on automatically when the initial connection is made.
ftp -r:[RecvBuffers]Overrides the defaultSO_RCVBUFsize of 8192.
ftp -s:[filename]Specifies a text file that contains FTP commands to run automatically after FTP starts.
ftp -vSuppresses the display of FTP server responses.
ftp -w:[window_size]Specifies the size of the transfer buffer (default window size is 4096 bytes).
ftp -x:[SendBuffer]Overrides the default SO_SNDBUF size of 8192.
ftp /?or-?Displays the help message.
ftp>! [command]Runs the specified command on the local computer.
ftp>?orftp>? [command]Displays descriptions for FTP commands (identical tohelp).
ftp>append [local_file] [remote_file]Appends a local file to a file on the remote host using the current file type setting.
ftp>asciiSets the file transfer type toASCII(which is the default).
ftp>bellToggles a bell to ring after each file transfer command is completed (disabled by default).
ftp>binarySets the file transfer type tobinary.
ftp>byeEnds the FTP session with the remote host and exits FTP.
ftp>cd [remote_path]Changes the working directory on the remote host.
ftp>closeEnds the FTP session with the remote server and returns to the command interpreter on the local host.
ftp>debugToggles debugging (off by default). When debugging is on, each command sent to the remote host is printed, preceded by the string >.
ftp>delete [remote_file]Deletes files on the remote host.
ftp>dirorftp>dir [remote_directory] [local_file]Displays a list of a remote directorys files and subdirectories. The output from this command can be sent to[local_file].
ftp>disconnectDisconnects from the remote host likeclose, but retains the FTP prompt.
ftp>get [remote_file] [local_file]Copies a remote file to the local host using the current file transfer type.
ftp>globToggles file name globbing (enabled by default). Globbing permits the use of wildcard characters in local file or path names.
ftp>hashToggles number sign (#) printing for each data block transferred (disabled by default). The size of a data block is 2,048 bytes.
ftp>helporftp>help [command]Displays descriptions for FTP commands (identical to-?).
ftp>lcd [local_directory]Changes the working directory on the local host. By default, the current directory on the local host is used.
ftp>literal [argument]Sends arguments, verbatim, to the remote FTP server. A single FTP reply code is expected in return.
ftp>lsorftp>ls [remote_directory] [local_file]Displays an abbreviated list of a remote directorys contents. The output from this command can be sent to[local_file].
ftp>mdelete [remote_files]Deletes multiple files on the remote host.
ftp>mdir [remote_directories]Displays a list of the remote directorys files and subdirectories.
ftp>mget [remote_files]Copies multiple remote files to the local host using the current file transfer type.
ftp>mkdir [remote_directory]Creates a remote directory.
ftp>mls [remote_directories]Displays an abbreviated list of a remote directorys files and subdirectories.
ftp>mput [local_files]Copies multiple local files to the remote host using the current files and subdirectories.
ftp>open {FTP_server] [port]Connects to the specified FTP server.
ftp>promptToggles prompting (enabled by default). FTP prompts during multiple file transfers to enable you to selectively retrieve or store files;mgetandmputtransfer all files if prompting is turned off.
ftp>put [local_file_name] [remote_file_name]Copies a local file to the remote host using the current file transfer type.
ftp>pwdDisplays the current directory on the remote host.
ftp>quitEnds the FTP session with the remote host and exits FTP.
ftp>quote [argument]Synonym for theliteralcommand.
ftp>recvCopies a remote file to the local host using the current file transfer type (identical toget).
ftp>remotehelporftp>remotehelp [command]Displays help for remote commands.
ftp>rename [file_name] [new_file_name]Renames remote files.
ftp>rmdir [remote_directory]Specifies the name of the remote directory to delete.
ftp>send [local_file_name] [remote_file_name]Copies a local file to the remote host using the current file transfer type (identical toput).
ftp>statusDisplays the current status of FTP connections and toggles.
ftp>traceToggles packet tracing (displays the route of each packet when running an FTP command).
ftp>type [ascii | binary]Sets or displays the file transfer type.ASCIIis the default.
ftp>user [username] [password]Specifies a user to the remote host.
ftp>verboseToggles verbose mode (enabled by default). If on, all FTP responses are displayed; when a file transfer completes, statistics regarding the efficiency of the transfer are also displayed.
.Anonymously logs the user on to the FTP server namedftp.example.company.com:ftp -A ftp.example.company.comLogs the user on to the FTP server namedftp.example.company.comand runs the FTP commands contained in the file namedcommands.txt:ftp -s:commands.txt ftp.example.company.com Up to command list
FTP for LinuxIn Linux theftpcommand follows this syntax:ftp [-pinegvd] [host [port]]ftp [-v] [-d] [-i] [-n] [-g] [-k realm] [-f] [-x] [-u] [-t] [host]Note that different Linux man pages show different options for FTP (reference:1and2), so some of the options below may not work with your Linux distribution. Also note that the BSD operating systems support different FTP options than Linux (reference:1and2).FTP command options (Linux)Description
ftp -dEnables debugging.
ftp -eDisables command editing and history support if it was compiled into theftpexecutable. Otherwise,-edoes nothing.
ftp -fCauses credentials to be forwarded to the remote host.
ftp -gDisables file name globbing.
ftp -iTurns off interactive prompting during multiple file transfers.
ftp -k [realm]When using Kerberos v4 authentication, gets tickets in realm.
ftp -mBy default FTP explicitly binds to the same interface for the data channel as the control channel in passive mode (useful on multihomed clients). This option disables that behavior.
ftp -nRestrains FTP from attempting auto-login upon initial connection. If auto-login is enabled, FTP will check the.netrcfile in the users home directory for an entry describing an account on the remote machine. If no entry exists, FTP will prompt for the remote machine login name (default is the user identity on the local machine), and, if necessary, prompt for a password and an account with which to login.
ftp -pUses passive mode for data transfers. Allows for the use of FTP in environments where a firewall prevents connections from the outside world back to the client machine. Requires that the FTP server support thePASVcommand. This is the default now for all clients (FTP and PFTP) due to security concerns using thePORTtransfer mode. The flag is kept for compatibility only and has no effect anymore.
ftp -tEnables packet tracing.
ftp -uRestrains FTP from attempting auto-authentication upon initial connection. If auto-authentication is enabled, FTP attempts to authenticate to the FTP server by sending theAUTHcommand, using whichever authentication types are locally supported. Once an authentication type is accepted, an authentication protocol will proceed by issuingADAT(Authentication/Security Data) commands. This option also disables autologin.
ftp -vThe verbose option which forces FTP to show all responses from the remote server, as well as report on data transfer statistics.
ftp -xCauses the client to attempt to negotiate encryption (data and command protection levels private) immediately after successfully authenticating.
ftp>! [command [args] ]Invokes an interactive shell on the local machine. If there are arguments, the first is taken to be a command to execute directly, with the rest of the arguments as its arguments.
ftp>$ [macro-name] [args]Execute the macro[macro name]that was defined with themacdefcommand. Arguments are passed to the macro unglobbed.
ftp>account [password]Supplies a supplemental password required by a remote host for access to resources once a logon has been successfully completed. If no argument is included, the user will be prompted for an account password in a non-echoing input mode.
ftp>append [local_file] [remote_file]Appends a local file to a file on the remote host. If[remote_file]is left unspecified, the local file name is used in naming the remote file after being altered by anyntransornmapsetting. File transfer uses the current settings fortype,format,mode, andstructure.
ftp>asciiSets the file transfertypeto network ASCII. This is the default type.
ftp>bellEnables a bell to sound after each file transfer command is completed.
ftp>binarySet the file transfertypeto support binary image transfer.
ftp>byeTerminates the FTP session with the remote server and exits FTP. An end of file will also terminate the session and exit.
ftp>caseToggles remote computer file name case mapping duringmgetcommands. Whencaseis on (default is off), remote computer file names with all letters in upper case are written in the local directory with the letters mapped to lower case.
ftp>cccTerminates the FTP session with the remote server, and returns to the command interpreter. Any defined macros are erased.
ftp>cd [remote_directory]Changes the working directory on the remote host to the directory specified.
ftp>cdupChanges the remote host working directory to the parent of the current remote machine working directory.
ftp>[mode] [file_name]Changes the permission modes[file_name]on the remote host to [mode]. See the page onchmodfor reference.
ftp>clearSets the protection level on data transfers to clear. If noADAT(Authentication/Security Data) command succeeded, then this is the default protection level.
ftp>closeTerminates the FTP session with the remote server and returns to the command interpreter. Any defined macros are erased.
