some simple & advanced net commands you can try for fun;-

note: open a DOS prompt and type there. Most of these are common DOS tricks, but ever since people got GUI, they think they don't have to know DOS anymore WRONG! DOS tends to be much more effective and easier on your CPU too!

ARP (Address Resolution Protocol)

Displays and modifies the IP-to-Ethernet or token ring physical address translation tables used by address resolution protocol (ARP) This command is available only if the TCP/IP protocol has been installed

arp -a [inet_addr] [-N [if_addr]]
arp -d in_addr [if_addr]
arp -s in_addr ether_addr [if_addr] -a Displays current ARP entries by querying TCP/IP If inet_addr is specified, only the IP and physical addresses for the specified computer are displayed
-g Identical to -a inet_addr Specifies an IP address in dotted decimal notation
-N Displays the ARP entries for the network interface specified by if_addr if_addr Specifies, if present, the IP address of the inteface whose address translation table should be modified If not present, the first applicable interface will be used
-d Deletes the entry specified by inet_addr
-s Adds an entry in the ARP cache to associate the IP address inet_addr with the physical address ether_addr The physical address is given as 6 hexadecimal bytes separated by hyphens The IP address is specified using dotted decimal notation The entry is permanent, that is, it will not be automatically removed from the cache after the timeout expires
Specifies a physical address
  • displays a list of switches
    2displays current mapping in the arp cache of the local host
    3displays current mapping in the arp cache of the interface specified by the IP address
    4adds a permanet entry to the arp cache that maps the IP address it the physical ethernet address

  • ipconfig

  • Displays IP address, subnet mask, and default getway for all interfaces onthe host on which it is executed
    2 displays host configurations such as Namr Resolution Services enbled on the host:
    3 If used by a DHCP client, renews the IP address lease
    4 REleases a leased IP address

  • nbtstat

    dispays protocol statistics and current TCP/IP connections using NBT (NetBIOS over TCP -a remotename,







    Displays current connections of registered users and processes of NetBIOS over TCP/IP as well as prtocol statistics

  • netstat

    (one VERY useful command
    will list all the current open connections to ALL of the remote servers you are attached to
    netstat ? to look at the available switches Tip: refresh it with F3 because each connection usually only stays open for a set interval so F3 after going from one site to the next you can also create a statlog in your win or C:\ root directory and direct the info into it Like this: netstat >> statlog
    All your information will be logged in that file so you can look at it at a later date -a





    -a Displays ALL connections and listening ports (server side connectiosn are NOT normaly shown
    (-e Displays Ethernet statistics
    -n Displays addresses and port numbers in numerical form
    -p proto Shows connections for the protocol specified by the proto; proto is tcp or udp If used with the -s to display per protocol statistics, then roto is tcp, udp or ip
    -r Displays the content of the routing table
    -s Displays per protocol statistics for TCP, UPD and IP; the -p option may be used to specify a subset of the default
    interval (like 5,
  • 0, ets Redisplays the selected statistics, pausing interval seconds between each display Press Ctrl+C to stop
    so an example is netstat -n
  • 0

  • net /?

    NET VIEW \\ name of computer
    NET VIEW which will list all the commands you can use One of them is will list all the servers and computers on the network to get more info about each ones try net view no switches Displays a list of Master Browsers and Back up Browsers in the domain

  • nslookup

    host name server
  • Displays info mainteined by DNS servers
    4 THis switch is used if you want to use interactive mode to look up DNS names or IP addresses fr more than one host


    aThis option is very useful for alot of things, some too advanced than me  It is very useful in detecting if someone has connected to your computer with Back-Orifice or Netbus  It will list your open ports, connected ports, and a bunch of other things Using the following command will show you possible connections from someone else accessing your HD  netstat -a -n  Below are a list of other options of Netstat

    netstat (shows some of your connections and listening ports
    netstat -a (displays ALL connections & listening ports
    netstat -e (display eithernet statistics, can be combined with -s
    netstat -n (display addresses and port numbers in numerical form
    netstat -p (shows connections for protocol specified by TCP,UDP, or IP
    netstat -r (display the routing table
    netstat -s (display per protocol stats default is TCP,UDP and IP
    interval   (redisplays selected stats by pausing every few seconds

  • PING

    Ping can be used several different ways to achieve a number of things  Lets say for example you know someone may be online hiding from you and you already know their IP address Well when you ping them, you will know if they are online or not  I am not going into all the types of ping options, however I will list them  You can play with them yourself  Open a DOS window and type "ping" and hit enter, and the following options will be presented

    ping -a (resolves host name from IP or vice versa
    ping -t (pings target IP until you stop it
    ping -n (to specify number of times you send echo request
    ping -l (to specify the size of the buffer packet
    ping -f (to specify not to fragment the buffer packet
    ping -i (TTL, "time to live"
    ping -v (TOS, "type of service"
    ping -r (record route for count hops
    ping -s (timestamp for count hops
    ping -j (loose source route to specified host-list
    ping -k (strict source route to specified host-list
    ping -w (timeout in milliseconds to wait for each reply from echo sent

    ping destination
  • verifies an IP connection between the client PC on which ping is executed(your PC and the destination destination can be ether an IP address or a server name
    2 causes ICMP to send echo request packets(4 by default
    3 destination sends an Echo rely packets(4 by default containing its IP address and the exact message in the echo request packet

  • route

    print destination
  • Displays the routing table of the host on which it is executed
    2 Displays the routing table on the host specified by 3


    aThis program should be your default telnet program  There are not really any options with this particular DOS program  However, you can play around with this using Wingates for doorways to help hide your IP Now I won't pretend to tell you I have this one all figured out, as I work at it everyday  It is great practise to telnet to a server just to see how it works and how some systems react This is the very basic Telnet program, and if you like, there are other programs for telnet based in windows


    aThis option is excellent in my opinion  You can type the command "tracert<hostnamecom> or tracert <IP> and see the route it takes across the internet to reach the specified host  I like using the IP option to look at unknown IP addresses, it will usually trace it across the net, while resolving to the host name  Excellent for looking at proxy IP's and finding out their resolved host names Tracert has fewer options than ping  It can be used alone as above, or can be used with the following options added

    tracert -d (do not resolve IP to host name
    tracert -h (maximum number of hops to search for host
    tracert -j (loose source route along host-list
    tracert -w (wait timeout in milliseconds for each reply

  • Tracert

    destination(IP address or a DSN or a host name
  • determines the route to the
    2 causes an ICMP to send Echo request packets in hich the TTL(Time To Live value is incremented by one in each packet
    3 Each router along the path decriments TTL The router at which the TTL reaches zero in each Echo Request packets returns its IP address in an Echo Reply packet NOTE* DO NOT be afraid to experiment and to try out diff commands After all you are trying to learn, right?