Monthly Archives: March 2013
DOS tree commands Displays directory paths and files in each subdirectory.
TREE [d:][path] [/A][/F]
│ ├───My Pictures
│ │ └───Picture
│ ├───My Virtual Machines
│ ├───Administrative Tools
│ ├───Apache Tomcat 5.5
like graphically want to see the size of directory/files using free utility called treesizeview
In windows 2008 ,Some time it is difficult tasks pad pops up and unexpectedly clicks on icons and it may disconnects.
For eg USB devices/network connections will close while dragging mouse near on tray. In such cases we can hide those from system tray.
Using linux ,can be found Fully Qualified Domain Name of the server using command hostname –fqdn. But in windows there is no such commands.This can be found using below commands in windows.
ping -a <ip or server name>
systeminfo |find /i “%COMPUTERNAME%.%USERDNSDOMAIN%
ipconfig -all |find /i “Primary Dns Suffix”
The netstat command is a Command Prompt command used to display very detailed information about how your computer is communicating with other computers or network devices.
etstat Command Syntax:
netstat [-a] [-b] [-e] [-f] [-n] [-o] [-p protocol] [-r] [-s] [-t] [-x] [-y] [time_interval] [/?]
-a = This switch displays active TCP connections, TCP connections with the listening state, as well as UDP ports that are being listened to.
-b = This netstat switch is very similar to the -o switch listed below, but instead of displaying the PID, will display the process’s actual file name. Using -b over -o might seem like it’s saving you a step or two but using it can sometimes greatly extend the time it takes netstat to fully execute.
-e = Use this switch with the netstat command to show statistics about your network connection. This data includes bytes, unicast packets, non-unicast packets, discards, errors, and unknown protocols received and sent since the connection was established.
-f = The -f switch will force the netstat command to display the Fully Qualified Domain Name (FQDN) for each foreign IP addresses when possible.
-n = Use the -n switch to prevent netstat from attempting to determine host names for foreign IP addresses. Depending on your current network connections, using this switch could considerably reduce the time it takes for netstat to fully execute.
-o = A handy option for many troubleshooting tasks, the -o switch displays the process identifier (PID) associated with each displayed connection. See the example below for more about using netstat -o.
-p = Use the -p switch to show connections or statistics only for a particular protocol. You can not define more than one protocol at once, nor can you execute netstat with -p without defining a protocol.
protocol = When specifying a protocol with the -p option, you can use tcp, udp, tcpv6, or udpv6. If you use -s with -p to view statistics by protocol, you can use icmp, ip, icmpv6, or ipv6 in addition to the first four I mentioned.
-r = Execute netstat with -r to show the IP routing table. This is the same as using the route command to execute route print.
-s = The -s option can be used with the netstat command to show detailed statistics by protocol. You can limit the statistics shown to a particular protocol by using the -s option and specifying that protocol, but be sure to use -s before -p protocol when using the switches together.
-t = Use the -t switch to show the current TCP chimney offload state in place of the typically displayed TCP state.
-x = Use the -x option to show all NetworkDirect listeners, connections, and shared endpoints.
-y = The -y switch can be used to show the TCP connection template for all connection. You cannot use -y with any other netstat option.
time_interval = This is the time, in seconds, that you’d like the netstat command to re-execute automatically, stopping only when you use Ctrl-C to end the loop.
/? = Use the help switch to show details about the netstat command’s several options.
Netstat Command Examples:
show all active TCP connections connected to in FQDN format [-f] instead of a simple IP address.
Proto Local Address Foreign Address State
TCP 127.0.0.1:5357 VM-Windows-7:49229 TIME_WAIT
TCP 127.0.0.1:49225 VM-Windows-7:12080 TIME_WAIT
TCP 192.168.1.14:49194 184.108.40.206:http CLOSE_WAIT
TCP 192.168.1.14:49196 a795sm.avast.com:http CLOSE_WAIT
TCP 192.168.1.14:49197 a795sm.avast.com:http CLOSE_WAIT
TCP 192.168.1.14:49230 TIM-PC:wsd TIME_WAIT
TCP 192.168.1.14:49231 TIM-PC:icslap ESTABLISHED
TCP 192.168.1.14:49232 TIM-PC:netbios-ssn TIME_WAIT
TCP 192.168.1.14:49233 TIM-PC:netbios-ssn TIME_WAIT
TCP [::1]:2869 VM-Windows-7:49226 ESTABLISHED
TCP [::1]:49226 VM-Windows-7:icslap ESTABLISHED
shows active TCP connections, but also want to see the corresponding process identifier [-o] for each connection .
