Windows附带了几个有用的网络实用程序。这些程序可以为您提供有关网络连接的重要信息并帮助诊断问题。每个Windows用户都应该知道四个TCP/IP
- 网络统计
- 示踪剂
- IP配置
- NSlookup
让我们看看这些实用程序的作用以及它们的常用用途。
TCP/IP 复习
所有四个实用程序都是TCP/IP网络程序。这意味着什么?
TCP/IP 是传输控制协议 Internet 协议的缩写。(Transmission Control Protocol Internet Protocol.)协议是一组确定流程如何工作的规则和规范。
例如,在工作中,首先与老板的私人助理预约可能是一种协议,而不是在一天中的随机时间闯入他们的办公室。同样,TCP/IP互联网(internet)上相互连接的各种设备如何以有序的方式进行通信。
学会爱上命令行
虽然如今 99% 的计算机界面都是图形界面,但始终需要基于文本的命令行工具。大多数情况下,这些TCP/IP实用程序通过命令行工作。这意味着您需要输入实用程序的名称以及您希望它执行的操作。
在Windows中,这一直是通过Command Prompt实现的,但正在逐步淘汰。目前首选的命令行界面是Windows PowerShell。
要访问 Powershell:
- 右键单击开始按钮(Start Button)
- 选择Windows PowerShell(管理员)(Windows PowerShell (Admin))
现在,您可以在PowerShell(PowerShell)的命令行中输入您的命令,尽情享受。如果你想走PowerShell大师的道路,它从一个步骤开始。也就是说,为家庭用户使用 PowerShell——(Using PowerShell for Home Users – A Beginner’s Guide)我们自己的 Guy McDowell 的初学者指南。
现在让我们开始更好地了解它们。
什么是网络统计?
Netstat 或Network Statistics是一个功能强大的信息实用程序,可让您深入了解网络连接在任何特定时刻的运行情况。它为您提供关键网络活动的基本统计数据。这包括打开和使用的端口(ports)以及打开和运行的连接。
Netstat不仅仅是一个Windows应用程序,它也可以在Linux、Unix和Mac上运行。它起源于Unix,并已成为网络管理员工具箱中的基本武器。
Microsoft TCPView形式的图形替代方案,但知道如何使用 netstat 总是有用的。该程序有许多用例,但如今的一个常见目的是检测恶意软件。诸如木马之类的恶意软件通常会打开一个端口并等待其创建者联系以获取进一步的指示。使用 netstat,您可以快速查看您的计算机与网络之间是否存在可疑连接。
重要的 Netstat 命令
Netstat是最容易使用的TCP/IP实用程序之一。您所要做的就是输入“netstat”(不带引号),您将获得活动连接的标准列表。应该(Which)是这样的:
这对于您的网络连接的正常概览来说很好,但您可以使用修饰符来修改输出。例如,“netstat -a”显示所有活动端口,“netstat -b”将显示负责每个监听端口的可执行文件。以下是更多关键命令:
- Netstat -e -显示已发送数据包的详细信息
- netstat -n -列出当前连接的主机
- Netstat -p -允许指定您要检查的协议类型
- netstat -r –提供路由表列表
- Netstat -s -提供有关IPv4、IPv6、ICMP、TCP等的统计信息
什么是 Tracert?
Tracert 是traceroute的缩写。它是一个网络实用程序,可向您显示从计算机网络接口到目标设备的每一站的信息。
当您使用 Tracert 时,应用程序会发送特殊的Internet 控制消息协议(Internet Control Message Protocol )( ICMP ) 数据包,这些数据包会强制每一跳的设备发回信息。具体来说,它要求他们转发数据包到达的确切时间,然后使用该信息计算每一跳之间的旅行时间。
Tracert 有三个主要用途:
- 查看数据包丢失的位置。
- 确定数据包延迟的位置。
- 查看沿数据包路由的每一跳的 IP 地址。
接下来,让我们看看Tracert命令的实际作用。
重要的 Tracert 命令
Tracert命令的最基本形式需要实用程序的名称以及网络目标。目的地可以表示为 IP 地址或网站URL。例如:Tracert www.google.com。
该命令的输出如下所示:
Tracert也有少量选项,列表如下:
- Tracert -d:告诉Tracert不要将地址解析为主机名
- Tracert -h : Maximum_hops – 让您更改默认的跳数,例如 -h 30
- Tracert -j host-list :指定沿主机列表的 LSR(松散源路由)(loose source route)
- -w timeout:让您设置Tracert在每个跃点等待多长时间,然后再将其视为超时。例如Tracert -w 1000
这是一个简单的工具,但如果您正在玩网络侦探,它会非常有用!
