Tools like ping, traceroute, lookup, whois, finger, netstat, ipconfig, and port scanners are available on nearly every operating system you can get your hands on. They’re used for everything from troubleshooting a connection to looking up information.
Whether you’re using Windows, Linux, or Mac OS X, these tools are always close at hand. You’ll also find web-based versions of many of these utilities. Some are even available in Chrome OS’s hidden Crosh shell.
ipconfig / ifconfig
The ipconfig command is used on Windows, while the ifconfig command is used on Linux, Mac OS X, and other Unix-like operating systems. These commands allow you to configure your network interfaces and view information about them.
For example, you can use the ipconfig /all command on Windows to view all your configured network interfaces, their IP addresses, DNS servers, and other information. Or, you can use the ipconfig /flushdns command to flush your DNS cache, forcing Windows to get new addresses from its DNS servers every time you contact a new hostname. Other commands can force your computer to release its IP address and get a new one from its DHCP server. This utility can quickly display your computer’s IP address or help you troubleshoot problems.
The ping command sends ICMP echo request packets to a destination. For example, you could run ping google.comor ping 220.127.116.11 to ping a domain name or IP address.
These packets ask the remote destination to reply. If the remote destination is configured to reply, it will respond with packets of its own. You’ll be able to see how long the round-trip time is between your computer and the destination. You’ll see a “request timed out” message if packet loss is occurring, and you’ll see an error message if your computer can’t communicate with the remote host at all.
The traceroute, tracert, or tracepath command is similar to ping, but provides information about the path a packet takes. traceroute sends packets to a destination, asking each Internet router along the way to reply when it passes on the packet. This will show you the path packets take when you send them between your location and a destination.
This tool can help troubleshoot connection problems. For example, if you can’t communicate with a server, running traceroute may show you where the problem is occurring between your computer and the remote host.
The nslookup command will look up the IP addresses associated with a domain name. For example, you can run nslookup howtogeek.com to see the IP address of How-To Geek’s server.
Your computer is constantly querying its DNS servers to translate domain names to IP addresses. This command just allows you to do it manually.
nslookup also allows you to perform a reverse lookup to find the domain name associated with an IP address. For example, nslookup 18.104.22.168 will show you that this IP address is associated with howtogeek.com.
The whois command looks up the registration record associated with a domain name. This can show you more information about who registered and owns a domain name, including their contact information.
This command isn’t included with Windows itself, but Microsoft’s Windows Sysinternals provides a Whois tool you can download. This information is also available from many websites that can perform whois lookups for you.
netstat stands for network statistics. This command displays incoming and outgoing network connections as well as other network information. It’s available on Windows, Mac, and Linux — each version has its own command-line options you can tweak to see different types of information.
The netstat utility can show you the open connections on your computer, which programs are making which connections, how much data is being transmitted, and other information.
Port Scan / nmap
The nmap utility is a common tool used for port scans, but there are many utilities that can run this sort of scan. A port scan is the process of attempting to connect to every port on a computer — ports 1 through 65535 — and seeing if they’re open. An attacker might port-scan a system to find vulnerable services. Or, you might port scan your own computer to ensure that there are no vulnerable services listening to the network.
The finger command is old and is no longer widely used. In theory, this command allows you to view information about users logged onto a remote computer. If the computer is running a finger service or daemon, you can use the finger command on your computer to see who’s logged in on that remote computer, their email address, and their full name. In practice, almost no computers are running a finger service you can connect to.
This utility was a cute idea in the early days of networking where you might want to see who was logged into the other few computers on your university network, but it’s not suitable for a dangerous internet. You don’t want people to see your full name and email address when you’re using a computer.
Still, the finger command lives on as a common network utility and is even still included in modern versions of Windows. Windows doesn’t include a finger service that can share this information with others, though.
These aren’t the only network-related commands, but they are some of the most common.