ftp>cprotect [protection_level]Sets the protection level on commands to[protection_level]. The valid protection levels areclearfor unprotected commands,safefor commands integrity protected by cryptographic checksum, andprivatefor commands confidentiality and integrity protected by encryption. If anADATcommand succeeded, then the default command protection level is safe, otherwise the only possible level is clear. If no level is specified, the current level is printed.cprotect clearis equivalent to theccccommand.
ftp>crToggles carriage return stripping during ASCII type file retrieval. Records are denoted by a carriage return/linefeed sequence during ASCII type file transfer. Whencris on (the default), carriage returns are stripped from this sequence to conform with the UNIX single linefeed record delimiter. Records on non-UNIX remote systems may contain single linefeeds; when an ASCII type transfer is made, these linefeeds may be distinguished from a record delimiter only whencris off.
ftp>delete [remote_file]Deletes the file on the remote host.
ftp>debug [debug_value]Toggles debugging mode. If an optional [debug_value] is specified it is used to set the debugging level. When debugging is on, ftp prints each command sent to the remote machine, preceded by the string `>.
ftp>dir [remote_directory] [local_file]Prints a listing of the directory contents in the directory[remote_directory]and, optionally, sends the output to[local_file]. If interactive prompting is on, FTP will prompt the user to verify that the last argument is indeed the target local file for receivingdiroutput. If no directory is specified, the current working directory on the remote machine is used. If no local file is specified, or local-file is -, output comes to the terminal.
ftp>disconnectA synonym for thecloseoption.
ftp>form [format]Sets the file transfer form to[format]. The default format is file.
ftp>get [remote_file_name] [local_file_name]Retrieves[remote_file], stores it on the local host, and optionally renames it to the provided[local_file_name]. If the local file name is not specified, the file is given the same name it has on the remote host, subject to alteration by the currentcase,ntrans, andnmapsettings. The current settings fortype,form,mode, andstructureare used while transferring the file.
ftp>globToggles file name expansion formdelete,mget, andmput. If globbing is turned off withglob, the file name arguments are taken literally and not expanded.
ftp>hashToggles hash sign (#) printing for each data block transferred. The size of a data block is 1024 bytes.
ftp>helporftp> help [command]Prints the help message for all commands or just for the[command]specified.
ftp>idle [seconds]Sets the inactivity timer on the remote server to the number specified by[seconds]. If[seconds]is omitted, the current inactivity timer is printed.
ftp>lcd [directory]Changes the working directory on the local host. If no[directory]is specified, the users home directory is used.
ftp>ls [remote_directory] [local_file]Prints a listing of the contents of a directory on the remote host. If[remote_directory]is left unspecified, the current working directory is used. The output of this command can be sent to[local_file]instead of standard output.
ftp>macdef [macro_name]Defines a macro. Subsequent lines are stored as the macro[macro_name]; a null line (consecutive newline characters in a file or carriage returns from the terminal) terminates macro input mode. There is a limit of 16 macros and 4096 total characters in all defined macros. Macros remain defined until aclosecommand is executed. The macro processor interprets $ and \ as special characters. A $ followed by a number (or numbers) is replaced by the corresponding argument on the macro invocation command line. A $ followed by an i signals that macro processor that the executing macro is to be looped. On the first pass $i is replaced by the first argument on the macro invocation command line, on the second pass it is replaced by the second argument, and so on. A \ followed by any character is replaced by that character. Use the \ to prevent special treatment of the $.
ftp>mdelete [remote_files]Deletes files on the remote host.
ftp>mdir [remote_files] [local_file]Prints a listing of the directory contents in the directories specified and, optionally, sends the output to[local_file].
ftp>mget [remote_files]Performs agetfor each file name specifed in[remote_files]. Seeglobfor details on the filename expansion. Resulting file names will then be processed according tocase,ntrans, andnmapsettings. Files are transferred into the local working directory, which can be changed withlcd; new local directories can be created with! mkdir [directory].
ftp>mkdir [directory_name]Creates a directory on the remote host.
ftp>mls [remote_files] [local_file]Likenlistexcept that multiple remote files may be specified, and the[local_file]must be specified. If interactive prompting is on, FTP will prompt the user to verify that the last argument is indeed the target local file for receivingmlsoutput.
ftp>mode [mode_name]Sets the file transfer mode to[mode_name]. The default mode is stream mode.
ftp>modtime [file_name]Shows the last modification time of the file specified on the remote host.
ftp>mput [local_files]Performs theputcommand for each of the files specified. Seeglobfor details on file name expansion. Resulting file names will then be processed according tontransandnmapsettings.
ftp>newer [file_name]Gets the file only if the modification time of the remote file ismore recentthan the file on the local host. If the file does not exist on the local host, the remote file is considered newer. Otherwise, this command is identical toget.
ftp>nlist [remote_directory] [local_file]Prints a list of the files in a directory on the remote host. If[remote_directory]is left unspecified, the current working directory is used. If interactive prompting is on, FTP will prompt the user to verify that the last argument is indeed the target local file for receivingnlistoutput. If no local file is specified, or if local-file is -, the output is sent to the terminal.
ftp>nmap [inpattern outpattern]Sets or unsets the file name mapping mechanism. If no arguments are specified, the file name mapping mechanism is unset. If arguments are specified, remote file names are mapped duringmputcommands andputcommands issued without a specified remote target filename. If arguments are specified, local file names are mapped duringmgetcommands andgetcommands issued without a specified local target file name. This command is useful when connecting to a non-UNIX remote computer with different file naming conventions or practices. The mapping follows the pattern set by[inpattern and outpattern]is a template for incoming filenames (which may have already been processed according to thentransandcasesettings). Variable templating is accomplished by including the sequences $1, $2, , $9 in[inpattern]. Use \ to prevent this special treatment of the $ character. All other characters are treated literally, and are used to determine thenmap [inpattern]variable values. For example, given inpattern $1.$2 and the remote file namemydata.data, $1 would have the value mydata, and $2 would have the value data. The outpattern determines the resulting mapped file name. The sequences $1, $2, , $9 are replaced by any value resulting from the inpattern template. The sequence $0 is replace by the original file name. Additionally, the sequence [seq1, seq2] is replaced by [seq1] if seq1 is not a null string; otherwise it is replaced by seq2. For example, the commandnmap $1.$2.$3 [$1,$2].[$2,file]would yield the output filename myfile.data for input filenamesmyfile.dataand myfile.data.old, myfile.file for the input filenamemyfile, and myfile.myfile for the input filenamemyfile. Spaces may be included in outpattern as in the example:nmap $1 sed s/ *$// > $1. Use the \ character to prevent special treatment of the $,'[,'[, and , characters.
ftp>ntrans [inchars [outchars]]Sets or unsets the file name character translation mechanism. If no arguments are specified, the file name character translation mechanism is unset. If arguments are specified, characters inremotefile names are translated duringmputcommands andputcommands issued without a specified remote target file name. If arguments are specified, characters inlocalfile names are translated duringmgetcommands andgetcommands issued without a specified local target file name. This command is useful when connecting to a non-UNIX remote computer with different file naming conventions or practices. Characters in a file name matching a character in[inchars]are replaced with the corresponding character in[outchars]. If the characters position in[inchars]is longer than the length of[outchars], the character is deleted from the file name.
ftp>open [host] [port]Establishes a connection to the specified FTP server. An optional port number may be supplied, in which case, FTP will attempt to contact the FTP server at that port. If the auto-authenticate option is on (default), FTP will attempt to authenticate to the FTP server by sending theAUTHcommand, using whichever authentication types which are locally supported. Once an authentication type is accepted, an authentication protocol will proceed by issuingADATcommands. If the auto-login option is on (default), FTP will also attempt to automatically log the user in to the FTP server.
ftp>open [host] [port] [-forward]Same asftp>open, but if the-forwardoption is specified, FTP will forward a copy of the users Kerberos tickets to the remote host.
ftp>passiveToggles passive data transfer mode off. In passive mode, the client initiates the data connection by connecting to the data port. Passive mode is often necessary for operation from behind firewalls which do not permit incoming connections, but may need to be disabled if you connect to an FTP server which does not support passive operation.
ftp>privateSets the protection level on data transfers to private. Data transmissions are confidentiality and integrity protected by encryption. If noADATcommand succeeded, then the only possible level is clear.
ftp>promptToggles interactive prompting. Interactive prompting occurs during multiple file transfers to allow the user to selectively retrieve or store files. If prompting is turned off (default is on), anymgetormputwill transfer all files, and anymdeletewill delete all files.
ftp>protect [protection_level]Sets the protection level on data transfers to[protection_level]. The valid protection levels are clear for unprotected data transmissions, safe for data transmissions integrity protected by cryptographic checksum, and private for data transmissions confidentiality and integrity protected by encryption. If noADAT commandsucceeded, then the only possible level is clear. If no level is specified, the current level is printed. The default protection level is clear.
