Detailed examples of common network commands and commands in Windows systems

1. The most basic, most commonly used, test PING of a physical network

Ping 192.168.0.8-t, parameter-T is waiting for the user to interrupt the test

2. View DNS, IP, Mac, etc.

A.win98:winipcfg

b.win2000 above: Ipconfig/all

C.nslookup: See DNS in Hebei

C:>nslookup

Default Server:ns.hesjptt.net.cn

address:202.99.160.68

>server 202.99.41.2 changed DNS to 41.2

> pop.pcpop.com

Server:ns.hesjptt.net.cn

address:202.99.160.68

Non-authoritative Answer:

Name:pop.pcpop.com

address:202.99.160.212

3. Network Messenger (often asked ~)

Net Send computer name/IP * (broadcast) Transfer content, note cannot cross the network segment

net stop Messenger stop Messenger service can also be in panel-service modification

net start Messenger Messenger Service

4. Detect the other party's computer name, the group, domain and current user name (how the hunt works)

Ping-a ip-t, only NetBIOS name displayed

Nbtstat-a 192.168.10.146 is more than the whole

5.netstat-a shows all the ports that your computer is currently opening

Netstat-s-E More detailed display of your network data, including TCP, UDP, ICMP and IP statistics, etc.

6. Detect ARP Bindings (dynamic and Static) list, show all connected to my computer, display the other IP and MAC address

Arp-a

7. On the proxy server side

Bundled IP and MAC addresses to address local area network misappropriation ip!:

Arp-s 192.168.10.59 00-50-ff-6c-08-75

Unbind the IP of the NIC from the MAC address:

ARP-D Network card IP

8. Hide your computer from a network neighbor (let others see you!)

NET config Server/hidden:yes

NET config Server/hidden:no is the open

9. Several net commands

A. Displays the current workgroup server List net view, which displays a list on the current domain or computer on the network when this command is used without options.

For example: To view the shared resources on this IP, you can

C:>net View 192.168.10.8

Shared Resources in 192.168.10.8

Resource Share name Type purpose note

--------------------------------------

Website Service Disk

Command completed successfully.

B. View the list of user accounts on the computer net user

C. Viewing network links net use

For example, net use Z:192.168.10.8movie maps this IP's movie shared directory to a local Z-disk

D. Record link net session

For example:

C:>net session

Computer User name Customer type open idle time

-------------------------------------------------------------------------------

192.168.10.110 ROME Windows 2000 2195 0 00:03:12

192.168.10.51 ROME Windows 2000 2195 0 00:00:39

Command completed successfully.

10. Route tracking Commands

A.tracert pop.pcpop.com

B.pathping pop.pcpop.com, in addition to displaying routes, also provides 325S analysis to calculate the% of lost packets

11. Several commands for sharing security

A. View your machine's shared resources net share

B. Manually delete the share (you can make a bat file, start from run, the sharing is deleted!)

NET share C $/D

NET share d$/d

NET share ipc$/d

NET share admin$/d

Note that there are spaces after $.

C. Add a share:

C:net Share Mymovie=e:downloadsmovie/users:1

Mymovie shared success.

Limit the number of linked users to 1 people at the same time.

12. Set the static IP under DOS line

A. Setting up A static IP

Cmd

Netsh

Netsh>int

Interface>ip

Interface ip>set Add "local link" static IP address mask Gateway

B. View IP Settings

Interface Ip>show Address

Arp

Displays and modifies items in the Address Resolution Protocol (ARP) cache. The ARP cache contains one or more tables that are used to store IP addresses and their parsed Ethernet or token ring physical addresses. Each Ethernet or Token Ring network adapter that is installed on the computer has its own separate table. If used without parameters, the ARP command displays the help information.

Grammar

ARP [-A [INETADDR] [-N IfaceAddr]] [-G [InetAddr] [-N IfaceAddr]] [-D InetAddr [IfaceAddr]] [-S inetaddr etheraddr [ifacea DDR]]

Parameters

-A [inetaddr] [-N ifaceaddr]

Displays the current ARP cache table for all interfaces. To display the ARP cache entry for the specified IP address, use the arp-a with the InetAddr parameter, where the INETADDR represents the specified IP address. To display the ARP cache table for the specified interface, use the-n ifaceaddr parameter, where ifaceaddr represents the IP address assigned to the specified interface. The-n parameter is case-sensitive.

-G [InetAddr] [-N ifaceaddr]

Same as-a.

-D InetAddr [IfaceAddr]

Deletes the specified IP address entry, where the INETADDR represents the IP address. For the specified interface, to remove an item from the table, use the IFACEADDR

parameter, where the IFACEADDR represents the IP address assigned to the interface. To delete all items, use the asterisk (*) wildcard character instead of InetAddr.

