Windows TCP/IP Utilities

HACKING BASICS, WINDOWS HACKS

Windows TCP/IP UtilitiesThe following are the IP utilities available in Windows that help in finding out the information about IP Hosts and domains. These are the basic IP commands that every beginner in the field of hacking must know!

Please note that the the term Host used in this article may also be assumed as a Website for simple understanding purpose.

1. PING

PING is a simple application (command) used to determine whether a host is online and available. PING command sends one or more ICMP “Echo message” to a specified host requesting a reply. The receiver (Target Host) responds to this ICMP “Echo message” and returns it back to the sender. This confirms that the host is online and available. Otherwise the host is said to be unavailable.

Syntax:

C:\>ping gohacking.com

2. TELNET

Telnet command is used to connect to a desired host on a specified port number. Just like a house having several doors, a host or a server has different ports running different services. For example port 80 runs HTTP, port 23 runs TELNET while port 25 SMTP. Like this there are several ports on a server through which it is possible for a remote client to establish a connection.

For a connection to be established, the port has to be open. For example, in the following command, we are trying to establish a connection with the Yahoo server on port 25.:

Syntax:

C:\>telnet yahoo.com 25
C:\>telnet yahoo.com

The default port number is 23. When the port number is not specified the default number is assumed.

NOTE: If you are using Vista or Windows 7, Telnet feature may not be available by default. To enable it, you can refer my other post: How to enable Telnet feature in Vista and Windows 7?.

3. NSLOOKUP

Many times, we think about finding out the IP address of a given site. Say for example google.com, yahoo.com, microsoft.com etc. But how to do this? There are several websites out there that can be used to find out the IP address of any given website. However, in the Windows operating itself, we have an inbuilt tool to do this job for us. It is called “nslookup”.

This tool can be used for resolving a given domain name into it’s IP address (determine the IP of a given site name). Not only this, it can also be used for reverse IP lookup. That is, if the IP address is given it determines the corresponding domain name for that IP address.

Syntax:

C:\>nslookup google.com

4. NETSTAT

The netstat command can be used to display the current TCP/IP network connections. For example, the following “netstat” command displays all the currently established connections and their corresponding listening port numbers on your computer.

Syntax:

C:\>netstat -a

Type “Ctrl+Z” to exit.

This command can be used to determine the IP address/Host names of all the applications connected to your computer. If a hacker is connected to your system even the hacker’s IP is displayed. So, the “netstat” command can be used to get an idea of all the active connections of a given system.

NOTE: In order to obtain help on any given command such as it’s syntax, attributes etc., just type the “command-name /?” to obtain usage details on it. For example, to obtain help on “netstat” command just type: netstat /? and hit enter.

20 Comments

  1. raj
     January 20, 2009 at 3:12 AM

    hi srikanth ..
    pls tell me where these syntax i have to use & how?????

    are these to use in command promt or where??/

    Reply
  2. raj
     January 20, 2009 at 3:26 AM

    i m unable to do it in command prompt..

    i m not finding any thing

    Reply
  3. raj
     January 20, 2009 at 3:28 AM

    where this nslookup option is in my computer .how can i find it . my os is window xp.
    pls tell me every thing.
    thanks

    Reply
  4. Srikanth
     January 20, 2009 at 12:11 PM

    @ raj

    You have to use these in the command prompt.

    Goto start menu,run and type cmd in the run box.You’ll be taken to the command prompt where you’ll be able to enter these commands.

    Reply
  5. Ardeck
     February 9, 2009 at 1:21 AM

    Hello,

    you forgot nbtstat.
    It’s useful when there is no DNS resolution.

    Reply
    • Srikanth
       February 9, 2009 at 1:59 AM

      @ Ardeck

      Thanks for your feedback. I’ll add it to my post

      Reply
  6. ujwal
     February 25, 2009 at 10:15 PM

    please discuss the telnet in details.I have some problem.