ftp>proxy [ftp_command]Executes an FTP command on a secondary control connection. This command allows simultaneous connection to two remote FTP servers for transferring files between the two servers. The firstproxycommand should beopento establish the secondary control connection. Enter the commandproxy ?to see other FTP commands executable on the secondary connection. The following commands behave differently when prefaced byproxy:openwill not define new macros during the auto-login process,closewill not erase existing macro definitions,getandmgettransfer files from the host on the primary control connection to the host on the secondary control connection, andput,mput, andappendtransfer files from the host on the secondary control connection to the host on the primary control connection. Third party file transfers depend upon support of the FTP protocolPASVcommand by the server on the secondary control connection.
ftp>put [local_file_name] [remote_file_name]Stores a local file on the remote host. If[remote_file_name]is left unspecified, the local file name is used after processing according to anyntransornmapsettings in naming the remote file. File transfer uses the current settings fortype,format,mode, andstructure.
ftp>pwdDisplays the current working directory on the remote host.
ftp>quitA synonym forftp>bye.
ftp>quote [arg1] [arg2] []The arguments specified are sent, verbatim, to the remote FTP server.
ftp>recv [remote_file_name] [local_file_name]A synonym forftp>get.
ftp>reget [remote_file] [local_file]Regetacts likeget, except that if[local_file]exists and is smaller than[remote_file],[local_file]is presumed to be a partially transferred copy of[remote_file]and the transfer is continued from the apparent point of failure. This command is useful when transferring very large files over networks that are prone to dropping connections.
ftp>remotehelporftp>remotehelp [command_name]Requests help from the remote FTP server. If[command_name]is specified it is supplied to the server as well.
ftp>remotestatus [file_name]Without[file_name]shows the status of the remote host. If[file_name]is specified, shows the status of[file_name]on the remote host.
ftp>rename [from] [to]Renames the file[from]on the remote host to the name specified in[to].
ftp>resetClears the reply queue. This command re-synchronizes command/reply sequencing with the remote FTP server. Resynchronization may be necessary following a violation of the FTP protocol by the remote server.
ftp>restart [marker]Restarts the (?) immediately followinggetorputat the indicated marker. On UNIX systems,[marker]is usually a byte offset into the file.
ftp>rmdir [directory_name]Deletes a directory on the remote host.
ftp>runiqueToggles the storing of files on the local host with unique file names. If a file already exists with a name equal to the target local file name for agetormgetcommand, a .1 is appended to the name. If the resulting name matches another existing file, a .2 is appended to the original name. If this process continues up to .99, an error message is printed, and the transfer does not take place. The generated unique file name will be reported. Note thatruniquewill not affect local files generated from a shell command (see below). The default value is off.
ftp>safeSets the protection level on data transfers to safe. Data transmissions are integrity-protected by cryptographic checksum. If noADATcommand succeeded, then the only possible level is clear.
ftp>send [local_file] [remote_file]A synonym forftp>put.
ftp>sendportToggles the use ofPORTcommands. By default, FTP will attempt to use aPORTcommand when establishing a connection for each data transfer. The use ofPORTcommands can prevent delays when performing multiple file transfers. If thePORTcommand fails, FTP will use the default data port. When the use ofPORTcommands is disabled, no attempt will be made to usePORTcommands for each data transfer. This is useful for certain FTP implementations which do ignorePORTcommands but, incorrectly, indicate theyve been accepted.
ftp>site [arg1] [arg2]The arguments specified are sent, verbatim, to the remote FTP server asSITEcommands.
ftp>size [file_name]Displays the size of[file_name]on the remote host.
ftp>statusShows the current FTP status.
ftp>struct [structure_name]Sets the file transfer structure to[structure_name]. By default the stream structure is used.
ftp>suniqueToggles the storing of files on the remote host under unique file names. The remote FTP server must support the FTP protocolSTOUcommand for successful completion. The remote server will report a unique name. The default value is off.
ftp>systemShows the type of operating system running on the remote host.
ftp>tenexSets the file transfer type to that needed to talk toTENEXmachines.
ftp>traceToggles packet tracing.
ftp>type [type]Sets the file transfer type to[type]. If no type is specified, the current type is printed. The default type is networkASCII.
ftp>user [username] [password] [account]Identifies the user to the remote FTP server. If the password is not specified and the server requires it, FTP will prompt the user for it (after disabling local echo). If an account field is not specified, and the FTP server requires it, the user will be prompted for it. If an account field is specified, an account command will be relayed to the remote server after the login sequence is completed if the remote server did not require it for logging in. Unless FTP is invoked with auto-login disabled, this process is done automatically on initial connection to the FTP server.
ftp>verboseToggles verbose mode. In verbose mode, all responses from the FTP server are displayed to the user. In addition, when a file transfer completes statistics regarding the efficiency of the transfer are reported. By default, verbose is on.
ftp>?A synonym forhelp.
. Up to command list
HostnameIf you are unsure of the host name of the computer you are working on, thehostnamecommand will display it. In Linux and Unix you can usehostnameto configure the host name and associated options.Hostname for WindowsHostname command (Windows)Description
hostnamePrints the name of the current host where the name is the host name portion of the full computer name.
Hostname for LinuxThehostnamecommand syntax in Linux is as follows:hostname [-v] [-a] [-d] [-f] [-A] [-i] [-I] [--all-ip-addresses] [--long] [-s] [-y]hostname [-v] [-b] [-F filename] [--file filename] [hostname]hostname [-v] [-h] [-V]Hostname command switches (Linux)Description
hostname [hostname]Sets the host name.
hostname -aor--aliasDisplays the alias name of the host (if used).
hostname -Aor--all-fqdnsDisplays allFQDNsof the machine. This option enumerates all configured network addresses on all configured network interfaces, and translates them to DNS domain names. Addresses that cannot be translated (i.e. because they do not have an appropriate reverse DNS entry) are skipped.
hostname -bor--bootAlways set a hostname; this allows the file specified by-Fto be non-existant or empty, in which case the default hostnamelocalhostwill be used if none is yet set.
hostname -dor--domainDisplays the DNS domain name.
hostname -for--fqdnor--longDisplays the fully qualified domain name.
hostname -F [file]or--file [file]Consults[file]for host name.
hostname -hor--helpDisplays a help message.
hostname -ior--ip-addressesDisplays the host IP address.
hostname -Ior--all-ip-addressesDisplays all network addresses of the host. This option enumerates all configured addresses on all network interfaces except the loopback interface and IPv6 link-local addresses. Unlike option-i, this option does not depend on name resolution.
hostname -sor--shortTrims domain information from the display output.
hostname -vor--verboseVerbose mode
hostname -Vor--versionDisplays the version information and then exits.
hostname -yor--ypor-nis [domain name]Displays theNISdomain name or sets a new NIS domain name with[domain name].
. Up to command list
IfconfigTheifconfigcommand displays and configures the parameters for host network interfaces (e.g., IP address, subnet mask and default gateway) on Linux and Unix. Its Windows counterpart isipconfig. When used without arguments,ifconfigdisplays the current configurations for all network interfaces (such as your NIC, wireless adapter, and loopback). Interface names are numbered starting at zero: eth0, eth1, wlan0, wlan1, etc.Ifconfig options (Linux only)The standardifconfigcommand syntax is as follows:ifconfig [interface oraddress_family type] options | address ...Note thatifconfigis deprecated in Linux, as describedhere.Ifconfig command switchesDescription
ifconfigDisplays details on all network interfaces.
ifconfig [interface]The name of the interface. This is usually a driver name followed by a unit number; for example,eth0for the first Ethernet interface.Eth0will usually be a PCs primary network interface card (NIC).
ifconfig [address_family]To enable the interpretation of differing naming schemes used by various protocols,[address_family]is used for decoding and displaying all protocol addresses. Currently supported address families includeinet(TCP/IP, default),inet6(IPv6),ax25(AMPR Packet Radio),ddp(Appletalk Phase 2),ipx(Novell IPX) andnetrom(AMPR Packet radio).
ifconfig[interface]add [address/prefixlength]Add an IPv6 address to the[interface].
ifconfig [interface] address [address]Assigns the specified IP[address]to the specified[interface].
ifconfig [interface] allmultior-allmultiEnables or disables all-multicast mode If selected, all multicast packets on the network will be received by the interface. This enables or disables the sending of incoming frames to the kernels network layer.
ifconfig [interface] arpor-arpEnables or disables the use of the ARP protocol on this[interface].
ifconfig [interface] broadcast [address]Specifies the address to use to use for broadcast transmissions. By default, the broadcast address for a subnet is the IP address with all ones in the host portion of the subnet address (i.e.,a.b.c.255for a /24 subnet).
ifconfig [interface] del [address/prefixlength]Remove an IPv6 address from the[interface].