-S InetAddr etheraddr [IfaceAddr]

Add static entries to the ARP cache that resolve IP address inetaddr to physical address etheraddr. To add a static ARP cache entry to a table of the specified interface, use the IFACEADDR parameter, where ifaceaddr represents the IP address assigned to the interface.

/?

Displays help at the command prompt.

Comments

The IP addresses of InetAddr and ifaceaddr are represented by decimal notation with dots.

The physical address etheraddr consists of six bytes, which are represented by hexadecimal notation and are separated by hyphens (for example, 00-aa-00-4f-2a-9c).

Items added through the-s parameter are static items that do not time out in the ARP cache. If the TCP/IP protocol is terminated and then started, the entries are deleted. To create a permanent static ARP cache entry, use the appropriate ARP command in the batch file and run the batch file at startup with the Scheduler program.

This command is available only if the Internet Protocol (TCP/IP) protocol is installed as a component of a network adapter property in a network connection.

Example

To display the ARP cache table for all interfaces, type:

Arp-a

For an interface with an assigned IP address of 10.0.0.99, to display its ARP cache table, you can type:

ARP-A-N 10.0.0.99

To add a static ARP cache entry that resolves IP address 10.0.0.80 to Physical address 00-aa-00-4f-2a-9c, you can type:

Arp-s 10.0.0.80 00-aa-00-4f-2a-9c

At

Plans to run commands and programs on the computer at a specified time and date. The AT command can only be used when the schedule service is running. If used without parameters, at lists the scheduled commands.

Grammar

at [ComputerName] [{[ID] [/delete]/delete [/yes]}]

at [[ComputerName] hours:minutes [/interactive] [{/every:date[,...]/next:date[,...]}] Command

Parameters

ComputerName

Specifies the remote computer. If this argument is omitted, the at schedule commands and programs on the local computer.

Id

Specifies the identification code assigned to the scheduled command.

/delete

Cancels the scheduled command. If the ID is omitted, all scheduled commands on the computer are canceled.

/yes

When you delete a scheduled event, answer Yes to all queries from the system.

Hours:minutes

Specifies the time at which the command runs. The time is expressed in 24-hour format (that is, from 00:00 [midnight] to 23:59) hours: minutes.

/interactive

Allows the command to interact with the user's desktop for the user who is logged on when the command is run.

/every:

The command command is run on the specified day of each week or month (for example, every Thursday, or the third day of the month).

Date

Specifies the date on which the command is run. You can specify a day or days of the week (that is, type M, T, W, Th, F, S, Su) or a day or days in one months (that is, type a number from 1 to 31). Separate multiple date items with commas. If date is omitted, the at uses the current day of the month.

/next:

Run command on the next specified date (for example, next Thursday).

Command

Specifies the Windows command, program (. exe or. com file) or batch program (. bat or. cmd file) to run. When the command requires a path as a parameter, use the absolute path, which is the entire path starting with the drive letter. If the command is on a remote computer, specify the Universal naming convention (UNC) symbol for the server and share name instead of the remote drive letter.

/?

Displays help at the command prompt.

Comments

Schtasks is a more powerful superset command-line scheduling tool that contains all the features in the AT command-line tool. For all command-line scheduled tasks, you can use schtasks instead of at. For more information about schtasks, see Related Topics.

Use at

When you use the AT command, you must be a member of the local Administrators group.

Load Cmd.exe

At does not automatically load Cmd.exe (command interpreter) until the command is run. If the executable file (. exe) is not running, the Cmd.exe must be specifically loaded at the beginning of the command using the method shown below:

cmd/c dir > C:test.out.

To view scheduled commands

When you use at with no command-line options, the scheduled task appears in a table that resembles the following format:

Status ID Day Time Command Line

OK 1 Each F leads net send group status due

OK 2 each M chkstor > Check.file

OK 3 each F 11:59 PM backup2.bat

Include identification number (ID)

When the order is raised

Netstat

Displays active TCP connections, the ports that the computer listens on, Ethernet statistics, IP routing tables, IPV4 statistics (for IP, ICMP, TCP, and UDP protocols), and IPV6 statistics (for IPV6, ICMPv6, TCP via IPV6, and IPV6 UDP protocol). When used without parameters, Netstat displays the active TCP connection.

Grammar

netstat [-a] [-e] [-n] [-O] [-P Protocol] [-R] [-S] [Interval]

Parameters

-A

Displays all active TCP connections and the TCP and UDP ports that the computer listens on.

-E

Displays Ethernet statistics, such as the number of bytes sent and received, and the number of packets. This parameter can be used in conjunction with-S.

-N

Displays the active TCP connection, however, the address and port number are only represented numerically, but no attempt is made to determine the name.

