There are many applications that claim to help network administrators to trace, diagnose and resolve network related issue. However, I strongly believe that knowing your basics is always the key to success. Therefore, knowledge of performing simple tasks such as checking the latency of your connection and tracing a route is essential for network professionals. In this article I will tell you how to trace network related information using command prompt commands.
Tracert and netstat are command line names that are enough to scare any user from using the command prompt. Nonetheless, such command are still widely used by network and system administrators to diagnose and resolve some very important network related issue.
The path between two computers connected via the internet cannot be defined as a straight line. It consists of numerous “hops” from one intermediate computer to another. Tracert or traceroute is a command that shows the time taken for each hop and the IP address for each intermediary computer (as shown below). An example of a tracert command would be something like: tracert addictivetips.com. You can also use the IP address instead of the hostname to use the tracert command. This command is used to see a network packet being sent and received and the amount of hops required for that packet to get to its destination. You can use tracert to determine where a packet stopped on the network. This can allow network professionals to establish if there is a router configuration problem.
Netstat shows the active TCP connections and ports for a computer, Ethernet statistics, the IP routing table, statistics for the IP, ICMP(Internet Control Message Protocol), TCP(Transmission Control Protocol), and UDP(User Datagram Protocol) protocols. One possible use for Netstat is to determine if a malware may have established connections that you might be unaware of. If you type netstat /? And hit enter in your command prompt, you will be able to see details regarding a list of netstat commands. For example nestat:
-a displays all connections.
-b displays the executable involved in creating each connection.
-e displays Ethernet statistics.
-f displays the FQDN (Fully Qualified Domain Name) for foreign addresses.
-n displays active TCP connections (addresses and port numbers are expressed numerically).
-p proto shows connections for the protocol specified by Proto.
- r displays the routing table.
-s displays the per protocol statistics.
-t displays the current connection offload state.
interval re-displays selected statistics, pausing interval seconds between each display.
For more information simply use the netstat /? command.
Commands like netstat and tracert are by no means obsolete and will be used for many years to come.