Monthly Archives: March 2013

Windows directory size using treeviewr

DOS tree commands Displays directory paths and files in each subdirectory.

Syntax:

TREE [d:][path] [/A][/F]

D:\>tree

D:.
├───AppData
│ └───LocalLow
│ └───DataMngr
├───Desktop

│ ├───My Pictures
│ │ └───Picture

│ ├───My Virtual Machines

│ └───Programs
│ ├───Administrative Tools
│ ├───Apache Tomcat 5.5
│ ├───Startup
│ └───WinRAR
└───temp

like graphically want to see the size of directory/files using free utility called treesizeview

treesizevwr1

treesize

Hiding icons from windows 2008 system tray

In windows 2008 ,Some time it is difficult tasks pad pops up and unexpectedly clicks on icons and it may disconnects.

For eg USB devices/network connections will close while dragging mouse near on tray. In such cases we can hide those from system tray.

System Tray icon

How to check fqdn in windows

Using linux ,can be found Fully Qualified Domain Name of the server using command hostname –fqdn. But in windows there is no such commands.This can be found using below commands in windows.

ping -a <ip or server name>

ipconfig /all

echo %COMPUTERNAME%.%USERDNSDOMAIN%

systeminfo |find /i “%COMPUTERNAME%.%USERDNSDOMAIN%

ipconfig -all |find /i “Primary Dns Suffix”

Netstat command and usages

The netstat command is a Command Prompt command used to display very detailed information about how your computer is communicating with other computers or network devices.

etstat Command Syntax:

netstat [-a] [-b] [-e] [-f] [-n] [-o] [-p protocol] [-r] [-s] [-t] [-x] [-y] [time_interval] [/?]

-a = This switch displays active TCP connections, TCP connections with the listening state, as well as UDP ports that are being listened to.

-b = This netstat switch is very similar to the -o switch listed below, but instead of displaying the PID, will display the process’s actual file name. Using -b over -o might seem like it’s saving you a step or two but using it can sometimes greatly extend the time it takes netstat to fully execute.

-e = Use this switch with the netstat command to show statistics about your network connection. This data includes bytes, unicast packets, non-unicast packets, discards, errors, and unknown protocols received and sent since the connection was established.

-f = The -f switch will force the netstat command to display the Fully Qualified Domain Name (FQDN) for each foreign IP addresses when possible.

-n = Use the -n switch to prevent netstat from attempting to determine host names for foreign IP addresses. Depending on your current network connections, using this switch could considerably reduce the time it takes for netstat to fully execute.

-o = A handy option for many troubleshooting tasks, the -o switch displays the process identifier (PID) associated with each displayed connection. See the example below for more about using netstat -o.

-p = Use the -p switch to show connections or statistics only for a particular protocol. You can not define more than one protocol at once, nor can you execute netstat with -p without defining a protocol.

protocol = When specifying a protocol with the -p option, you can use tcp, udp, tcpv6, or udpv6. If you use -s with -p to view statistics by protocol, you can use icmp, ip, icmpv6, or ipv6 in addition to the first four I mentioned.

-r = Execute netstat with -r to show the IP routing table. This is the same as using the route command to execute route print.

-s = The -s option can be used with the netstat command to show detailed statistics by protocol. You can limit the statistics shown to a particular protocol by using the -s option and specifying that protocol, but be sure to use -s before -p protocol when using the switches together.

-t = Use the -t switch to show the current TCP chimney offload state in place of the typically displayed TCP state.

-x = Use the -x option to show all NetworkDirect listeners, connections, and shared endpoints.

-y = The -y switch can be used to show the TCP connection template for all connection. You cannot use -y with any other netstat option.

time_interval = This is the time, in seconds, that you’d like the netstat command to re-execute automatically, stopping only when you use Ctrl-C to end the loop.

/? = Use the help switch to show details about the netstat command’s several options.

Netstat Command Examples:

netstat -f

show all active TCP connections connected to in FQDN format [-f] instead of a simple IP address.

Active Connections

Proto  Local Address          Foreign Address        State
TCP    127.0.0.1:5357         VM-Windows-7:49229     TIME_WAIT
TCP    127.0.0.1:49225        VM-Windows-7:12080     TIME_WAIT
TCP    192.168.1.14:49194     75.125.212.75:http     CLOSE_WAIT
TCP    192.168.1.14:49196     a795sm.avast.com:http  CLOSE_WAIT
TCP    192.168.1.14:49197     a795sm.avast.com:http  CLOSE_WAIT
TCP    192.168.1.14:49230     TIM-PC:wsd             TIME_WAIT
TCP    192.168.1.14:49231     TIM-PC:icslap          ESTABLISHED
TCP    192.168.1.14:49232     TIM-PC:netbios-ssn     TIME_WAIT
TCP    192.168.1.14:49233     TIM-PC:netbios-ssn     TIME_WAIT
TCP    [::1]:2869             VM-Windows-7:49226     ESTABLISHED
TCP    [::1]:49226            VM-Windows-7:icslap    ESTABLISHED

netstat -o
shows active TCP connections, but also want to see the corresponding process identifier [-o] for each connection .