什么是 IP 配置?
IPconfig是最有用的网络TCP/IP实用程序之一,它向您显示计算机中网络设备的当前配置。它还可用于手动强制执行与您的网络连接相关的某些操作。
(IPconfig)如果您的计算机具有动态分配的 IP 地址,则IPconfig特别有用。因为它可以让您快速查看系统当前拥有的 IP 地址。
重要的 IPconfig 命令
IPconfig通常与参数一起使用,该参数要么显示网络信息,要么执行与网络相关的任务。以下是一些需要了解的最重要的命令:
- IPconfig /all:显示所有物理和虚拟网络适配器连接信息。
- IPconfig /flushdns:重置DNS解析器缓存。适合解决与DNS相关的问题。
- /IPconfig /renew:强制分配新的 IP 地址。(new IP address)
IPconfig是一般互联网连接故障排除的首选实用程序,因此值得记住它的关键命令。
什么是 NSLookup?
NSlookup 是名称服务器查找(nameserver lookup)的缩写。“名称服务器”是DNS(域名系统)中的一种关键服务器类型。它实际上是一个DNS服务器,这意味着它是一个网络设备,它将您在浏览器中键入的URL与托管内容的服务器的 IP 地址连接起来。(URL)
通常这个过程对你作为用户是隐藏的,但是NSlookup允许你做两件事:
- 查找(Find)特定网站地址后面的 IP 地址。
- 查找连接到特定 IP 地址的URL 。
因此,如果您只有一个网址或一个 IP 地址,您可以使用NSlookup来查找拼图的另一部分。您可以将其与来自其他工具(例如Tracert或Netstat )的信息相结合,以确定哪些 Web 服务器连接到它们报告的 IP 地址。
重要的 NSLookup 命令
您应该知道三个主要的NSLookup命令。(NSLookup)第一个只是“nslookup”。这将向您显示当前的名称服务器及其 IP 地址。
请注意,NSlookup仍在运行,您在它的命令行,而不是PowerShell。如果要返回PowerShell,请键入exit并按enter。
但是,让我们稍等片刻,让我们的域名服务器给我们Google.com的地址。只需(Just)输入google.com并按enter。
如您所见,这为我们提供了 IP 地址 172.217.170.46。将其输入您的网络浏览器,您将直接进入Google搜索引擎。您还可以进行反向搜索并输入 IP 地址,然后该地址应返回与其关联的服务器的URL 。
现在您已经熟悉了四种基本的TCP/IP 实用程序(utilities),它们将帮助您了解网络中正在发生的事情,并揭开 Internet 的神秘面纱。玩得开心!
The Best Windows Command Line Network Commands
Windows comes рacked with several usеful network utilities. These programs can get you critіcal information aboυt уour network сonnection and help diagnose problems. There are four TCP/ІP network utilities that every Windowѕ user should know аbout:
- Netstat
- Tracert
- IPconfig
- NSlookup
Let’s see what these utilities do and how they’re commonly used.
A Refresher on TCP/IP
All four utilities are TCP/IP network programs. What does that mean?
TCP/IP is short for Transmission Control Protocol Internet Protocol. A protocol is a set of rules and specifications that determine how a process works.
For example, at work it might be protocol to first make an appointment with your boss’ personal assistant instead of barging into their office at random times of day. Similarly, TCP/IP describes how the various devices connected to each other on the internet can communicate in an orderly fashion.
Learning to Love the Command Line
While 99% of computer interfaces these days are graphical, there will always be a need for text-based command line tools. For the most part, these TCP/IP utilities work through the command line. That means you need to type in the name of the utility and the action you want it to take.
In Windows this has always been achieved through the Command Prompt, but that’s being phased out. The preferred command line interface today is Windows PowerShell.
To access the Powershell:
- Right-click on the Start Button
- Select Windows PowerShell (Admin)
Now you can type your commands into the command line in PowerShell to your heart’s content. If you want to walk the path of the PowerShell master, it begins with a single step. That is, Using PowerShell for Home Users – A Beginner’s Guide by our very own Guy McDowell.
Now let’s begin to know them better.
What is Netstat?
Netstat or Network Statistics is a powerful information utility that gives you important insights into what your network connection is doing at any given moment. It gives you basic statistics on key network activity. This includes which ports are open and in use and what connections are open and running.