-O

Displays the active TCP connection and includes the process ID (PID) for each connection. You can find a PID-based application on the Processes tab in Windows Task Manager. This parameter can be used in combination with-a,-N, and-P.

-P Protocol

Displays the connection for the protocol specified by the Protocol. In this case, the Protocol can be TCP, UDP, Tcpv6, or Udpv6. If this parameter is used with-s to display statistics by protocol, the Protocol can be TCP, UDP, ICMP, IP, Tcpv6, Udpv6, ICMPv6, or IPv6.

-S

Displays statistics by protocol. By default, statistics are displayed for TCP, UDP, ICMP, and IP protocols. If you install the IPV6 protocol for Windows XP, statistics are displayed about the UDP, ICMPV6, and IPV6 protocols on IPV6 on TCP, IPv6. You can use the-p parameter to specify the protocol set.

-R

Displays the contents of the IP routing table. This parameter is equivalent to the route print command.

Interval

Displays the selected information again every Interval seconds. Press CTRL + C to stop displaying the statistics again. If this argument is omitted, Netstat will print only one time for the selected information.

/?

Displays help at the command prompt.

Comments

The parameters used with the command must be prefixed with a hyphen (-) instead of a short slash (/).

Netstat provides the following statistical information:

Proto

The name of the protocol (TCP or UDP).

Local Address

The IP address of the local computer and the port number being used. If you do not specify the-n parameter, the local computer name corresponding to the IP address and port name is displayed. If the port is not already established, the port is displayed as an asterisk (*).

Foreign Address

The IP address and port number of the remote computer that is connecting to the slot. If you do not specify the-n parameter, the name corresponding to the IP address and port is displayed. If the port is not already established, the port is displayed as an asterisk (*).

(state)

Indicates the status of the TCP connection. The possible statuses are as follows:

Close_wait

CLOSED

Established

Fin_wait_1

Fin_wait_2

Last_ack

LISTEN

Syn_received

Syn_send

Timed_wait

For information about the status of TCP connections, see RFC 793.

This command is available only if the Internet Protocol (TCP/IP) protocol is installed as a component of a network adapter property in a network connection.

Example

To display the statistics for the Ethernet statistics and all protocols, type the following command:

NETSTAT-E-S

To display only statistics for TCP and UDP protocols, type the following command:

Netstat-s-P TCP UDP

To display the active TCP connection and process ID every 5 seconds, type the following command:

Nbtstat-o 5

To display the active TCP connection and process ID numerically, type the following command:

Nbtstat-n? Co

Runas

Allows the user to run the specified tools and programs with other permissions, rather than the permissions provided by the user's current login.

Grammar

runas [{/profile/noprofile}] [/env] [/netonly] [/smartcard] [/showtrustlevels] [/trustlevel]/user:useraccountname Program

Parameters

/profile

Loads the user's configuration file. /profile is the default value.

/no Profile

/NOPROFILE specifies that the user's configuration file is not loaded. This allows the application to load faster, but it can also cause errors in some applications.

/env

Specifies the network environment that is currently being used, not the user's on-premises environment.

/netonly

Indicates that the specified user information is only used for remote access.

/smartcard

/smartcard Indicates whether the credentials are provided by a smart card.

/showtrustlevels

Lists the/trustlevel switch items.

/trustlevel

Specifies the authorization level at which the application runs. Use/showtrustlevels to view the available trust levels.

/user:useraccountname

Specifies the name of the user account under which the program is run. The format of the user account should be user@domain or domainuser.

Program

Specifies the program or command to run with the account specified in/user.

/?

Displays help at the command prompt.

Comments

An administrator can perform routine, non-administrative tasks with a restricted account, and only use a more privileged account when performing specific administrative tasks. Either log off and log back in to complete the task, you can sign in with a generic account, and then use the runas command to run a tool that requires greater permissions.

For examples of use of the RunAs command, see Related Topics.

Although RunAs is typically used by the Administrator account, it is not limited to Administrator accounts. Any user with multiple accounts can use alternate credentials to run a program, an MMC console, or a control Panel item using RunAs.

If you want to use the Administrator account on your computer, for/user:, type one of the following parameters:

/user:administratoraccountname@computername

/user:computernameadministratoraccountname

If you want to use this command as a domain administrator, type one of the following parameters:

/user:administratoraccountname@domainname

/useromainnameadministratoraccountname

The runas command allows you to run programs (*.exe), saved MMC consoles (*.msc), shortcuts to programs and saved MMC consoles, and Control Panel items. When you log on to the computer as a member of another group, such as the users or the Power Users group, you can run as an administrator.

You can use the RunAs command to start any program, MMC Controller, or Control Panel item. As long as the appropriate user account and password information is provided, the user account has the ability to log on to the computer, and the program, MMC console, control Panel items are available in the system and for that user's account.