ifconfig [interface] downDisables the[interface].
ifconfig [interface] hw [class] [address]Sets the hardware (MAC) address of this[interface], if the device driver supports this operation. The keywordmustbe followed by the name of the hardware class and the printable ASCII equivalent of the hardware address. Hardware classes currently supported includeether(Ethernet),ax25(AMPRAX.25),ARCnetandnetrom(AMPR NET/ROM).
ifconfig [interface] io_addr [address]Sets the start[address]inI/O spacefor this device.
ifconfig [interface] irq [address]Sets theinterrupt lineused by the network interface.
ifconfig [interface] mem_start [address]Sets the start address forshared memoryof the interface.
ifconfig [interface] media [type]Sets physical port or medium type. Examples of[type]are10baseT,10base2, andAUI. A[type]value ofautowill tell the interface driver to automatically determine the media type (driver support for this command varies).
ifconfig [interface] mtu [n]Sets the Maximum Transfer Unit (MTU) of an interface to[n].
ifconfig [interface] multicastSets themulticast flagon the interface (should not normally be needed as the drivers set the flag correctly themselves).
ifconfig [interface] netmask [mask_address]Sets the IP subnet mask for this interface. This value defaults to the standard Class A, B, or C subnet masks (based on the interface IP address) but can be changed with this command.
ifconfig [interface] pointopointor-pointopointEnables or disablespoint-to-pointmode on this interface
ifconfig [interface] promiscor-promiscEnables or disablespromiscuous modeon the interface.
ifconfig [interface] txquelen [n]Sets thetransmit queue lengthon the interface. Smaller values are recommended for connections with high latency (i.e., dial-up modems, ISDN, etc).
ifconfig [interface] tunnel [address]Creates a Simple Internet Transition (IPv6-inIPv4) device which tunnels to the IPv4[address]provided.
ifconfig [interface] upActivates (enables) the interface.
.For example, this command sets the IP address, subnet mask, and broadcast address for eth0:ifconfig eth0 192.168.10.25 netmask 255.255.255.0 broadcast 192.168.10.255 Up to command list
IpconfigIpconfigcan display current TCP/IP network configuration values, update or release Dynamic Host Configuration Protocol (DHCP) allocated leases, and display, register, or flush Domain Name System (DNS) names. Its Linux/Unix counterpart isifconfig.
Ipconfig options (Windows only)ipconfig command switchesDescription
ipconfigDisplays details on the active network interface.
ipconfig /allDisplays more details on both active and inactive network interfaces, including MAC address, DHCP server IP address, DNS server address(es), WINS server address(es), and whether or not NetBIOS Over TCP/IP is enabled.
ipconfig /allcompartmentsand/allcompartments /allShows information or detailed information (all) about allnetwork compartments.
ipconfig /displaydnsDisplays the contents of the DNS client resolver cache, which includes both entries preloaded from the local Hosts file and any recently obtainedresource recordsfor name queries. Similar toarp -a.
ipconfig /flushdnsFlushes (deletes) the contents of the DNS client resolvercache. Similar toarp -d.
ipconfig /registerdnsInitiates dynamic registration for the DNS names and IP addresses that are configured at a computer.
ipconfig /releaseand/release6 [adapter]Releases (deletes) the dynamic (from DHCP) IPv4 or IPv6 parameters of all network interfaces (if no specific adapter name is specified. For example,ipconfig /release LO*releases only those interfaces starting with Lo).
ipconfig /renewand/renew6 [adapter]Initiates communication with a DHCP server and renews the dynamic IPv4 or IPv6 parameters of all or some network interfaces. For example,ipconfig /renew LO*renews all interfaces starting with Lo.
ipconfig /setclassidand/setclassid6 [adapter]Modifies the DHCP or DHCPv6 class id. Classes can be vendor-defined or user-defined and are implemented by the DHCP administrator when certain clients need different default gateway or DNS server parameters.
ipconfig /showclassidand/showclassid6 [adapter]Displays the DHCP or DHCPv6 class id.
. Up to command listNbtstatNbtstatis a Windows tool used to troubleshootNetBIOS over TCP/IPname resolution problems. NetBIOS over TCP/IP is a networking protocol that allows legacy computer applications relying on theNetBIOSprotocol to be used on modern TCP/IP networks. Therefore, it is unlikely that NetBIOS over TCP/IP will be utilized within your network nowadays.Nbtstatcan check the state of current NetBIOS over TCP/IP (NetBT) connections, view and update the NetBIOS name cache, and determine the names registered with Windows Internet Name Service (WINS). If you are interested,nbtstatoutput is described onTechNet.Do not confuse this command withnetstat.Nbtstat options (Windows only)The standardnbtstatcommand syntax is:nbtstat [ [-a RemoteName] [-A IP address] [-c] [-n] [-r] [-R] [-RR] [-s] [-S] [interval] ]nbtstat command switchesDescription
nbtstat -a [remote name]Returns the NetBIOS name table and MAC address of the address card for the computer name specified.
nbtstat -A [remote IP address]Lists the same information asnbtstat -awhen given the targets IP address.
nbtstat -cDisplays the contents of the NetBIOS name cache, the table of NetBIOS names, and their resolved IP addresses.
nbtstat -nDisplays the NetBIOS name table of the local computer. The status of registered indicates that the name is registered either by broadcast or with a WINS server.
nbtstat -rLists names resolved by broadcast and via WINS.
nbtstat -RPurges and reloads the remote cache name table.
nbtstat -RRReleases and then refreshes NetBIOS names for the local computer that is registered with WINS servers.
nbtstat -sDisplays NetBIOS client and server sessions, attempting to convert the destination IP address to a name.
nbtstat -SDisplays NetBIOS client and server sessions, listing the remote computers by destination IP address only.
[interval]Redisplays selected statistics, pausing every[interval]seconds between each display. Press Ctrl+C to stop redisplaying statistics.
. Up to command listNetstatThenetstatcommand displays the TCP/IP protocol statistics and active connections on the computer on which it was executed. Netstat is particularly useful when you suspect that there may be unauthorized connections to your computer (such as when a possiblemalwareinfection has occurred).Two popular graphical viewers fornetstatareTCPEyeandCurrPorts.Netstat can be used to detect SYN floods that may be affecting a host. If you run a netstat command such asnetstat -n -p TCPand you see many connections in the SYN_RECV state, you know some anomaly is occurring.Do not confuse this command withnbtstat.Netstat for WindowsThe standardnetstatcommand syntax in Windows is:netstat [-a] [-b] [-e] [-f] [-n] [-o] [-p proto] [-r] [-s] [-t] [interval]Netstat command switches (Windows)Description
netstatShows the active connections for all outbound TCP/IP connections.
netstat -aDisplays a more comprehensive list of active connections and theportson which the computer is listening (includes UDP).
netstat -bDisplays the executable involved in creating each connection or listening port.
netstat -eDisplays Ethernet-related statistics.
netstat -fDisplays Fully Qualified Domain Names (FQDN) for foreign addresses. With this option you can check if your PC is connected to suspicious websites.
netstat -nDisplays active TCP connections; addresses and port numbers are expressed numerically; no attempt is made to determine host names.
netstat -oDisplays the owning process ID (PID) associated with each connection. You can look up a PID with the Windows Task Manager.
netstat -p [proto]Displays connection details for only a certain protocol, where[proto]can be TCP, UDP, TCPv6, or UDPv6. With the additional-soption,[proto]can be IP, IPv6, ICMP, ICMPv6, TCP, TCPv6, UDP, or UDPv6.
netstat -rDisplays the hostsrouting table.
netstat -sDisplays per-protocol statistics. By default, statistics are shown for IP, IPv6, ICMP, ICMPv6, TCP, TCPv6, UDP, and UDPv6; the -p option may be used to specify a subset of the default.
netstat -tDisplays the current connectionoffload state.
[interval]Specifies the length of time in seconds to wait before displaying fresh statistics.