Netstat isn’t just a Windows application, it’s on Linux, Unix and Mac as well. It started life on Unix and has become a fundamental weapon in the network administrator’s toolbox.
There is a graphical alternative in the form of Microsoft TCPView, but knowing how to use netstat will always be useful. There are many use cases for the program, but one common purpose these days is the detection of malware. Malicious software such as trojans often open a port and wait to be contacted by their creators for further instructions. With netstat you can quickly see if there’s a suspicious connection from your computer to the network.
Important Netstat Commands
Netstat is one of the easiest TCP/IP utilities to use. All you have to do is type “netstat” (without the quotes) and you’ll get the standard list of active connections. Which should look something like this:
This is fine for a normal overview of your network connections, but you can modify the output by using modifiers. For example, “netstat -a” displays all active ports and “netstat -b” will show you the executable file responsible for each listening port. Here are more key commands:
- Netstat -e – displays details of packets that have been sent
- Netstat -n – lists currently connected hosts
- Netstat -p – allow to specify what type of protocol you want to check
- Netstat -r – provides a list of routing tables
- Netstat -s – gives statistics on IPv4, IPv6, ICMP, TCP, etc
What is Tracert?
Tracert is short for traceroute. It’s a network utility that shows you information about every stop along the way from your computer’s network interface to the destination device.
When you use Tracert, the application sends special Internet Control Message Protocol (ICMP) packets which compel the devices at each hop to send back information. Specifically, it asks them to relay the exact time the packet arrived and then uses that information to calculate the travel time between each hop.
There are three main uses for Tracert:
- To see where a packet gets lost.
- To determine where packets are delayed.
- To see the IP addresses of each hop along the packet’s route.
Next, let’s see the Tracert command in action.
Important Tracert Commands
The most basic form of the Tracert command requires the name of the utility as well as the network destination. The destination can be expressed as either an IP address or a website URL. For example: Tracert www.google.com.
The output of the command looks like this:
Tracert also has a small number of options, here’s the list:
- Tracert -d: Tells Tracert not to resolve addresses to host names
- Tracert -h: Maximum_hops – lets you change the default number of hops, e.g. -h 30
- Tracert -j host-list: Specifies the LSR (loose source route) along the host list
- -w timeout: Lets you set how long Tracert waits at each hop before considering it a timeout. E.g. Tracert -w 1000
It’s a simple tool, but can be incredibly useful if you’re playing network detective!
What is IPconfig?
One of the most useful network TCP/IP utilities, IPconfig shows you the current configuration of network devices in your computer. It can also be used to manually force certain actions relating to your network connections.
IPconfig is particularly useful if your computer has an IP address assigned to it dynamically. Since it lets you quickly see what IP address your system currently has.
Important IPconfig Commands
IPconfig is generally used with a parameter, which either displays network information or performs a network-related task. Here are some of the most important commands to know:
- IPconfig /all: Shows you all physical and virtual network adapter connection information.
- IPconfig /flushdns: Resets the DNS resolver cache. Good for solving DNS-related problems.
- /IPconfig /renew: Forces a new IP address to be assigned.
IPconfig is the go-to utility for general internet connection troubleshooting, so it’s worth memorizing its key commands.
What is NSLookup?
NSlookup is short for nameserver lookup. A “nameserver” is a key type of server in the DNS (domain name system). It is in effect a DNS server and that means it’s a network device that connects the URL you type into your browser with the IP address of the server that hosts the content.
Usually this process is hidden from you as the user, but NSlookup lets you do two things:
- Find which IP address is behind a particular website address.
- To find the URL connected to a specific IP address.
So if you only have either a web address or an IP address, you can use NSlookup to find the other part of the puzzle. You can combine this with the information from other tools, such as Tracert or Netstat to determine which web servers are attached to the IP addresses they report.
Important NSLookup Commands
There are three main NSLookup commands you should know. The first is just “nslookup”. This shows you the current name server and its IP address.
Note that NSlookup is still running and you are at its command line, not PowerShell. If you want to go back to PowerShell, type exit and press enter.
However, let’s stick around for a second and ask our nameserver to give us the address for Google.com. Just type google.com and press enter.
As you can see, this gives us the IP address 172.217.170.46. Type that into your web browser and you’ll be taken straight to the Google search engine. You can also do a reverse search and enter an IP address, which should then return the URL of the server associated with it.
Now you’re familiar with four of the fundamental TCP/IP utilities that will help you understand what’s going on in your network and pull back the curtain on the mystery that is the internet. Have fun!