Re: Confused newbie
From: WooWoo (kenchomeNOSPAM@sbcglobal.net)
Date: 02/14/03
- Next message: To[r+]onado: "Re: Confused newbie"
- Previous message: Howie: "Re: Strong Passwords Revisited"
- In reply to: blu: "Confused newbie"
- Next in thread: Mimic: "Re: Confused newbie"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: "WooWoo" <kenchomeNOSPAM@sbcglobal.net> Date: Fri, 14 Feb 2003 15:37:04 GMT
> How do I determine which ports should be open and which are unnecessary?
Use these Tools: arp - Used to view the arp cache.
ipconfig - Displays the configuration settings for the host.
nbtstat - Used to troubleshoot NetBIOS name resolution problems.
netstat - Current connections, routing tables, interface statistics,
netlink messages, multicast mamberships, and masquerade connections are
displayed,
nslookup - Name server lookup for DNS.
ping - Used to verify that another host may be reached with an ICMP
packet.
route - View or modify the local route table.
snmp - Remote management of network devices.
tracert - Traceroute traces a route through routers from one IP address
to another.
Event Log
Performance Monitor
Registry Editor
ARP
Options:
ARP -a or ARP -g - Display all entries in the ARP cache
ARP -s - Add static entry to the ARP cache table. Syntax: "arp -s (ip
address) (mac address)"
ARP -d ipaddress - Delete an entry.
IPCONFIG
IP configuration determination is determined with the following programs on
the listed operating systems. It reports IP address, subnet mask, default
gateway
Ifconfig for Linux/Unix
Ipconfig for NT
Winipcfg for Windows 95/98
IPConfig options:
/all - Shows much configuration information from local hostname, IP
address, subnet mask to DHCP server and WINS server address and lease dates.
It will display an IP address of 0.0.0.0 and DHCP address of 255.255.255.255
if the DHCP attempt was unsuccessful. Items displayed: Host name
Net mask
NetBIOS node type - B, P, M, or H node.
NetBIOS Scope ID assignment
DNS server addresses
"NetBIOS resolution via DNS Enabled Status"
WINS servers IP addresses
"IP Routing enabled status"
"WINS Proxy's Enabled Status"
"DHCP's Enabled Status"
Network card description
Netword card MAC address.
/renew - Renews the DHCP lease
/release - Releases the DHCP lease and the IP address is available for
other clients.
NETSTAT
Syntax:
NETSTAT [-a] [-e] [-n] [-s] [-p proto] [-r] [interval]
Options:
-a - (All) Show all connections and listening ports.
-e - (Ethernet) Show ethernet statistics. Combined with the -s option
it will show protocol statistics..
-n (Numerical) Show addresses and port numbers in numerical form.
-p protoname - Shows connections for the specified protocol. The
possible protocol includes TCP and UDP. The -s option used with this option
will show statistics for each protocol.
-r - (Route) Show the routing table.
-s - (Statistics) Show protocol statistics. The default, statistics are
TCP, UDP and IP. Used with the -p option, a subset of the default is
displayed.
interval - The amount of time (interval) in seconds to pause between
each display of statistics. CTRL C is used to stop redisplaying statistics.
If the interval is not included the current configuration information is
displayed once.
NSLOOKUP
Uses interactive or noninteractive (command line) modes. If noninteractive
mode is used, nslookup is just invoked with its name on the command line and
no computer name to lookup is specified. Syntax:
nslookup [-options] computername [-DNSserver]
ROUTE
Usage:
route add [network address] mask value [gateway address] EX: route add
192.168.1.0 mask 255.255.255.0 192.168.2.1
route -p add [network address] mask value [gateway address] - A
permanent route is added.
route change [network address] [gateway address]
route delete [network address] [gateway address]
route print [network address] [gateway address]
route -s [gateway address] = Add a route to a smart gateway
route -f = Clear all routes (flush).
The -p option is used to make the route permanent and it is stored in the
system registry. NT comes with RIP dynamic capability.
TRACERT
Tracert allows path determination from one computer to another. It will list
the IP addresses of the machines the data must pass through. Example usage:
tracert IPaddress
The IP address is the address of a remote computer you want to find the path
to.
Network Monitor
Can capture data based on source and destination MAC, or IP address along
with other filtering capability.
ICMP helps determine when packets are not delivered correctly. IGP (Interior
Gateway Protocol) includes RIP and OSPF protocols.
NBTSTAT
Used to manage the NetBIOS cache. Syntax:
NBTSTAT [-a RemoteName] [-A IP address] [-c] [-n] [-r] [-R] [-s] [S]
[interval] ]
Options:
NBTSTAT command Result
nbtstat -a machinename View the remote computer NetBIOS name table
specified by name of machine
nbtstat -A IPaddress View the remote computer NetBIOS name table
specified by IP address
nbtstat -c View the remote machine NetBIOS name cache including the IP
addresses
nbtstat -n View local NetBIOS computer names
nbtstat -r View NetBIOS names resolved using broadcast or WINS.
nbtstat -R Purge then reload NetBIOS cache from lmhosts file
nbtstat -s View the sessions table with the destination IP address.
nbtstat -S View the sessions table by converting the destination
address to host names using the hosts file.
The computer NetBIOS name is stored in the system registry at:
\CurrentControlSet\Control\ComputerName
> How do I close ports in windows xp?
Turn off services that provide those ports. see the following for a
reference.
http://www.iana.org/assignments/port-numbers
> Can I configure zone alarm/blackice to stop connections or close these
> open ports?
Absolutely. But unless this machine is a dual homed host doing your routing
then the linksys router will still serve up any port that any other box
wants....Unless you have programmed the router to reject them by IP or Port.
>
> I thank everyone for any and all tips and hints to solutions
> to these issues.
begin 666 aedgbul1.gif
M1TE&.#EA#P`/`+,``#-F9F:9F9G,S !F,S.99F;,F0"9,S-F,V:99IG,F<#
MP,S,S)F9F0```````````"'Y! $```H`+ `````/``\```0?4,E)J[TX:S7Z
8YM[6#=]8AM=H8BIJM>0$M]2LUK;[10`[
`
end
begin 666 aedgbul2.gif
M1TE&.#EA#P`/`+,``,S,9LS,F<R9,__,9LR99O_,F<R9F<# P,S,S ``````
M`````````````````````"'Y! $```<`+ `````/``\```0=\,A)J[TXZUV%
6YYX`?ENHA22&BMUJMBY+Q2EG3Q$`.P``
`
end
- Next message: To[r+]onado: "Re: Confused newbie"
- Previous message: Howie: "Re: Strong Passwords Revisited"
- In reply to: blu: "Confused newbie"
- Next in thread: Mimic: "Re: Confused newbie"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
