Monthly Archives: May 2014

Route commands and usages

Dos command route
——————-
Command to manually configure the routes in the routing table

Syntax

ROUTE [-f] [-p] [-4|-6] command [destination]
[MASK netmask] [gateway] [METRIC metric] [IF interface]

-f Clears the routing tables of all gateway entries. If this is
used in conjunction with one of the commands, the tables are
cleared prior to running the command.

-p When used with the ADD command, makes a route persistent across
boots of the system. By default, routes are not preserved
when the system is restarted. Ignored for all other commands,
which always affect the appropriate persistent routes.This
option is not supported in Windows 95.

-4 Force using IPv4.

-6 Force using IPv6.

command One of these:
PRINT Prints a route
ADD Adds a route
DELETE Deletes a route
CHANGE Modifies an existing route
destination Specifies the host.
MASK Specifies that the next parameter is the ‘netmask’ value.
netmask Specifies a subnet mask value for this route entry.
If not specified, it defaults to 255.255.255.255.
gateway Specifies gateway.
interface the interface number for the specified route.
METRIC specifies the metric, ie. cost for the destination.

All symbolic names used for destination are looked up in the network database
file NETWORKS. The symbolic names for gateway are looked up in the host name
database file HOSTS.

If the command is PRINT or DELETE. Destination or gateway can be a wildcard,
(wildcard is specified as a star ‘*’), or the gateway argument may be omitted.

If Dest contains a * or ?, it is treated as a shell pattern, and only
matching destination routes are printed. The ‘*’ matches any string,
and ‘?’ matches any one char. Examples: 157.*.1, 157.*, 127.*, *224*.

Pattern match is only allowed in PRINT command.
Diagnostic Notes:
Invalid MASK generates an error, that is when (DEST & MASK) != DEST.
Example> route ADD 157.0.0.0 MASK 155.0.0.0 157.55.80.1 IF 1
The route addition failed: The specified mask parameter is invalid.
(Destination & Mask) != Destination.

Examples:

> route PRINT
> route PRINT -4
> route PRINT -6
> route PRINT 157* …. Only prints those matching 157*

> route ADD 157.0.0.0 MASK 255.0.0.0 157.55.80.1 METRIC 3 IF 2
destination^ ^mask ^gateway metric^ ^
Interface^
If IF is not given, it tries to find the best interface for a given
gateway.
> route ADD 3ffe::/32 3ffe::1

> route CHANGE 157.0.0.0 MASK 255.0.0.0 157.55.80.5 METRIC 2 IF 2

CHANGE is used to modify gateway and/or metric only.

> route DELETE 157.0.0.0
> route DELETE 3ffe::/32

Command Purpose
add Adds a route.
change Modifies an existing route.
delete Deletes a route or routes.
print Prints a route or routes.

Route add

route add “destination” mask “subnetmask” “gateway” metric “costmetric” if “interface”

Eg.
route add -p 10.0.0.0 mask 255.0.0.0 192.168.0.1 metric 2

In simple route add -p 10.0.0.0 mask 255.0.0.0 192.168.0.1

Routes added by using the -p option are stored in the Windows registry under the following key:

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip \Parameters\PersistentRoutes

To delete the route to the destination 10.41.0.0 with the subnet mask of 255.255.0.0, type:

route delete 10.41.0.0 mask 255.255.0.0

To delete all routes in the IP routing table that begin with 10., type:

route delete 10.*

To change the next hop address of the route with the destination of 10.41.0.0 and the subnet mask of 255.255.0.0 from 10.27.0.1 to 10.27.0.25, type:

route change 10.41.0.0 mask 255.255.0.0 10.27.0.25

Linux route command
——————–
Display Existing Routes
$ route
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
192.168.1.0 * 255.255.255.0 U 0 0 0 eth0

$ route -n
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
192.168.1.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0
0.0.0.0 192.168.1.10 0.0.0.0 UG 0 0 0 eth0

Adding a Default Gateway
$ route add default gw 192.168.1.10

List Kernel’s Routing Cache Information
$ route -Cn
Kernel IP routing cache
Source Destination Gateway Flags Metric Ref Use Iface
192.168.1.157 192.168.1.51 192.168.1.51 0 0 1 eth0
192.168.1.157 74.125.236.69 192.168.1.10 0 0 0 eth0

