4.8 Windows Networking Part 2

Video Activity
Join over 3 million cybersecurity professionals advancing their career
Sign up with
Required fields are marked with an *

Already have an account? Sign In »

5 hours 21 minutes
Video Transcription
Hello and welcome to command line basics. In this video, we're gonna learn about Windows networking commands to I'm Christopher Heller. And let's begin.
So we're letting objectives for this video. We're gonna learn the ping command, learned the tracer command and understand the Arctic commended and how we can use them at the command line.
Pre assessment. So you need to verify connective ity to the domain controller. When is the best command is it? A get Mac bee? I p config See, Ennis, look up or D Pain
Answer is D Ping. So were you using thing to verify the connective ity? And it's a very useful tool to just reach out as Kay can you reach me? And then it will come straight back and say, Hey, yeah, I'm getting a response.
So it's a very useful and easy way to verify and connective ity between two I p addresses,
get Mac command is used to display the Mac address for a interface not to validate connectivity similar with the I P config command, where we see our layer three address in that information. But not to validate that. Hey, these two I p addresses can actually talk to each other
and the look of command while it may go through your domain controller for a d. N s. Look up. If we're looking specifically for the domain controller connective ity using Ping is going to be our best bet
or and soaping as we were just learning it is used to validate the collectivity. It's got a lot of very low overhead, and it is very easy to use. So what we do is we just type in pink and then the address and it will say, Hey, I can reach it or no, I can't reach it a night getting a response
So let's go ahead and do a quick demonstration.
So let's say I want to think Google.
I'm gonna take Debbie. Debbie, Debbie dot google dot com.
And as we can see, we are getting replies from Ghoul.
So it has about 25 milliseconds 20 to 2023. So really good response time and very useful. We got 0% loss, as we see, so we know that we're connected to the Internet and it's working very properly
now. The trace route command is very similar to Ping, but add some more functionality and top it as well. So what it does is it will go through every single hop in between the i p address that I that and the destination. And it'll say, Hey, I took
thes many hops and at the's specific addresses in order to get to your destination.
So this is very useful to help troubleshoot on a network, and I help troubleshoot late and see as well. So this is a useful commanding is very similar to paint,
so let's go ahead and take a look at this. When you do trace around,
let me tell you about google
dot com.
And it does take a little bit of time because it's constantly reaching back and forth between the different
systems in order to validate the connectivity.
So as you can see him worry on 1/3 hop
Ah, this first hop Here it is leaving my local network because it is connecting to my default gateway here.
And as we'll see, it's haunting between a few different I P addresses,
and it's does take a little bit of time, so don't be too worried about it. Um, this is also a useful way to help determine if, uh, something is routing somewhere. It shouldn't be because you'll be able to see everywhere. That it's going
it looks like is almost there
and that if you're not familiar with the term of hop in networking, it is ah, every change between a Ratter going between, you know, multiple different networks.
All right, so looks like we have completed. We took 11 hops to get there,
but we were able to you get to the google dot com and get a response.
We have the AARP command. This is the address Resolution Protocol Command. And what this does is it helps store information about I P addresses and Mac addresses for later too.
And if you're not familiar with our its whole purpose is to request the Mac address on a local network for a known I p address. So when ah, computer connects to a network and it gets a d h c P address at dynamic host configuration protocol address by automatically,
it will. No. Hey, this is my default. Gateway is 1921681.1.
But what the system does not know. It isn't not know the Mac address that layer to address on the local network For that I p
So when it will do, we will reach out and say, Hey, I know I need to reach this I p But I don't know what the Layer two addresses
and it sends out a broadcast to the entire local network and any machine that does not have that 1 91 68.1 Don't one address just drops. It says, Hey, this is not for me. I'm gonna ignore it.
But the machine that does have that i p address configured, it's gonna say, Hey, that's me. Here's all my information. This is my Mac address. This is how you can reach me. So for our local machine, when it sends it out, it'll get that response back. We'll say, Hey,
all right, So for any packet that's leave my Defoe gate with, I'm gonna send it up to this Mac address and we'll call it a day
so we can also use the dash a switch, and this will shows are our cash because it is cashed for a certain amount of time. That way, the computer doesn't have to keep constantly asking for what a specific Mac addresses on the network.
So let's take a look. Gonna do R Dash A.
It has all these different stored Mac addresses for each interface.
So as we could see, I have a whole bunch of different
ones that are very useful.
All right, So why is our cash important? Is it a It can be poisoned. Be It can be used to determine the host I p address. See, it is using layer seven protocols or D it can corrupt the file system.
The answer is a. It can be poisoned. Our cash is a very useful protocol.
But let's say in our example and attacker responded back quicker than thes system that actually owned that I p address. What this does is effectively poisons the AARP cash for the local machine that was reaching out asking for, and that machine will submit all the request to the attacker.
And then on that end, the attacker consented to the correct actual address. But it can listen or, you know, change information for this packets while they're on the way.
So this is a art cash poisoning attack, and it's important to keep in mind and we can validate if the computer has the correct AARP information using the dash a command toe. Look at that. Our cash
is not used to determine the host I. P address. That's a completely different configuration in I p config. Are does not use layers having protocols added a layer to protocol only
in our cannot corrupt the file system that is completely separate in the networking stack in the file system.
So in this video we learned the Ping Command when the tracer command understood the art. Commend how we can use these or networking at the Windows Command line, and I hope to see you in the next video.
Up Next