One, Ping
It is used to check whether the network is unobstructed or http://www.aliyun.com/zixun/aggregation/18415.html "> Network connection Speed command." As an administrator or hacker living on the web, the ping command is the first DOS command that must be mastered, which uses the principle that the machine on the network has a unique IP address, we send a packet to the destination IP address, and the other side returns a packet of the same size, According to the returned packets we can determine the target host's existence, can initially judge the target host's operating system and so on. Let's take a look at some of its common operations. First look at the Help bar, in the DOS window type: ping/? Enter,. The Help screen shown. Here, we can only master some basic and useful parameters (hereinafter).
-T indicates that packets will be sent to the destination IP until we force it to stop. Just imagine, if you use 100M broadband access, and the target IP is 56K kitten, then it will not be long, the target IP because can not bear so much data and drop the line, oh, an attack on such a simple realization.
-L defines the size of the packet to be sent, which defaults to 32 bytes, which we can use to define to a maximum of 65500 bytes. Combined with the-t parameter described above, there will be better results.
-N defines the number of packets sent to the destination IP, which defaults to 3 times. If the network speed is slow, 3 times for us also wasted a lot of time, because now our goal is only to determine whether the target IP exists, then define it as once.
Note that if the-t parameter and the-n parameter are used together, the ping command is based on the following parameters, such as "Ping Ip-t-N 3", although the-t parameter is used, but Ping is not always ping, but only 3 times. In addition, the ping command does not have to ping IP, you can ping the host domain name directly, so you can get the host IP.
Let's give an example to illustrate the specific usage.
Here time=2 means that the time taken from the packet to the returned packet is 2 seconds, from which the speed of the network connection can be judged. The return value from the TTL can initially be used to determine the operating system of the ping host, and the reason for the "preliminary judgment" is that the value can be modified. Here ttl=32 indicates that the operating system may be win98.
(Small knowledge: if ttl=128, the target host may be Win2000; if ttl=250, the target host may be Unix)
As for the use of ping command can quickly find LAN fault, you can quickly search the fastest QQ server, you can ping people to attack ... This depends on everyone to play.
Second, nbtstat
This command uses the NetBIOS Display protocol statistics on TCP/IP and the current TCP/IP connection, which allows you to obtain NetBIOS information for remote hosts, such as user name, workgroup to which they belong, MAC address of the network card, and so on. Here we need to know a few basic parameters.
-A Use this parameter, as long as you know the remote host machine name, you can get its NetBIOS information (hereinafter).
-A This parameter can also get NetBIOS information for a remote host, but requires you to know its IP.
-N lists NetBIOS information for the local machine.
When the other side of the IP or machine name, you can use the nbtstat command to further get the information of the other side, which adds to our invasion of the no-fault.
Three, Netstat
This is a command to view the status of the network, easy to operate powerful.
-A View all open ports of the local machine, you can effectively detect and prevent trojans, you can know the service of the machine and other information, such as Figure 4.