Reject Routing to a Particular Host or Network
$ route add -host 192.168.1.51 reject
$ route add -net 192.168.1.0 netmask 255.255.255.0 reject

Advertisements

Memory checks in windows-commanline

Findout Available Local Memory
——————————-
systeminfo |find “Available Physical Memory”

systeminfo | findstr /C:”Total Physical Memory”

Remote system
—————
systeminfo /s:hostname | findstr “Physical”
systeminfo /s <system> /u <username> /p <password>
wmic /node:”IP” /user:IP\username “MEMPHYSICAL”

Total Memory in system
———————-
wmic memorychip get capacity
wmic OS get TotalVisibleMemorySize /Value
wmic computersystem get TotalPhysicalMemory
wmic memphysical list full
wmic memorychip list full

Free memory
———–
wmic OS get FreePhysicalMemory /Value

Note:in xp can use ‘mem’ command

Powershell command
——————-
(Get-WMIObject Win32_PhysicalMemory |  Measure-Object Capacity -Sum).sum/1GB

Information about your memory
——————————
wmic MemoryChip get BankLabel, Capacity, MemoryType, TypeDetail, Speed

Memorychip information
———————-
wmic memorychip list full
wmic memorychip get capacity

TASKLIST displays the process ID number for each running task
————————————————————-
Tasklist /M

Find more memory using application
tasklist /fi “memusage gt 1000000”

Remotely
——–
tasklist /s:IP /fi “memusage gt 1000000”

Powershell command
——————-
get-process | where-object {$_.WorkingSet -gt 100000000}

memory healths checks and report
——————————-
perfmon /report

CPU checks in windows-commandline

CPU load on serevr
——————-
c:\>wmic cpu get loadpercentage
LoadPercentage
0

or

C:\>@for /f “skip=1″ %p in (‘wmic cpu get loadpercentage’) do @echo %p%
4%

on remote machine
wmic /node:”serevrname or IP” /user:IP\username cpu get loadpercentage

Get CPU usage on server
———————–
C:\Windows\system32>typeperf “\Processor(_Total)\% Processor Time”

“(PDH-CSV 4.0)”,”\\vm\Processor(_Total)\% Processor Time”
“02/01/2012 14:10:59.361″,”0.648721”
“02/01/2012 14:11:00.362″,”2.986384”

Typeperf :-Writes performance counter data to the command window, or to a supported log file format. To stop Typeperf, press CTRL+C.

current usage
————–
typeperf -sc 1 “\processor(_total)\% processor time”

List of all process
——————–
typeperf “\Process(*)\% Processor Time” -sc 1

If you want a specific process, Rtvscan for example:

typeperf “\Process(Rtvscan)\% Processor Time” -si 10 -sc 5

collecting 20 samples to a csv file
———————————–
Typeperf “\Processor(_Total)\% Processor Time” -sc 20 -o c:\users\win7\desktop\Report.csv

Save to a file
————–
typeperf “\Processor(_Total)\% Processor Time” -o CpuUsage.csv

OR

typeperf “\Processor(_Total)\% Processor Time” >> CpuUsage.csv

Processor Information
———————-
wmic cpu get caption
Caption
x86 Family 6 Model 37 Stepping 2
x86 Family 6 Model 37 Stepping 2

We can get process information using system environment variables also. The environment variables related to CPU are listed below.

PROCESSOR_ARCHITECTURE
PROCESSOR_IDENTIFIER
PROCESSOR_LEVEL
PROCESSOR_REVISION

C:\>echo %PROCESSOR_ARCHITECTURE% %PROCESSOR_IDENTIFIER% %PROCESSOR_LEVEL% %PROCESSOR_REVISION%
x86 x86 Family 6 Model 37 Stepping 2, GenuineIntel 6 2502

Info about your system’s BIOS, current version and it’s serial number
——————————-
C:\>wmic bios get name,serialnumber,version
Name                                    SerialNumber  Version
Phoenix ROM BIOS PLUS Version 1.10 A04  5xyz6BS       DELL   – 15

Motherboard (that happen to be the name) and it’s UUID
——————————————-
wmic csproduct get name,identifyingnumber,uuid