Active Connections

Proto  Local Address          Foreign Address        State           PID
TCP    192.168.1.14:49194     75.125.212.75:http     CLOSE_WAIT      2948
TCP    192.168.1.14:49196     a795sm:http            CLOSE_WAIT      2948
TCP    192.168.1.14:49197     a795sm:http            CLOSE_WAIT      2948

netstat -s -p tcp -f
TCP stats [-p tcp] also want the foreign addresses displayed in FQDN format [-f].

netstat -e -t 5
network interface statistics [-e] and I wanted these statistics to continually update in the command window every five seconds [-t 5].

Portqry command-line utility

Portqry.exe is a command-line utility that can use to help troubleshoot TCP/IP connectivity issues. PortQry then sends a correctly formatted message that the listening service or program understands. PortQry uses the correct session layer or application layer protocol to determine if the port is listening. PortQry uses the Services file that is located in the %SYSTEMROOT%\System32\Drivers\Etc folder to determine which service listens on each port.

THis reports the status of a TCP/IP port .PortQry version 2.0 features

Listening
A process is listening on the port on the computer that you selected. Portqry.exe received a response from the port.

Not Listening
No process is listening on the target port on the target system. Portqry.exe received an Internet Control Message Protocol (ICMP) “Destination Unreachable – Port Unreachable” message back from the target UDP port. Or if the target port is a TCP port, Portqry received a TCP acknowledgement packet with the Reset flag set.

Filtered
The port on the computer that you selected is being filtered. Portqry.exe did not receive a response from the port. A process may or may not be listening on the port. By default, TCP ports are queried three times, and UDP ports are queried one time before a report indicates that the port is filtered.

portqry -n domain.com -p tcp -e 25 ;which means resolve “domain.com” to an IP address and then queries TCP port 25 on the corresponding host

portqry -n myserver -p udp -e 389 ; response from the LDAP server to the user.

portqry -n myserver -p udp -e 135 ;his query returns (dumps) all the end points that are currently registered with the RPC endpoint mapper.

portqry -n 127.0.0.1 -e 161 -p udp -cn !secure123! ;determine whether SNMP port 161 is listening specific community name rather than a default community name public (-cn),

The following command tries to resolve “169.254.0.11” to a host name and then queries TCP ports 143,110, and 25 (in that order) on the host that you selected. This command also creates a log file (Portqry.log) that contains a log of the command that you ran and its output.
portqry -n 169.254.0.11 -p tcp -o 143,110,25 -l portqry.log

The following command tries to resolve my_server to an IP address and then queries the specified range of UDP ports (135-139) in sequential order on the corresponding host. This command also creates a log file (my_server.txt) that contains a log of the command that you ran and its output.
portqry -n my_server -p udp -r 135:139 -l my_server.txt

portqry -n 192.168.1.20 -e 1434 -p udp ; queries UDP port 1434 to query all the SQL Server named instances that are running on a SQL Server

portqry -n myproxy-server -p udp -e 1745; queries ISA server port 1745 to communicate with Winsock proxy clients and with firewall clients.

Command line mode:

portqry -n name_to_query [-p protocol] [-e || -r || -o endpoint(s)] [-q]
[-l logfile] [-sp source_port] [-sl] [-cn SNMP community name]

Command line mode options explained:
-n [name_to_query] IP address or name of system to query
-p [protocol] TCP or UDP or BOTH (default is TCP)
-e [endpoint] single port to query (valid range: 1-65535)
-r [end point range] range of ports to query (start:end)
-o [end point order] range of ports to query in an order (x,y,z)
-l [logfile] name of text log file to create
-y overwrites existing text log file without prompting
-sp

initial source port to use for query
-sl ‘slow link delay’ waits longer for UDP replies from remote systems
-nr by-passes default IP address-to-name resolution
ignored unless an IP address is specified after -n
-cn specifies SNMP community name for query
ignored unless querying an SNMP port
must be delimited with !
-q ‘quiet’ operation runs with no output
returns 0 if port is listening
returns 1 if port is not listening
returns 2 if port is listening or filtered

Notes:  PortQry runs on Windows 2000 and later systems
Defaults: TCP, port 80, no log file, slow link delay off
Hit Ctrl-c to terminate prematurely

examples:
portqry -n myserver.com -e 25
portqry -n 10.0.0.1 -e 53 -p UDP -i
portqry -n host1.dev.reskit.com -r 21:445
portqry -n 10.0.0.1 -o 25,445,1024 -p both -sp 53
portqry -n host2 -cn !my community name! -e 161 -p udp

downloadables
command tools can be download from http://www.microsoft.com/downloads/details.aspx?familyid=89811747-C74B-4638-A2D5-AC828BDC6983&displaylang=en

And UI can be download from
http://download.microsoft.com/download/3/f/4/3f4c6a54-65f0-4164-bdec-a3411ba24d3a/PortQryUI.exe

Refferences:http://support.microsoft.com/kb/832919

%d bloggers like this: