As a network management, it will definitely encounter a variety of network faults, but a huge network, nodes are sometimes distributed around, all over, even a few or several different places, if there is no online test tool. Difficulties can be imagined. Of course, there must be special test tools, usually hardware, the price is quite expensive, a small and medium business or family is generally unlikely to spend so huge sums of money, in order to solve these network failures. In fact, in my operating system, some very useful software network test tools, if you can use it, and master certain test skills, you can fully meet the general needs, some or even hacked as a hacker tool ! Although these tools cannot be secured for professional hacker tools, there are many hacker tool software to be prepared based on these built-in network test software. Let's take a brief introduction on these tools, I hope to have some help for friends who have not mastered these tools! First, Ping believes that people who have played the network will understand or earnes the "ping" command. The ping command is a test tool for the TCP / IP protocol integrated in Windows9x / NT. The ping command is used to see if the host is working in the network, which is the purpose of testing the ICMP ECHO_REQUEST package to the host. . Generally, the local or wide area network to apply TCP / IP protocols, whether you are only a few computers, office LAN, or campus network, enterprise network or even Internet international internet network, when the client and client are not normal When visiting or online work, there are various instability, it is recommended that you must first try this command to test whether the network's communication is normal, most of the time can work. 1. The syntax format of the ping command looks like a small tool, but it has many parameters. It is really not easy to fully understand its usage. It is more difficult to get skilled, but no matter what we are I have to take a look at its true face, first we still start from the most basic command format! The full format of the ping command is as follows: ping [-t] [-a] [-n count] [-l length] [-f] [-i ttl] [-V TOS] [-r count] [-s count] [[-j-host list] | [-k host-list]] [-w timeout] Destination-list From this command, it can see its complexity, and the ping command itself is its execution parameters, now Let's explain it in detail! -T-- When you have this parameter, when you ping a host, the system keeps running this command until you press Control-C. -A - Analysis of the host's NetBIOS hostname, if you want to know that your Ping's computer name is added to add this parameter, it is generally displayed in the first line after using the PING command. -N count - Defines the number of items used to test the test packets sent, the default is 4. Through this command, you can define the number of senders, which is very helpful to measure the network speed. For example, how much time I want to test the return of 20 packets, how much is the fastest time, how much is the slowest time can pass Perform a command with this parameter is known. -l length - Define the size of the packet of the transmit buffer, in the default, the packet size of Windows Ping is 32Byt, or you can define it yourself, but there is a limit, that is, the maximum can only send 6500BYT, more than At this number, the other party is likely to craf in the case due to the receipt of the data package, so Microsoft has limited ping's packet size to solve this security vulnerability.
-f - Send a "Do not segment" flag in the packet, and the packets you send will be sent to the other party via routing segmentation, plus the route will not reside again. -I TTL - Specifies the time to stay in the other party's system, this parameter is also helping you check the network operation. -V TOS - Set the Service Type field to the value specified by "TOS". -R count - Record the route of the outgoing and returning packets in the Record Routing field. Under normal circumstances, the packet you sent is to reach the other party through a route, but what is the route? This parameter can set the number of routes you want to detect, but limit 9, that is, you can only track 9 routes. -S count - Specifies the timestamp of the number of hops specified by "count", this parameter and -r are similar, but this parameter does not record the route passed through the packet, and only 4 is recorded. -J Host-List - Route packets using the computer list specified by "Computer-List". A continuous computer can be separated by an intermediate gateway to a maximum number of 9. -K host-list - Route packets using the computer list specified by "Computer-List". Continuous computers cannot be separated by the intermediate gateway to separated the maximum number of 9. -W Timeout - Specifies a timeshooting, unit is millisecond. Destination-List - refers to the host name or IP address to be tested
2. Ping command (1), Test Network Waze We know that you can use the ping command to test whether the network is smooth, this is often used in the local area maintenance, the method is simple, just need to start under the DOS or Windows start menu "Run" child uses the ping command to add the IP address or host name of the target computer to be tested (the target computer should be connected to the same network with the computer you run in the PING command or other lines or other dedicated lines. A network), other parameters can be complete. If you want to test the station IP address of 196.168.1.21, if you have successful network, you can run on the server: ping-a 196. '68.123.56, if the TCP / IP protocol is working properly on the workstation, the information as shown below is displayed in the DOS screen mode: pinging cindy [196.168.1.21] with 32 bytes of data: reply From 196.168.1.21:bytes=32time<10ms TTL = 254 reply from licom L96.168.1.21: Bytes = 32TIME <10ms TTL = 254 reply from licom L96.168.1.21: Bytes = 32TIME <10MS TTL = 254 reply from 196.168.1.21:bytes=32time<10ms TTL = 254 ping statistics for L96.168.1.21 Packets: Sent = 4, Reccivcd = 4, Lost = 0 (0% LOS), Approximate Round Trip Times In Milli-Seconds: Minimum = OMS, Maximum = 0ms, Average = 0ms From above we can see that the target computer server is successful, the TCP / IP protocol works normally, because the parameters of "a A" So you can also know the NetBIOS named Cindy of the IP 196.168.1.21.