Proto Local Address Foreign Address State PID
TCP 192.168.1.14:49194 220.127.116.11:http CLOSE_WAIT 2948
TCP 192.168.1.14:49196 a795sm:http CLOSE_WAIT 2948
TCP 192.168.1.14:49197 a795sm:http CLOSE_WAIT 2948
netstat -s -p tcp -f
TCP stats [-p tcp] also want the foreign addresses displayed in FQDN format [-f].
netstat -e -t 5
network interface statistics [-e] and I wanted these statistics to continually update in the command window every five seconds [-t 5].
Portqry.exe is a command-line utility that can use to help troubleshoot TCP/IP connectivity issues. PortQry then sends a correctly formatted message that the listening service or program understands. PortQry uses the correct session layer or application layer protocol to determine if the port is listening. PortQry uses the Services file that is located in the %SYSTEMROOT%\System32\Drivers\Etc folder to determine which service listens on each port.
THis reports the status of a TCP/IP port .PortQry version 2.0 features
A process is listening on the port on the computer that you selected. Portqry.exe received a response from the port.
No process is listening on the target port on the target system. Portqry.exe received an Internet Control Message Protocol (ICMP) “Destination Unreachable – Port Unreachable” message back from the target UDP port. Or if the target port is a TCP port, Portqry received a TCP acknowledgement packet with the Reset flag set.
The port on the computer that you selected is being filtered. Portqry.exe did not receive a response from the port. A process may or may not be listening on the port. By default, TCP ports are queried three times, and UDP ports are queried one time before a report indicates that the port is filtered.
portqry -n domain.com -p tcp -e 25 ;which means resolve “domain.com” to an IP address and then queries TCP port 25 on the corresponding host
portqry -n myserver -p udp -e 389 ; response from the LDAP server to the user.
portqry -n myserver -p udp -e 135 ;his query returns (dumps) all the end points that are currently registered with the RPC endpoint mapper.
portqry -n 127.0.0.1 -e 161 -p udp -cn !secure123! ;determine whether SNMP port 161 is listening specific community name rather than a default community name public (-cn),
The following command tries to resolve “169.254.0.11” to a host name and then queries TCP ports 143,110, and 25 (in that order) on the host that you selected. This command also creates a log file (Portqry.log) that contains a log of the command that you ran and its output.
portqry -n 169.254.0.11 -p tcp -o 143,110,25 -l portqry.log
The following command tries to resolve my_server to an IP address and then queries the specified range of UDP ports (135-139) in sequential order on the corresponding host. This command also creates a log file (my_server.txt) that contains a log of the command that you ran and its output.
portqry -n my_server -p udp -r 135:139 -l my_server.txt
portqry -n 192.168.1.20 -e 1434 -p udp ; queries UDP port 1434 to query all the SQL Server named instances that are running on a SQL Server
portqry -n myproxy-server -p udp -e 1745; queries ISA server port 1745 to communicate with Winsock proxy clients and with firewall clients.
Command line mode:
portqry -n name_to_query [-p protocol] [-e || -r || -o endpoint(s)] [-q]
[-l logfile] [-sp source_port] [-sl] [-cn SNMP community name]
Command line mode options explained:
-n [name_to_query] IP address or name of system to query
-p [protocol] TCP or UDP or BOTH (default is TCP)
-e [endpoint] single port to query (valid range: 1-65535)
-r [end point range] range of ports to query (start:end)
-o [end point order] range of ports to query in an order (x,y,z)
-l [logfile] name of text log file to create
-y overwrites existing text log file without prompting
initial source port to use for query
-sl ‘slow link delay’ waits longer for UDP replies from remote systems
-nr by-passes default IP address-to-name resolution
ignored unless an IP address is specified after -n
-cn specifies SNMP community name for query
ignored unless querying an SNMP port
must be delimited with !
-q ‘quiet’ operation runs with no output
returns 0 if port is listening
returns 1 if port is not listening
returns 2 if port is listening or filtered
Notes: PortQry runs on Windows 2000 and later systems
Defaults: TCP, port 80, no log file, slow link delay off
Hit Ctrl-c to terminate prematurely
portqry -n myserver.com -e 25
portqry -n 10.0.0.1 -e 53 -p UDP -i
portqry -n host1.dev.reskit.com -r 21:445
portqry -n 10.0.0.1 -o 25,445,1024 -p both -sp 53
portqry -n host2 -cn !my community name! -e 161 -p udp
command tools can be download from http://www.microsoft.com/downloads/details.aspx?familyid=89811747-C74B-4638-A2D5-AC828BDC6983&displaylang=en
And UI can be download from