- Introduction
- The Basics of a Network
- Basic Network Utilities
- The OSI Model
- What Does This Mean for Security?
- Assessing Likely Threats to the Network
- Classifications of Threats
- Likely Attacks
- Threat Assessment
- Understanding Security Terminology
- Choosing a Network Security Approach
- Network Security and the Law
- Using Security Resources
- Summary
This chapter is from the book
This chapter is from the book
This chapter is from the book
Basic Network Utilities
Now that you know what IP addresses and URLs are, you need to be familiar with some basic network utilities. You can execute some network utilities from a command prompt (Windows) or from a shell (Unix/Linux). Many readers are already familiar with Windows, so the text’s discussion will focus on how to execute the commands and discuss them from the Windows command-prompt perspective. However, it must be stressed that these utilities are available in all operating systems. This section covers the essential or common utilities.
ipconfig
The first thing you want to do is get information about your own system. To accomplish this fact-finding mission, you must get a command prompt. In Windows, you do this by going to the Start menu, selecting All Programs, and then choosing Accessories. You can also go to Start, Run, and type cmd to get a command prompt. In Windows 10 you go to Search and type cmd. Now you can type in ipconfig. (You could input the same command in Unix or Linux by typing in ifconfig from the shell.) After typing in ipconfig (ifconfig in Linux), you should see something much like Figure 1-1.
)
FIGURE 1-1 ipconfig
This command gives you some information about your connection to a network (or to the Internet). Most importantly you find out your own IP address. The command also has the IP address for your default gateway, which is your connection to the outside world. Running the ipconfig command is a first step in determining your system’s network configuration. Most commands this text mentions, including ipconfig, have a number of parameters, or flags, that can be passed to the commands to make the computer behave in a certain way. You can find out what these commands are by typing in the command, followed by a space, and then typing in hyphen question mark: -?.
As you can see, you might use a number of options to find out different details about your computer’s configuration. The most commonly used method would probably be ipconfig/all, shown in Figure 1-2.
)
FIGURE 1-2 ipconfig/all
You can see that this option gives you much more information. For example, ipconfig/all gives the name of your computer, when your computer obtained its IP address, and more.
ping
Another commonly used command is ping. ping is used to send a test packet, or echo packet, to a machine to find out whether the machine is reachable and how long the packet takes to reach the machine. This useful diagnostic tool can be employed in elementary hacking techniques. Figure 1-3 shows the command.
)
FIGURE 1-3 ping
This figure tells you that a 32-byte echo packet was sent to the destination and returned. The ttl means “time to live.” That time unit is how many intermediary steps, or hops, the packet should take to the destination before giving up. Remember that the Internet is a vast conglomerate of interconnected networks. Your packet probably won’t go straight to its destination. It will have to take several hops to get there. As with ipconfig, you can type in ping -? to find out various ways you can refine your ping.
tracert
The next command we will examine in this chapter is tracert. This command is a sort of “ping deluxe.” tracert not only tells you whether the packet got there and how long it took, but it also tells you all the intermediate hops it took to get there. (This same command can be executed in Linux or Unix, but there it is called traceroute rather than tracert.) You can see this utility in Figure 1-4.
)
FIGURE 1-4 tracert
With tracert, you can see (in milliseconds) the time the IP addresses of each intermediate step listed, and how long it took to get to that step. Knowing the steps required to reach a destination can be very important. If you use Linux, it is traceroute rather than tracert.
netstat
netstat is another interesting command. It is an abbreviation for Network Status. Essentially, this command tells you what connections your computer currently has. Don’t panic if you see several connections; that does not mean a hacker is in your computer. You will see many private IP addresses. This means your network has internal communication going on. You can see this in Figure 1-5.
Certainly, other utilities can be of use to you when working with network communications. However, the four we just examined are the core utilities. These four (ipconfig, ping, tracert, and netstat) are absolutely essential to any network administrator, and you can commit them to memory.
)
FIGURE 1-5 netstat
