Basic Network Commands WGU C172
TELNET/SSH
allow a user to manage accounts and devices remotely. The main difference between the two is that *** is encrypted, and thus all data is secure from eavesdropping, while *** is unencrypted.
Traceroute/tracert
are used to trace the route an IP packet takes to a destination. It displays each hop (next router) in a numerical list with the hop's IP address and the time it takes to receive the packet.
ROUTE
can be used to display the current tables on a host. It can also be used to add or remove routes. This is used by the local host to determine where to send traffic.
SCP (SECURE COPY CONTROL)
command is used to securely copy files between servers, leveraging SSH (secure shell) for authentication and encryption.
FTP (FILE TRANSFER PROTOCOL)
copies the file from one host to another host. The data is unencrypted. If encryption is needed, this uses SSL/TLS (Secure Sockets Layer, replaced by Transport Layer Security; the same encryption used in https). Transfer uses TCP
TCPDUMP
displays TCP/IP packets and other network packets that are being transmitted over the network system. It is a form of protocol analyzer (sometimes called a sniffer) and is designed to show the contents of network packets in human-readable form for troubleshooting, security analysis, etc.
FINGER
displays information about a user or users on a remote system, including things such as last log-in time and username. It is primarily used in Linux.
NETSTAT (NETWORK STATISTICS)
displays information about active ports and their state and can be useful in troubleshooting and capacity management
NSLOOKUP
displays information for displaying DNS information and troubleshooting DNS problems. It is useful in displaying names to IP address mappings.
ARP (ADDRESS RESOLUTION PROTOCOL)
displays the IP to physical (MAC) address mappings for hosts that have been discovered in the cache. Can be used to add, remove, or modify entries.
DIG (DOMAIN INFO GROPER)
is a command used to query the DNS name servers. It is helpful in troubleshooting DNS problems. It is also used for lookups and will display answers from the query.
WHOIS
is a tool most often used to look up who owns a domain or block of IP addresses on the internet, including name, email address, and physical address.
PING
is one of the most basic tools for testing connectivity to other hosts. It sends an internet control message protocol (ICMP) echo request to a host and listens for the reply
TRACEPATH
is similar to traceroute or tracert in that it displays the path taken by a packet from its source to its destination. It is useful because it can be used by any user instead of needing superuser privileges. It is primarily used in Linux.
IFCONFIG
is used to configure the kernel network interfaces. It is implemented at the time of booting to configure the necessary interfaces. Once the interfaces are configured, it is used for debugging or tuning the system. It is primarily used in Linux.
IPCONFIG (Internet Protocol Configuration)
provides the user with the IP, subnet mask, and default gateway for each network adapter by default with the /all option information, such as MAC address, DHCP status, and lease information. The command ***/release can be used to release all connections and renew all adapters. It is primarily used in Windows.
NMAP (NETWORK MAPPER)
scans networks to see what it can find in terms of hosts and open ports (including well-known ones for many applications). It is commonly used to determine what is deployed on a network for vulnerability analysis, security scans, and related activities.
TFTP
transfers a file from either a client to a server or from a server to a client using UDP (user datagram protocol