The runas command allows you to manage servers for other domains (the computer that is running the tool and the server that you want to administer is in a different domain).

If you try to start a program, MMC console, or Control Panel item from a network location by using RunAs, it may fail because the credentials used to connect to the network share are different from the credentials used to start the program. The latter's credentials may not be able to access the same network share.

Some items, such as the Printers folder and desktop items, are opened indirectly by Windows 2000 and cannot be started with the runas command.

If the runas command fails, it is possible that the RunAs service is not running or the user account used is not valid. To check the status of the RunAs service, in Computer Management, click Services and Applications, and then click Services. To test a user account, try to log in to the appropriate domain using that account.

Example

To start the Windows 2000 command prompt instance as an administrator on the local computer, type:

Runas/user:localmachinenameadministrator cmd

When prompted, type the administrator password.

To start the Computer Management snap-in instance using a domain administrator account named Companydomaindomainadmin, type:

Runas/user:companydomaindomainadmin "mmc%windir%system32compmgmt.msc"

When prompted, type the account password.

To start the Notepad instance using the domain administrator account in the domain named domain.microsoft.com, type:

Runas/user:user@domain.microsoft.com "Notepad my_file.txt"

When prompted, type the account password.

To start a command prompt Lines window, a saved MMC console, a Control Panel item, or an instance of a program that manages another location server, type:

Runas/netonly/user:domainusername "Command"

Domainusername must be a user with sufficient rights to administer the server. When prompted, type the account password.

Route

Displays and modifies entries in the local IP routing table. Use a route without parameters to display help.

Grammar

Route [-F] [-P] [Command [Destination] [Mask Netmask] [Gateway] [metric metric]] [if Interface]]

Parameters

-F

Clears all routes that are not primary (the netmask is 255.255.255.255), loopback network route (destination 127.0.0.0, netmask is 255.255.255.0), or multicast routing (destination 224.0.0.0, netmask is 240.0.0.0 The route table for the entry. If it is used in conjunction with one of the commands (for example, add, change, or delete), the table is cleared before the command is run.

-P

When used in conjunction with the Add command, specifies that the route is added to the registry and initializes the IP routing table when the TCP/IP protocol is started. By default, the added route is not saved when the TCP/IP protocol is started. When used with the Print command, a list of persistent routes is displayed. This parameter is ignored by all other commands. The location where the permanent route is stored in the registry is hkey_local_machinesystemcurrentcontrolsetservicestcpipparameterspersistentroutes.

Command

Specifies the command to run. The following table lists the valid commands. Command purpose

Add route

Change existing routes

Delete Remove route

Print route

Destination

Specifies the network destination address of the route. The destination address can be an IP network address (where the host address bit of the network address is set to 0), the IP address for the host route, and 0.0.0.0 for the default route.

MASK Specifies the network mask value for the next parameter.

NETMASK Specifies the subnet mask value for this route entry.

If not specified, the default setting is 255.255.255.255.

Gateway to specify gateways.

interface specifies the interface number of the route.

METRIC Specifies the number of hops, such as the cost of the target.

All symbol names used for the target can be in the network database

Find in File NETWORKS. The symbol name used for the gateway can be in the host name

Locate the database file in the HOSTS.

If the command is PRINT or DELETE. The target or gateway can be a wildcard character,

(The wildcard character is specified as an asterisk "*"), otherwise the gateway parameter may be ignored.

If the Dest contains a * or?, it will be treated as Shell mode, and only

Print matches the destination route. "*" matches any string,

and "?" matches any one character. Examples: 157.*.1, 157.*, 127.*, *224*.

Pattern matching is only allowed in the PRINT command.

Diagnostic Information Note:

An invalid MASK produces an error, that is, when (DEST & MASK)! = DEST.

Example: > Route ADD 157.0.0.0 MASK 155.0.0.0 157.55.80.1 IF 1

Route add failed: The specified mask parameter is invalid.

(Destination & Mask)! = Destination.

Example:

> Route PRINT

> Route PRINT-4

> Route PRINT-6

> Route PRINT 157* .... Only those items that match 157* are printed

> Route ADD 157.0.0.0 MASK 255.0.0.0 157.55.80.1 METRIC 3 IF 2

destination^ ^mask ^gateway metric^ ^

interface^

If not given if, it will try to find the best for a given gateway

Interface.

> Route ADD 3ffe::/32 3ffe::1

> Route change 157.0.0.0 MASK 255.0.0.0 157.55.80.5 METRIC 2 IF 2

Change is used only to modify the gateway and/or metric.

> Route DELETE 157.0.0.0

> Route DELETE 3FFE::/32