If the network is not successful, the following error message is displayed: pinging [196.168.1.21] with 32 bvtes of data request timed OUT. Reouest timed out. Request timed out. Reouest timed out. Ping statondice for l96.168.1.21: Packets: Sent = 4, Received = 0, LOST = 4 (100% loss), Approximate Round Trip Times in Milli-Seconds minimum = 0ms, Maximum = 0ms, Average = 0ms Why Regardless of whether the network connects to repeat four times in the prompt information (such as "reply from196.168.1.21 bytes = 32 TIME <10M TTL = 254" and "Requcest Timed Out"), that is because General System By default, each ping test is sent to send four packets, which tells the sending situation of the four packets sent. When there is a case where the above error prompt appears, you should carefully analyze the causes of network failures and the online nodes that may have problems. Generally don't anxiously check the physical line, start from the following aspects: First, see - Under the test computer installed TCP / IP protocol; Second, check if the NIC installation is correct and whether it has been connected; three is to look at whether the TCP / IP protocol of the test computer is effectively binded to NIC ( The specific method is to view "Start-Set-Control Panel - Network"; four is to check if the web service function of the Windows NT server has started (can be selected "start - setting - Control Panel - - Services, find "Server" in the dialog that appears, see if "Status" is "started"). If the inspection through the above four steps has not yet the problem of the problem, then the physical connection is checked, and we can use the view of the target computer to see the hub or switch port of the target computer to determine the connection between the target computer. .
(2) Getting the IP address of the computer uses ping this tool. We can get the IP address of the other computer, especially in the LAN, we often use NT or Win2K DHCP dynamic IP address services to automatically assign dynamic IP addresses for each station. At this time, of course, we must know the NetBIOS name of the computer to be tested, that is, "computer name" we usually see in "Network Neighbors". When using the ping command, we only use the ping command to add the target computer name. If the network connection is normal, the dynamic IP address of the PING will be displayed. In fact, we can use it in the Internet to get the dynamic IP address of the other party. This is more useful for hackers. Of course, the first thing is that you must know the other's computer name. (3) The above application skills is the application of the ping command in the local area network. In fact, the ping command is not only widely used in the LAN, but also uses it in the Internet Internet to detect remote connectivity of the network. Usually, when we encounter two cases, it is necessary to use the PING tool to test the connection between the network. For example, when a website is unacceptable, you can use the ping command to detect. In addition, we can test the connectivity of the network before sending E-mail. Many Internet users often receive information such as "Retund Mail: User Unknown" after sending E-mail, indicating that your email is not sent to the destination. In order to avoid such events again, it is recommended that everyone develops the habit of ping each other mail server addresses before sending E-MAIL. For example, when you send a message to the 163 website mail, type "ping l63.com" (in fact, 163.com is one of the server names of NetEase), if returns to "Bad IP Ad Dress L63. Information, or "Request Times Out" or "UNKNOW HOST L63.com", indicating that the host of the other mail server is not open or the network is not connected. At this time, even if the email is sent, the other party cannot be received.
