As part of the 2 day November TCP-IP course presented by Rob Bradshaw of Daresbury laboratory, have been given the job of finding equivalent PC and UNIX commands forexamining the network. (results follow).
Be wary that un-restrained used of the following tools might be considered as attempted probing/hacking/"Denial of Service" attempts on remote networks.
Description | PC-DOS/Windows | UNIX |
Overall Summary |
Many User-Friendly Windows Utilities are available that can do powerful
network analysis via GUI interfaces and be going in a few minutes. To find these
tools, check out the relevant shareware/freeware archives under Networking/Internet tools.
|
Getting the corresponding UNIX tools going can take a few hours to a few days. |
Netstat Test for connected ports and status |
In DOS Window - type netstat GUI Net_Stat for Windows 95 - http://www.jjsoftware.com/ GUI NetScanTools for Windows 95 - http://www.nwpsw.com/nstmain.html Port Flash - http://www.webroot.com/pflash.htm |
/usr/etc/netstat -n | grep ESTABLISHED (look for Denial of Service type attacks)
/usr/etc/netstat -n -p tcp Look at the help file for a full list of tcpdump functionality. |
Traceroute Find route to a computer |
In DOS Window - type tracert www.ccp14.ac.uk GUI NetScanTools for Windows 95 - http://www.nwpsw.com/nstmain.html GUI Visualroute for Windows 95 (displays results on a world map) - http://www.visualroute.com/ |
/usr/etc/traceroute www.ccp14.ac.uk |
Ping Test if computer is alive |
In DOS Window - type ping www.ccp14.ac.uk GUI NetScanTools for Windows 95 - http://www.nwpsw.com/nstmain.html |
/usr/etc/ping www.ccp14.ac.uk |
nslookup Resolve IP address to name and visa-versa |
Does not exist as command but available as part of freeware/shareware windows utilities. GUI NetScanTools for Windows 95 - http://www.nwpsw.com/nstmain.html |
/usr/sbin/nslookup 193.62.124.194 |
tcpdump Look at invidual packets |
From comp.security.misc newsgroup - "NT has a built-in sniffer called Network Monitor"(?) |
Available for compiling from ftp://ftp.ee.lbl.gov/ When combined with AWK scripts and programs like xgraph and tcpshow (can look at everything including data in a nice format); tdumpweb.pl (corellates TCPdump IP addresses with web server filenames); can so some nifty stuff for interogating what is happening on your network.
/usr/local/sbin/tcpdump -s 1500 -lenx | /usr/local/bin/tcpshow -cooked > doobry.txt |
Speed of Network | Anyspeed - http://www.pysoft.com/anyspeed_fr.html | ??? |
IP Subnet Calculator | IP Subnet Calculator - http://www.net3group.com/download.html-ssi | ??? |