. Up to command listNetstat for LinuxNote thatnetstatis deprecated in Linux, as describedhere.Netstat command switches (Linux)Description
netstat -aor--allShows both listening and non-listeningsockets.
netstat -A[family]or--protocol=[family]Specifies the address families for which connections are to be shown.[family]is a comma separated list of address family keywords likeinet, unix, ipx, ax25, netrom, andddp. This has the same effect as using the--inet,--unix (-x),--ipx,--ax25,--netrom, and--ddpoptions.
netstat -cor--continuousConfiguresnetstatto refresh the displayed information every second until stopped.
netstat -CPrints routing information from the route cache.
netstat -eor--extendDisplays an increased level of detail. Can be entered as twice (as--ee) for maximum details.
netstat -FPrints routing information from the forward information database (FIB).
netstat -gor--groupsDisplays multicast group membership information for IPv4 and IPv6.
netstat -ior--interface=[name]Displays a table of all network interfaces, or the specified [name].
netstat -lor--listeningShows only listening sockets (which are omitted bynetstatbe default).
netstat -Mor--masqueradeDisplays a list ofmasqueradedconnections (connections being altered by Network Address Translation).
netstat -nor--numericShow numerical addresses instead of trying to determine symbolic host, port or user names (skips DNS translation).
netstat--numeric-hostsShows numerical host addresses but does not affect the resolution of port or user names.
netstat--numeric portsShows numerical port numbers but does not affect the resolution of host or user names.
netstat--numeric-usersShows numerical user IDs but does not affect the resolution of host or port names.
netstat -Nor--symbolicDisplays the symbolic host, port, or user names instead of numerical representations.Netstatdoes this by default.
netstat -oor--timersIncludes information related to networking timers.
netstat -por--programShows the process ID (PID) and name of the program to which each socket belongs.
netstat -ror--routeShows the kernel routing tables.
netstat -sor--statisticsDisplays summary statistics for each protocol.
netstat -tor--tcpFilters results to display TCP only.
netstat -Tor--notrimStops trimming long addresses.
netstat -uor--udpFilters results to display UDP only.
netstat -vor--verboseProduces verbose output.
netstat -wor--rawFilter results to displayraw socketsonly.
netstat -Zor--contextPrints theSELinuxcontext if SELinux is enabled. On hosts running SELinux, all processes and files are labeled in a way that represents security-relevant information. This information is called the SELinux context.
.Some common netstat commands are:netstat -natpnetstat -t -listeningnetstat -ntunetstat -anp(netstat -anbon Windows)netstat -ntulpnetstat -rnenetstat -anp | grep [port_number]Using the table above you can figure out what each of these commands does. Up to command list
Nslookup, Dig, and HostNSlookup(name server lookup) is a DNS query tool. This means thatnslookupchecks DNS records, domain host aliases, domain host services, and operating system information by querying DNS servers.Nslookupcan also be used to perform DNS zone transfers and is useful when performing network footprinting during ethical hacking efforts. It has two modes: interactive and noninteractive. Interactive mode queries DNS servers for details about various hosts and domains. Noninteractive mode prints only the name and requested information for a host or domain.Although it is still available by default on Windows and Linux/Unix,nslookuphas been deprecated and further use is discouraged. It has effectively been replaced by its successors, thedig(Domain Information Groper) andhostutilities. Unlikenslookup, they are not available natively on Windows and must be installed manually. There is ahostcommand in Windows PowerShell but that is something different. You can install the Windows versions ofdigandhostby extracting them from BIND for Windows availablehere.Digis basically an improved version ofnslookup.Hostenables quick lookups of DNS server information and is used to find 1) the IP address of a given domain name and 2) the domain name of a given IP address.Nslookup for WindowsNslookup command switches (Windows)Description
C:\>nslookupEnters interactive mode; prompt changes from C:> to >.
C:\>nslookup [DNSserver]Enters interactive mode using a particular DNS server.
C:\>nslookup [hostnameorIPaddress]Queries DNS for the IP address of a particular host or vice versa.
C:\>nslookup [hostnameorIPaddress][DNSserver]Queries DNS for the IP address of a particular host (or vice versa) using a particular DNS server.
C:>nslookup -type=[type]Queries for a particular type of DNS records, where[type]can be: A, ANY, CNAME, GID, HINFO, MB, MG, MINFO, MR, MX, NS, PTR, SOA, TXT, UID, UINFO, WKS. DNS record types are describedhereandhere.
C:>nslookup -type=MX [example.com]Queries for email records for domainexample.com
>exitExits interactive mode (back to noninteractive mode).
>fingerConnects with the finger server on the current computer.
>helpDisplays a short summary of subcommands.
>ls [example.com]Lists information for a DNS domain.
>ls -a [example.com]Lists canonical names and aliases.
>ls -d [example.com]Lists all DNS records forexample.com. Can be used to launch a zone transfer when connected to the SOA for a DNS zone. These transfers can be blocked in the DNS properties of the server.
>ls -t [type] [example.com]Lists records of the given RFC record[type](e.g., A ,CNAME, MX, NS, PTR, etc.)
>lserverChanges the default server to the specified DNS domain.
>rootChanges the default server to the server for the root of the DNS domain name space.
>serverChanges the default server to the specified DNS domain.
>setChanges configuration settings that affect how lookups function.
>set allPrints the current values of the configuration settings.
>set class=XChanges thequery class. The class specifies the protocol group of the information.
>set [no]d2Turns exhaustive Debugging Mode on or off. All fields of every packet are printed.
>set [no]debugTurns Debugging Mode on or off.
>set [no]defnameAppends the default DNS domain name to a single component lookup request. A single component is a component that contains no periods.
>set domain=NAMEChanges the default DNS domain name to the name specified.
>set ignoreIgnores packet truncation errors.
>set ixfrver=XCurrent version to use in IXFR transfer request.
>set [no]msxfrUse MS fast zone transfer.
>set portChanges the default TCP/UDP DNS name server port to the value specified.
>set querytype=XChanges theresource record typefor the query.
>set [no]recurseTells the DNS name server to query other servers if it does not have the information.
>set retry=XSets the number of retries toX.
>set root=NAMEChanges the name of the root server used for queries.
>set [no]searchAppends the DNS domain names in the DNS domain search list to the request until an answer is received. This applies when the set and the lookup request contain at least one period, but do not end with a trailing period.
>set srchlist=N1[/N2//N6]Changes the default DNS domain name to N1 and search list.
>set timeout=XChanges the initial number of seconds to wait for a reply to a request.
>set type=XChanges theresource record typefor the query.
>set [no]vcSpecifies to use or not use a virtual circuit when sending requests to the server.
>set viewSorts and lists the output of the previouslssubcommand or commands.
>viewSorts and lists the output of the previouslssubcommand or commands.
. Up to command listNslookup for LinuxThe defaultnslookupcommand syntax in Linux is:nslookup [-option] [name | -] [server]Nslookup command switches (Linux)Description
$ nslookupEnters interactive mode; prompt changes from $ to >.
$ nslookup [hostnameorIP address]Queries DNS for the IP address of a particular host or vice versa.
>exitExitsnslookup.
>host [server]Looks up information forhostusing the current default server or using server, if specified. Ifhostis an Internet address and the query type isAorPTR, the name of the host is returned. Ifhostis a name and does not have a trailing period, the search list is used to qualify the name.
>server [domain] or lserver [domain]Changes the default server to[domain];lserveruses the initial server to look up information about[domain], whileserveruses the current default server. If an authoritative answer cant be found, the names of servers that might have the answer are returned.
>setThis command is used to change state information that affects the lookups.
>set allPrints the current values of the frequently used options toset. Information about the current default server and host is also printed.
>set class=[value]Changes the query class to[value].
>set class=INChanges the query class to the Internet class.
>set class=CHChanges the query class to theChaos class.
>set class=HSChanges the query class to theHesiod class.
>set class=ANYChanges the query class to wildcard.
>set debugornodebugTurn on or off the display of the full response packet and any intermediate response packets when searching.(Default = nodebug; abbreviation = [no]deb)
>set d2ornod2Turns debugging mode on or off. This displays more about whatnslookupis doing.(Default = nod2)
>set domain=[name]Sets the search list to[name].
>set searchornosearchIf the lookup request contains at least one period but doesnt end with a trailing period, appends the domain names in the domain search list to the request until an answer is received.(Default = search)
>set port=[value]Changes the default TCP/UDP name server port to[value].(Default = 53; abbreviation = po)
>set querytype=[value]Changes the type of the information query.(Default = A record; abbreviations = q, ty)
>set type=[value]Changes the type of the information query.(Default = A record; abbreviations = q, ty)
>set recurseorno recurseTells the DNS server to query other servers if it does not have the information.(Default = recurse; abbreviation = [no]rec)
>set retry=[number]Sets the[number]of retries to attempt.
>set timeout=[number]Changes the initial timeout interval for waiting for a reply to number seconds.
>set vcornovcAlways use a virtual circuit when sending requests to the server.(Default = novc)
>set failornofailTries the next nameserver if a DNS server responds with SERVFAIL or a referral (nofail) or terminate query (fail) on such a response.(Default = nofail).
. Up to command listDig for Windows and LinuxThe standarddigcommand syntax is as follows:dig [@server] [options] [name] [type] [class] [+queryopt...]Dig command switchesDescription
digDisplays the DNSroot serversand the the IP address of your hosts DNS server.
@[server]The name or IP address of the DNS server to query. If no[server]argument is provided,digconsults/etc/resolv.confand queries the DNS server(s) listed there. The reply from the DNS server that responds is displayed in the command output.