    1.From where i can collect my login name and password?I use LAN connection in my college.I tried to log into my host ip adress.I’m a newbie in hacking .

    2.When i tried to connect any site through telnet it alaways show “connection fail.”whats the problem?

    please help.

    Reply
    • Srikanth
       February 26, 2009 at 1:29 AM

      @ ujwal

      To connect to a remote system through telnet, the target computer port must be open for which you are attempting. Many firewalls running on the target computer reject incoming connectings.

      Reply
  7. Sky
     November 26, 2009 at 3:16 PM

    HELOO

    I have typed netstat and its showing many connections(TCP)
    and also som foreign address
    their status is showing established and others net:http
    my question is What is this?

    Reply
  8. eViLaNgEl
     December 7, 2009 at 7:47 AM

    hi, i learn alot from your website. um even able to use ol d comands except the telnet one, i would be very gratefull to you if u’ll discuss it briefly.can you explain a bite more about the terminologies like listening, foreign address, *:*,wwc which are present under active connectons heading while using the netstat command.

    Reply
  9. mido
     May 29, 2010 at 11:30 PM

    thankss man ican do many things now.

    Reply
  10. muskan
     June 2, 2010 at 11:19 PM

    could u tell me about backtrack 4 , how can i start.

    Reply
  11. OM
     June 21, 2010 at 12:19 PM

    Yup..!!
    These all things we learnt in linux course but you explained it better than our sir…thanx yar…. u made me 2 bcome ur fan….!!!
    can you tell me what is ur qualification…

    Reply
  12. Ikki
     October 15, 2010 at 9:05 AM

    what is the difference between nslookup and tracert?

    Reply
    • Srikanth
       October 18, 2010 at 10:57 AM

      @ Ikki

      “nslookup” is an online web tool to lookup and find IP address information in the DNS (Domain Name System). “tracert” command helps you to trace the route from your computer to the target domain or website. It will show you exactly how the packets travel from your computer to the destination network and also the number of hops.

      Reply
  13. karan
     November 21, 2010 at 6:39 PM

    can you please tell me about foreign address when we use netstat command…………

    Reply
  14. Anarchist
     January 8, 2011 at 5:21 PM

    hey shrikant i’m a regular reader of ur notes published!
    U said that ‘nslookup’ command will help u know the IP address of associated website(HOST).
    I practically did it in 2 ways:

    1)by command(using : nslookup google.com).
    Result-”Server:dns1.dwl.co.in
    Address:202.148.202.3″

    2)thru a website(http://www.selfseo.com/find_ip_address_of_a_website.php)
    Result:-”The IP address of http://www.google.com is 74.125.79.99
    The IP address 74.125.79.99 is assigned to Great Britain (UK) ”

    Now the point to conclude is that IP adress of same HOST is different for each of above two ways.

    Kindly note this & let me know the reason!
    Thanking You!

    Reply
  15. Donald
     February 19, 2011 at 11:25 PM

    wow i love u syntaxes they really work

    Reply
  16. manne anusha reddy
     October 4, 2011 at 1:49 AM

    wow realy amazing man…great work… i like ur way.i surf daily many sites bt i dont even get minimum basics abt it,,, i love ur site man. al d best t ur bright future

    Reply
  17. valasudurai
     March 14, 2012 at 2:36 PM

    But still we are confused because lot of connections are there how to know this with nslookup tool and ping utility and explain other useful command thanks :)

    Reply

Leave A Reply

WHO IS BEHIND GO HACKING

I am Srikanth Ramesh, a computer engineer from India.

Right from the day one I was introduced to computers, I had a passion for Hacking and Information security.

So, I started this blog in 2007 to share my views and ideas with the world. It all started as a blogspot blog and was later renamed as gohacking.com in August 2008.

You can read more or connect with me on Facebook, Twitter and Google+.

Copyright © 2008-2012 GoHacking.Com. This content is copyrighted to Srikanth and may not be reproduced on other websites.
↑ Scroll to top