Second, IPConfig / WinIPCFG and PING life have differentiated, using the IPConfig and WiniPCFG tools to view and modify the configuration of the TCP / IP protocol in the network, such as IP address, gateway, subnet mask, etc. These two tools can be used in Windows 95/98, which is basically the same, just IPConfig is displayed in DOS characters, and Winipcfg is displayed with graphical interfaces, that is, the two tools are a tool, but one is The version under DOS, the other is the version under Windwos, but pays attention to the IPConfig tool in the DOS mode in Windows NT. 1. Ipconfig command syntax format ipconfig [/ all] [/ batch file] [/ rent] [/ rent] [/ rent n] [/ release n] all --- Display all detail information related to TCP / IP protocol This includes the host name, IP address, subnet mask, node type, whether IP routing, physical address, default gateway, etc. are enabled. BATCH FILE One will store the results of the test into the specified "File" file name for item by item, if the File file name is omitted, the system saves the results of this test in the "Winipcfg.out" file of the system. Renew All - Updates the communication configuration of all adapters, and all tests restart. Release ALL One Releases the communication configuration of all adapters, Renew N is updated the communication configuration of the Nth adapter, all tests restart. Release N releases the communication configuration of the Nth adapter, 2. The function of the winiPcfg command WiniPCFG tool is basically the same as IPConfig, just WiniPCFG is displayed in a graphical interface. It is more convenient to operate, and it can be displayed in a 32-bit graphical interface of Windows. When the user needs to see the configuration of the TCP / IP protocol on any machine, simply select "Start a run" on Windows 95/98, enter the command "Winipcfg" in the dialog that appears, and the test results will appear. Click the Details button, you can view and change the relevant configuration paradigm of TCP / IP in the subsequent dialog box. When you install multiple network cards on a machine, you can find the physical address of each network card and The binding situation of the agreement is particularly useful to us some at some time. If you want to get more information, click the Details button in the figure, you can see the more comprehensive information in the dialog box. 3, IPCONFIG / WINIPCFG's app I told some of these two sisters TCP / IP test tools. I will talk about some of them. (1) Find the IP address of the target host and other information about the TCP / IP protocol, the method is as follows: Press the [Start] menu to execute the [Run] menu item, enter WiniPCFG, there will be an IP configuration window, here will display About some detailed settings of your current network IP. Alternatively, you can also enter ipconfig in MS-DOS mode, or the same can display detailed IP information, but this picture is under DOS.
(2) IPCONFIG / WINIPCFG should be a network reconnaissance tool, especially when setting DHCP (Dynamic IP Address Configuration Protocol) in the user's network, allowing users to easily understand the IPConfig used The actual configuration of the IP address of the / WiniPCFG machine. Because it has an "/ all" parameter, it can detect the IP address allocation of all the networks on this machine, which is more detailed than the ping command. If we run "ipconfig / all / batch winda.txt" on the computer room WINDA client, open Winda. The TXT file will display the content shown below, which shows all the configurations related to the TCP / IP protocol very detailed. Of course, there is also its shortcomings compared to ping that it can only be tested on this machine and cannot use network functions.