[name]The domain name to query.
[type]Indicates which type of query is required, such as ANY, A, MX, SIG, etc.If no[type]argument is supplied,digwill perform a lookup for an A record.
dig -b [address]Sets the source IP address of the DNS query to[address]. This must be a valid address on one of the hosts network interfaces or 0.0.0.0 or ::. An optional port may be specified by appending #.
dig -c [class]Sets the query[class](described in thenslookupfor Linux options above). Default is IN (Internet).
dig -f [filename]Configuresdigto process the list of lookup requests in file specified.
dig -hPrints a brief summary ofdigscommand-line arguments and options.
dig -k [TSIG_key_file]Signs the DNS queries sent bydigand their responses using transaction signatures (TSIG).
dig -mEnables memory usage debugging.
dig -p [portnumber]Configures the port number fordigto query. Of course, the default port is 53 for DNS.
dig -q [name]Sets the query name to the[name]parameter value specified.
dig -t [type]Sets the[type]of query to be performed. Default is A.
dig -x [addr]Used for reverse lookups (IP address to host name, rather than vice versa).
dig -y[hmac:]name:key]Signs DNS queries by specifying the TSIG key itself on the command line.hmacis the type of the TSIG, default HMAC-MD5,[name]is the name of the TSIG key and[key]is the actual key. The key is a base-64 encoded string, typically generated bydnssec-keygen.
dig +aaflagor+noaaflagA synonym for+[no]aaonly.
dig +aaonlyor+noaaonlySets or removes the aa flag in the query.
dig +additionalor+noadditionalDisplays or does not display the additional section of a reply. The default is to display it.
dig +adflagor+noadflagSet or removes theAD (authenticated data) bitin the query. This requests the DNS server to return whether all of the answer and authority sections have all been validated as secure according to the security policy of the server. AD=1 indicates that all records have been validated as secure and the answer is not from an OPT-OUT range. AD=0 indicates that some part of the answer was insecure or not validated.
dig +allor+noallSets or clears all display flags.
dig +answeror+noanswerDisplays or does not display the answer section of a reply. The default is to display it.
dig +authorityor+noauthorityDisplays or does not display the authority section of a reply. The default is to display it.
dig +besteffortor+nobesteffortAttempts to display the contents of messages which are malformed. The default is to not display malformed answers.
dig +bufsize=[B]Sets the UDP message buffer size advertised using EDNS0 to[B]bytes. The maximum and minimum sizes of this buffer are 65535 and 0 respectively. Values outside this range are rounded up or down appropriately. Values other than zero will cause anEDNSquery to be sent.
dig +edns=#or+noednsSpecifies the EDNS version to query with. Valid values are 0 to 255. Setting the EDNS version will cause a EDNS query to be sent.+noednsclears the remembered EDNS version.
dig +cdflagor+nocdflagSets or removes theCD (checking disabled) bitin the query. This requests the server to not perform DNSSEC validation of responses.
dig +clor+noclDisplay or does not display the CLASS when printing the record.
dig +cmdor+nocmdToggles or untoggles the printing of the initial comment in the output identifying the version ofdigand the query options that have been applied. This comment is printed by default.
dig +commentsor+nocommentsToggle or untoggles the display of comment lines in the output. The default is to print comments.
dig +defnameor+nodefnameDeprecated; treated as a synonym for+[no]search.
dig +domainname=[somename]Set the search list to contain the single domain[somename], as if specified in a domain directive in /etc/resolv.conf, and enable search list processing as if the+searchoption were given.
dig +dnssecor+nodnssecRequests DNSSEC records be sent or not sent by setting theDNSSEC OK bit(DO) in theOPT recordin the additional section of the query.
dig +failor+nofailTry or do not try the next server if you receive a SERVFAIL. The default is to not try the next server which is the reverse of normal stub resolver behavior.
dig +identifyor+noidentifyShows or does not show the IP address and port number that supplied the answer when the+shortoption is enabled. If short form answers are requested, the default is not to show the source address and port number of the server that provided the answer.
dig +ignoreor+noignoreIgnores or does not ignore truncation in UDP responses instead of retrying with TCP. By default, TCP retries are performed.
dig +multilineor+nomultilinePrints or does not print records like the SOA records in a verbose multi-line format with human-readable comments. The default is to print each record on a single line, to facilitate machine parsing of thedigoutput.
dig +ndots=[D]Sets the number of dots that have to appear in name to[D]for it to be considered absolute. The default value is that defined using the ndots statement in /etc/resolv.conf, or 1 if no ndots statement is present. Names with fewer dots are interpreted as relative names and will be searched for in the domains listed in the search or domain directive in/etc/resolv.conf.
dig +nsidor+nonsidInclude or exclude anEDNSname server ID request when sending a query.
dig +nssearchor+nonssearchWhen this option is set,digattempts to 1) find the authoritative name servers for the zone containing the name being looked up and 2) display the SOA record that each name server has for the zone.
dig +onesoaor+noonesoaPrint only one (starting) SOA record when performing anAXFR. The default is to print both the starting and ending SOA records.
dig +qror+noqrPrints or does not print the query as it is sent. By default, the query is not printed.
dig +questionor+noquestionPrints or does not print the question section of a query when an answer is returned. The default is to print the question section as a comment.
dig +retry=[T]Sets the number of times to retry UDP queries to server to[T]instead of the default, 2. Unlike+tries, this does not include the initial query.
dig +searchor+nosearchUses or does not use the search list defined by the searchlist or domain directive inresolv.conf(if any). The search list is not used by default.
dig +shortor+noshortProvides or does not provide a terse (brief) answer. The default is to print the answer in a verbose form.
dig +showsearchor+noshowsearchPerforms or does not perform a search showing intermediate results.
dig +sigchaseor+nosigchaseChases or does not chase DNSSEC signature chains. Requires dig be compiled with -DDIG_SIGCHASE.
dig +statsor+nostatsThis query option toggles or untoggles the printing of statistics; i.e., when the query was made, the size of the reply, and so on. The default behavior is to print the query statistics.
dig +tcpor+notcpUses or does not use TCP when querying name servers. The default behavior is to use UDP unless anAXFR(full) orIXFR(incremental) query is requested, in which case a TCP connection is used.
dig +time=[T]Sets the timeout for a query to[T]seconds. The default timeout is 5 seconds. An attempt to set[T]to less than 1 will result in a query timeout of 1 second being applied.
dig +ttlidor+nottlidDisplays or does not display the TTL when printing the record.
dig +topdownor+notopdownWhen chasing DNSSEC signature chains, performs or does not perform atop-down validation. Requires dig be compiled with -DDIG_SIGCHASE.
dig +traceor+notraceToggle or untoggles tracing of the delegation path from the root name servers for the name being looked up. Tracing is disabled by default. When tracing is enabled,digmakesiterative queriesto resolve the name being looked up. It will follow referrals from the root servers, showing the answer from each server that was used to resolve the lookup
dig +tries=[T]Sets the number of times to try UDP queries to server to[T]instead of the default, 3. If[T]is less than or equal to zero, the number of tries is silently rounded up to 1.
dig +trusted-key=####Specifies a file containing trusted keys to be used with+sigchase. Each DNSKEY record must be on its own line. If not specified,digwill look for/etc/trusted-key.key, thentrusted-key.keyin the current directory. Requiresdigbe compiled with -DDIG_SIGCHASE.
dig +vcor+novcUses or does not use TCP when querying name servers. This alternate syntax to+[no]tcpis provided for backwards compatibility. The vc stands for virtual circuit.
.Here are some sample commands usingdig.Only displays the IP address for the domain:dighttp://www.kernel.org+shortDisplays the email servers for the domain:dig kernel.org MX +noallDisplays all available data for all domains listed indomains.txt:dig -f domains.txt ALL +noall +answerAttempts a zone transfer from the domain specified:dig kernel.org AXFR Up to command list
Host for Windows and LinuxThe standardhostcommand syntax is as follows:host [-aCdlnrsTwv] [-c class] [-N ndots] [-R number] [-t type] [-W wait] [-m flag] [-4] [-6] {name} [server]Host command switchesDescription
host -aEquivalent to setting the-voption and askinghostto make a query of[type]ANY.
host -c [class]Specifies the DNS query class (described in thenslookupfor Linux options above). Default is IN (Internet).
host -C [zone_name]Attempts to display the SOA records for[zone_name]from all the listed authoritative name servers for that zone. The list of name servers is defined by the NS records that are found for the zone.
host -dor-vEnables verbose output.
host -iSpecifies that reverse lookups of IPv6 addresses should use the IP6.INT domain as defined inRFC 1886. The default is to use IP6.ARPA.
host -l [zone_name]Enables list mode which makeshostperform a zone transfer for[zone_name]. Transfer the zone printing out the NS, PTR and address records (A/AAAA). If combined with-aall records will be printed.
host -m [zone_name]Used to set the memory usage debugging flags[record],[usage]and[trace].
host -N [name]Sets the number of dots that have to be in name for it to be considered absolute. The default value is that defined using thendotsstatement in/etc/resolv.conf, or 1 if nondotsstatement is present. Names with fewer dots are interpreted as relative names and will be searched for in the domains listed in thesearchordomaindirective in/etc/resolv.conf.
host -r [name]Specifies non-recursive queries. Setting this option clears the RD (recursion desired) bit in the query whichhostmakes. This should mean that the name server receiving the query will not attempt to resolve[name]. The-roption enableshostto mimic the behavior of a DNS server by making non-recursive queries and expecting to receive answers to those queries that are usually referrals to other DNS servers.
host -R [number]Changes the number of UDP retries for a lookup.
host -sUsed to set the memory usage debugging flags[record],[usage]and[trace].
host -t [type]Selects the DNS query type, where[type]can be CNAME, NS, SOA, SIG, KEY, AXFR, etc. When no query[type]is specified,hostautomatically selects an appropriate query type. By default, it looks for A, AAAA, and MX records, but if the-Coption was given, queries will be made for SOA records, and if[name]is a dotted-decimal IPv4 address or colon-delimited IPv6 address,hostwill query for PTR records.
host -TMakeshostuse a TCP connection when querying a DNS server.
host -wConfigureshostto effectively wait forever for a reply.
host -W [wait]Makeshostwait for[wait]seconds.
host -4Forceshostto only use IPv4 query transport.
host -6Forceshostto only use IPv6 query transport.
. Up to command listPathPingPathPingis a Windows utility that combines features frompingandtracert.PathPingsends packets to each router (hop) on the way to a destination over a period of time, and then computes the packets lost and the performance statistics for each hop. Like tracert,PathPingcan identify problematic network hosts. The destination can be specified by DNS name or IP address.You can download a neat little PathPing desktop gadget (for Windows Vista or 7) from TechRepublichere. Youll have to rename thePathPing.zipfile to PathPing.gadget.TwoPathPingswitches are apparently no longer supported on Windows 7:-R(RSVP test) and-T(Layer Two tag).Pathping options (Windows only)The standardPathPingcommand syntax is:pathping [-g host-list] [-h max_hops] [-i address] [-n] [-p period] [-q num_queries] [-w timeout] [-4] [-6] target_namePathPing command switchesDescription
pathping -gLoose source route along host list.
pathping -h [number]Maximum[number]of hops to search for target.
pathping -i [address]Use the specified source[address].
pathping -nDo not resolve addresses to hostnames.
pathping -p[milliseconds]Wait period[milliseconds]between pings.
pathping -q [number][Number]of queries per hop.
pathping -w [milliseconds]Wait timeout in[milliseconds]for each reply.
pathping -4Force using IPv4.
pathping -6Force using IPv4.
. Up to command listPingTheping(Packet InterNet Groper) command is arguably the most useful networking troubleshooting utility; it is definitely the simplest and most used.Pingtests the online status of a host on an IP network and measures the total round-trip time (in milliseconds) for packets sent from the source host to a destination host and back.Pingdoes this by sending Internet Control Message Protocol (ICMP) packets (usually). ICMP is a protocol that works with IP to provide error checking and reporting functionality. Ping sends ICMPecho requeststo a remote host. If the host is able to respond, it replies withecho reply.When you ping a destination name, the replies will tell you the hosts IP address, the number of bytes sent, round-trip time, and the packets Time to Live (TTL). When you ping a destination IP address, it responds with all the above except for the host name (unless you provide the-aswitch). Ping doesnt just test connectivity it can also verify that TCP/IP is installed correctly and that DNS name resolution is working properly (seePart 1of this blog post).Standard ICMPpingsdo not utilize port numbers or use TCP or UDP; ICMP is a Layer 3 (Network layer) protocol. TCP and UDP operate at Layer 4, the Transport layer.Thepingcommand can be misused in a variety of denial of service attacks, such as thePing of Death,Smurf attack, andPing flood. However, ICMP serves more functions than just enabling ping requests and replies. ICMP is important in several other ways for proper IP function (such as MTU discovery, unreachable notifications, etc.) so disabling it altogether is not advised.Ping for WindowsIn Windows thepingcommand follows this standard syntax:ping [-t] [-a] [-n count] [-l size] [-f] [-i TTL] [-v ToS] [-r count] [-s count] [[-j host-list] | [-k host-list]] [-w timeout] [-R] [-S srcaddr] [-4] [-6] target_namePing command switches (Windows)Description
ping -aSpecifies that reverse name resolution is performed on the destination IP address.
ping -fSpecifies that Echo Request messages are sent with the Dont Fragment flag in the IP header set to 1 (available on IPv4 only).
ping -i [TTL]Specifies the value of the TTL field in the IP header for Echo Request messages sent. The default is the default TTL value for the host. The maximum[TTL]is 255.
ping -j [hostlist]Specifies that the Echo Request messages use the Loose Source Route option in the IP header with the set of intermediate destinations specified in[HostList](available on IPv4 only). With loose source routing, successive intermediate destinations can be separated by one or multiple routers. The maximum number of addresses or names in the host list is 9. The host list is a series of IP addresses (in dotted decimal notation) separated by spaces.
ping -k [hostlist]Specifies that the Echo Request messages use the Strict Source Route option in the IP header with the set of intermediate destinations specified in[HostList](available on IPv4 only). With strict source routing, the next intermediate destination must be directly reachable (it must be a neighbor on an interface of the router). The maximum number of addresses or names in the host list is 9. The host list is a series of IP addresses (in dotted decimal notation) separated by spaces.
ping -l [size]Specifies the length, in bytes, of the Data field in the Echo Request messages sent. The default size is 32. The maximum size is 65,527.
ping -n [count]Specifies the number of Echo Request messages sent. The default is 4.
ping -r [count]Specifies that the Record Route option in the IP header is used to record the path taken by the Echo Request message and corresponding Echo Reply message (available on IPv4 only). Each hop in the path uses an entry in the Record Route option. If possible, specify a[count]that is equal to or greater than the number of hops between the source and destination. The[count]must be a minimum of 1 and a maximum of 9.
ping -RSpecifies that the round-trip path is traced (IPv6 only).
ping -s [count]Specifies that the Internet Timestamp option in the IP header is used to record the time of arrival for the Echo Request message and corresponding Echo Reply message for each hop. The[count]must be a minimum of 1 and a maximum of 4. This is required for link-local destination addresses.
ping -S [SrcAddr]Specifies the source address to use (IPv6 only).
ping -tSpecifies that ping continue sending Echo Request messages to the destination until interrupted. To interrupt and display statistics, press CTRL+BREAK. To interrupt and quit ping, press CTRL+C.
ping -v [ToS]Specifies the value of theType of Service[ToS]field in the IP header for Echo Request messages sent (available on IPv4 only). The default is 0.[ToS]is specified as a decimal value from 0 through 255.
ping -w [timeout]Specifies the amount of time, in milliseconds, to wait for the Echo Reply message that corresponds to a given Echo Request message to be received. If the Echo Reply message is not received within the time-out, the Request timed out error message is displayed. The default[timeout]is 4000 (4 seconds).
ping -4Specifies that IPv4 is used to ping. This parameter is not required to identify the target host with an IPv4 address. It is only required to identify the target host by name.
ping -6Specifies that IPv6 is used to ping. This parameter is not required to identify the target host with an IPv6 address. It is only required to identify the target host by name.