Third, NetSat is similar to several network detection software, and the netstat command is also a tool that can run the DOS prompt of Windows 95/98 / NT. Using this tool to display statistics and current TCP / IP network connections, NetStat commands. User or network managers can get very detailed statistics. When there is no special network management software installed in the network, it is a matter of detailing the use of the entire network, it is when NetStat shows the performance. It can be used to get information for your system network connection (port used by using and protocols used), received and issued data, ports of connected remote systems, and the like. 1, the syntax format of the netstat command NBTSTAT format: NetStat [1 A] [1 E] [1 N] [1 S] [One P protoc01] [1 R] [Interval] parameter explanation as follows: -A One is used to display The external connection on the local machine, which also shows the system we remotely connected, local and remote system connections, and the state of the local and remote system connections. This parameter is usually used to get the port of your local system, you can check your system on your system, if you run NetStat on your machine, such as port12345 (tcp) Netbus, Port 31337 (UDP) Information such as Back Orific, it is likely to infect Trojans on your machine. -N one-this parameter is basically the digital form of the -A parameter, which is used in the form of numbers to display the above information, which is usually used to check their IP, and some people use him because it is more likely to use numbers. . -E Display Static Net Statistics, this parameter can be used in conjunction with the -s option. -P protocol For a specific protocol configuration information, its format is: NetStat-P xxx, XXX can be UDP, IP, ICMP, or TCP, if we want to display TCP protocol configuration on the machine, we can use: NetStat -P TCP. -S- Display Machine Default Configuration Statistics of each protocol, default, including TCP, IP, UDP, ICMP, etc. protocols. One R One is used to display the route allocation table. Interval once again "interval" repeats the configuration of the selected protocol until it is interrupted by "CTRL Ten C". 2. NetStat Applications From the above parameters. We can see that the NetStat tool has at least the following application: (1), display local or connected remote machine connection status, including TCP, IP, UDP, ICMP The use of the protocol, understands the port of this area; (2), check if the network interface has been installed correctly, if you still have some network interface information after using NetStat, then this network interface does not connect properly. Need to re-find the reason. (3), by joining the "-r" parameter query with the router address allocation of the unit; (4), you can also check a hacker program such as common Trojans, because any hacker programs need to be achieved by opening a port. The purpose of the server for communication, but this first must make your machine into the Internet, otherwise these ports cannot be opened, and these hackers will not play the original purpose of invasion.
Fourth, NBTSTAT NBTSTAT command: Used to see the current NRTBIOS-based TCP / IP connection status, you can get the group name and machine name of the remote or local machine through this tool. Although users use IPConfig / WiniPCFG tools to accurately get the host's NIC address, for a large-scale LAN, it is too much to go to each machine. The network management personnel use the DOS command NBTSTAT on the machine on the Internet, you can get the NBTSTA address of the Internet. Our Liao is first to see its grammar format: NBT STA T [[1 Remotename] [1 A IP Address [1 C] [1 N] [1 R] [1 R] [One RR] [One S [ One S] [Interval]] Parameter Description: One A Remotename Annotation Use the name of the remote computer to list its name table, this parameter can view his current state via the NetBIOS name of the remote computer. -A IP address- Description Use the IP address of the remote computer to be named; -C A cache that lists the NetBIOS name of the remote computer and the IP address of each name is used to list the cache in your NetBIOS. IP you connect to the computer. A NetBIOS name listing the local machine This parameter is similar to the "NCTSTAT" in the tool software "NctStat" described above. This is to check the local, if IP behind NetStat -n is changed to your own, it is the same as the NBTSTAT effect. One R A list of the name resolution statistics listing the Windows network name resolution. On the Windows 2000 computer configured to use WINS, this option returns the number of names to resolve and register by broadcast or WINS. After clerling all the names in the NetBIOS Name Cache, reload the LMHOSTS file, this parameter is to clear the IP in the cache that NBTSTAT-C can see. -S An IP address of the remote computer is displayed in the client and server session table. -S A display client and server session and converts the remote computer IP address to the NetBIOS name. This parameter and s are almost, but this will give the other party's NetBIOS name to the resolution. A RR is released on the NetBIOS name registered on the WINS server and then refreshes their registration. Interval One Re-displays the selected statistics every interval second until the "CTRL Ten C" button stops the statistics. If this parameter is omitted, NBTSTAT will print a current configuration information. Like NetStat, this parameter is used, the "interval" parameter in NBTSTAT is used with one S and -S. Ok, about NBTSTAT's application, I don't talk about it. I believe that some of its parameters are also understood, just pay special attention to some parameters in this tool are large, lower-written, and use Special pay more attention! In addition, there are many tools in the system. If the ARP command is used to display and modify the address conversion table for the Internet to Ethernet; the function of the nslookup command is to query the IP address of a machine and its corresponding Domain name, it usually requires a domain server to provide domain name services. If the user has set a domain name server, you can use this command to see the domain name corresponding to the IP address of the different hosts ... There is not much to talk about it, The point of explanation is that the corresponding command parameter settings in different systems may have different, but the general function is consistent, I hope that everyone will pay a little attention when applying. These tool software parameters listed in this article are all for Win9XWINME, and there are some differences in NT and UNIX and Linux systems. (山)) (Home-> IT Club -> 4 network test tools built into system)