. Up to command listPing for LinuxPing command switches (Linux)Description
ping -aAudible ping.
ping -AAdaptive ping (interpacket interval adapts to round-trip time).
ping -bFor pinging a broadcast address.
ping -BDoes not allowpingto change the source address of probes. The address is bound to the one selected whenpingstarts.
ping -c [count] [deadline]Stops after sending[count]ECHO_REQUEST packets. With[deadline]option,pingwaits for[count]ECHO_REPLY packets, until the timeout expires.
ping -dSets the SO_DEBUG option on the socket being used. Essentially, this socket option is not used by Linux kernel.
ping -DPrints the timestamp (Unix time + microseconds, as in gettimeofday) before each line.
ping -fFor every ECHO_REQUEST sent, a period (.) is printed, while for every ECHO_REPLY received a backspace is printed. This provides a rapid display of how many packets are being dropped.
ping -FOnly forping6. Allocates and sets a 20-bit flow label on ECHO_REQUEST packets. If the value is zero, the kernel allocates a random flow label.
ping -i [interval]Wait[interval]seconds between sending each packet. The default is to wait for one second between each packet normally, or not to wait in flood mode (-f).
ping -I [interface]Sets the source address to the specified interface, whether numeric IP address or name of device. When pinging IPv6 link-local addresses this option is required.
ping -l [preload]Sends[preload]number of packets and does not wait for replies. Only the super-user may select a[preload]of more than 3.
ping -LSuppress loopback of multicast packets (only applies if thepingdestination is a multicast address).
ping -mUses[mark]to tag the packets going out.
ping -M [hint]Selectspath MTU discovery strategy.[Hint]may be eitherdo(prohibit fragmentation, even local one),want(do PMTU discovery, fragment locally when packet size is large), ordont(do not set DF flag).
ping -nSpecifies numeric output only. No attempt is made to look up symbolic names for IP addresses.
ping ->NSends ICMPv6 Node Information Queries (RFC 4620), instead of Echo Request.
ping -p [pattern]Specifies up to 16 pad bytes (in hex) to fill out the packet you send. For example,-p ffwill cause the sent packet to be filled with all ones.
ping -qQuiet output. Nothing is displayed except the summary lines at command startup time and when finished.
ping -Q [tos]Sets Quality of Service-related bits in ICMP datagrams.[Tos]can be either decimal or hex number.
ping -rBypasses the normal routing tables and sends directly to a host on an attached interface. If the host is not on a directly attached network, an error is returned.
ping -RRecords the route. Includes the RECORD_ROUTE option in the ECHO_REQUEST packet and displays the route buffer on returned packets. Note that the IP header is only large enough for nine such routes. Many hosts ignore or discard this option.
ping -s [packet_size]Specifies the number of data bytes to be sent. The default is 56, which translates into 64 ICMP data bytes when combined with the 8 bytes of ICMP header data.
ping -S [sndbuf]Set the socket send buffer. If not specified, it is selected to buffer not more than one packet.
ping -t [TTL]Sets the IP TTL to [TTL] seconds.
ping -T [timestamp] [opt]Sets special IP timestamp options.[Timestamp]option may be eithertsonly(only timestamps),tsandaddr(timestamps and addresses) ortsprespechost1
ping -UPrints full user-to-user latency (the old behavior).
ping -vVerbose command output.
ping -VShows version and exits.
ping -w [deadline]Specifies a deadline (or timeout), in seconds, before ping exits regardless of how many packets have been sent or received.
ping -W [timeout]Time to wait for a response, in seconds. The option affects only timeout in absense of any responses, otherwisepingwaits for twoRTTs.
. Up to command listRouteRouteenables the manipulation and viewing of a computers routing table. In other words, it lets you add or remove entries in the routing table.Route for WindowsIn Windows theroutecommand follows this syntax:route [-f] [-p] [-4 or -6][Command [Destination] [mask] [Gateway] [).
telnet -aAttemps automatic login to the remote host.
telnet -b [hostalias]Usesbindto bind the local socket to an aliased address (seeifconfig--alias) or to the address of an interface different from the one selected byconnect.
telnet -cDisables the reading of the users .telnetrc file. The .telnetrc file contains the setup information for a telnet session. It is a hidden file in your home directory and must be readable by the user logging in.
telnet -dEnables debugging at the socket level.
telnet -e [escape_char]Sets the initial telnet escape character to[escapechar]. If[escapechar]is omitted, then there will be no escape character.
telnet -EStops any character from being recognized as an escape character.
telnet -fIf Kerberos V5 authentication is being used, allows the local credentials to be forwarded to the remote host.
telnet -FIf Kerberos V5 authentication is being used, allows the local credentials to be forwarded to the remote host, including any credentials that have already been forwarded into the local environment.
telnet -k [realm]If Kerberos authentication is being used, requests thattelnetobtain tickets for the remote host in realm[realm]instead of the remote hosts realm.
telnet -KPrevents automatic login to the remote host.
telnet -l [user]When connecting to the remote host, if the remote host understands the ENVIRON option, then[user]will be sent as the value for the variable USER. This option implies the-aoption and may also be used with theopencommand.
telnet -LSpecifies an 8-bit data path on output. This causes the BINARY option to be negotiated on output.
telnet -n [trace_file]Opens[trace_file]for recording the trace information.
telnet -rSpecifies a user interface similar torlogin. In this mode, the escape character is set to the tilde (~) character, unless modified by the-eoption.
telnet -xEnables encryption of the data stream, if possible.
telnet -X [auth_type]Disables the[auth_type]type of authentication.
telnet> closeEnds the session and closes the current connection.
telnet> displayDisplays thetelnetoperating parameters.
telnet> environChanges the environment variables. Possibilities include:.define: defines an environment variable.export: marks an environment variable for automatic export.list: lists the current environment variables.send: sends an environment variable.undefine: undefines an environment variable.unexport: dont mark an environment variable for automatic export.?: prints help information.
telnet> logoutForcibly logs out the remote user and closes the connection.
telnet> mode [mode]Tries to enter line or character mode where[mode]is one of the following:.character: disables LINEMODE option (or disables obsolete line-by-line mode).line: enables LINEMODE option (or enables obsolete line-by-line mode). These two require the LINEMODE option to be enabled.isig: enables signal trapping.-isig: disables signal trapping.edit: enables character editing.-edit: disables character editing.softtabs: enables tab expansion.-softtabs: disables character editinglitecho: enables literal character echo.-litecho: disables literal character echo.?: prints help information.
telnet> open [port]Connects to a host.
telnet> quitExits telnet.
telnet> sendTransmits special characters as defined below..abort: sends Telnet Abort Process.ao: sends Telnet Abort output.ayt: sends Telnet Are You There.brk: sends Telnet Break.ec: sends Telnet Erase Character.el: sends Telnet Erase Line.eof:sends Telnet End of File Character.eor: sends Telnet End of Record.escape: sends current escape character.ga: sends Telnet Go Ahead sequence.getstatus: sends request for STATUS.ip: sends Telnet Interrupt Process.nop: sends Telnet No operation.susp: sends Telnet Suspend Process.synch: performs Telnet Synch operation.?: displays send options.
telnet> setSets operating parameters as described below..debug: enables debugging.echo: character to toggle local echoing on/off.escape: character to escape back to telnet command mode.netdata: enables printing of hexadecimal network data (debugging).options: enables viewing of options processing (debugging).prettydump: enables output of netdata to user readable format (debugging).rlogin: rlogin escape character.termdata: enables (debugging) toggle printing of hexadecimal terminal data.tracefile: the file to write trace information to.?: display help information..The following need localchars to be toggled true':.eof: character to cause an EOF.flushoutput: character to cause an Abort Output.interrupt: character to cause an Interrupt Process.quit: character to cause an Abort process..The following are for local editing in linemode:.autoflush: enables flushing of output when sending interrupt characters.autosynch: enables automatic sending of interrupt characters in urgent mode.crlf: enables sending carriage returns as telnet crmod: enables mapping of received carriage returns.erase: character to use to erase a character.forw1: alternate end of line character.forw2: alternate end of line character.inbinary: enables receiving of binary data.kill: character to use to erase a line.lnext: character to use for literal next.localchars: enables local recognition of certain control characters.outbinary: enables sending of binary data.reprint: character to use for line reprint.start: character to use for XON.stop: character to use for XOFF.skiprc: enable dont read ~/.telnetrc file.susp: character to cause a Suspend Process.worderase: character to use to erase a word.
telnet> slcChanges the state of special charaters as follows:.check: Verify remote special character definitions.export: Use local special character definitions.import: Use remote special character definitions.?: Print help information.
telnet> statusPrints connection status information.
telnet> toggleToggles operating parameters as follows:.autoflush: toggle flushing of output when sending interrupt characters.autosynch: toggle automatic sending of interrupt characters in urgent mode.binary: toggle sending and receiving of binary data.crlf: toggle sending carriage returns as telnet .crmod: toggle mapping of received carriage returns.debug: toggle debugging.inbinary: toggle receiving of binary data.localchars: toggle local recognition of certain control characters.netdata: toggle printing of hexadecimal network data (debugging).options: toggle viewing of options processing (debugging).outbinary: toggle sending of binary data.prettydump: toggle output of netdata to user readable format (debugging).skiprc: toggle dont read ~/.telnetrc file.termdata: toggle (debugging) toggle printing of hexadecimal terminal data.
telnet> unsetUnsets operating parameters; the opposite oftelnet> set.
telnet> zSuspends a telnet session.
telnet> !Invokes a subshell.
telnet> ?Prints the help message.
. Up to command listTraceroute and TracertTraceroute(tracertin Windows) is a network diagnostic tool for displaying the route (path) of packets and measuring their transit delays across an IP network.Tracerouteworks by i