CPU clock speed
—————-
wmic cpu get name,CurrentClockSpeed,MaxClockSpeed

Clock speed every 1 second
————————–
wmic cpu get name,CurrentClockSpeed,MaxClockSpeed /every:1

Cache sizes of the CPU
———————-
C:\>wmic cpu get L2CacheSize, L2CacheSpeed, L3CacheSize, L3
CacheSpeed
L2CacheSize  L2CacheSpeed  L3CacheSize  L3CacheSpeed
2048                       0            0

Get process and percentage process time
—————————————
> wmic path Win32_PerfFormattedData_PerfProc_Process get Name,PercentProcessorTime

LOad % every 5 sec
——————
C:\>wmic cpu get loadpercentage /every:5
LoadPercentage
3
LoadPercentage
3
LoadPercentage
10

Powershell command
——————
Get-WmiObject Win32_Processor

Any Task runing morethan 10 sec
——————————-

C:\>tasklist /FI “CPUTIME gt 00:00:10”

Image Name                     PID Session Name        Session#    Mem Usage
========================= ======== ================ =========== ============
System Idle Process              0 Services                   0         24 K
csrss.exe                      344 Services                   0      3,300 K
csrss.exe                      408 Console                    1     15,836 K
services.exe                   504 Services                   0     10,408 K

Tasklist usage
————–
TASKLIST [/S system [/U username [/P [password]]]]
[/M [module] | /SVC | /V] [/FI filter] [/FO format] [/NH]

Name of the running process is “iexplore”
—————————————–
C:\>wmic path win32_perfformatteddata_perfproc_process wher
e Name=”iexplore” get Name, Caption, PercentProcessorTime, IDProcess /format:lis
t

or

C:\>wmic path win32_perfformatteddata_perfproc_process wher
e (Name=’iexplore’) get Name, Caption, PercentProcessorTime, IDProcess /format:lis
t

Caption=
IDProcess=8068
Name=iexplore
PercentProcessorTime=0

Name of the running process
—————————
C:\>wmic path win32_perfformatteddata_perfproc_process get
Name, Caption, PercentProcessorTime, IDProcess /format:list

Caption=
IDProcess=21908
Name=COH64
PercentProcessorTime=0

Caption=
IDProcess=24372
Name=COH64#1
PercentProcessorTime=0

Caption=
IDProcess=0
Name=_Total
PercentProcessorTime=100

Monitor a process named test.exe
———————————

Click on Start, Run, and enter “perfmon”
Click on Performance Logs and Alerts
Click on Counter Logs
Right-click Counter Logs
Click New Log Settings
Enter a log name that makes sense, e.g., Monitor Test.exe CPU
The Counter Log configuration dialog opens
On the General tabl, click Add Counters..
Click “Use local computer counters”
Choose Process for Performance Object
Select % Processor Time for Select counters from list
Select Test from Select instances from list
Click Add
Click Close
For Interval, choose something logical, such as 15 minutes
Click the Log Files tab
Choose a Log File Type of “Text File (Command delimited)”
Choose the file destination directory in Location
Click Ok
Determine whether (and how) you want the log file to rotate with “End file names with..”
Click Ok

Using Netsh

Netsh is a command-line scripting utility that allows you to, either locally or remotely, display or modify the network configuration of a computer that is currently running.

Usage: netsh [-a AliasFile] [-c Context] [-r RemoteMachine] [-u [DomainName\]Use
rName] [-p Password | *]
[Command | -f ScriptFile]

The following commands are available:

Commands in this context:
? – Displays a list of commands.
add – Adds a configuration entry to a list of entries.
advfirewall – Changes to the `netsh advfirewall’ context.
branchcache – Changes to the `netsh branchcache’ context.
bridge – Changes to the `netsh bridge’ context.
delete – Deletes a configuration entry from a list of entries.
dhcpclient – Changes to the `netsh dhcpclient’ context.
dnsclient – Changes to the `netsh dnsclient’ context.
dump – Displays a configuration script.
exec – Runs a script file.
firewall – Changes to the `netsh firewall’ context.
help – Displays a list of commands.
http – Changes to the `netsh http’ context.
interface – Changes to the `netsh interface’ context.
ipsec – Changes to the `netsh ipsec’ context.
lan – Changes to the `netsh lan’ context.
mbn – Changes to the `netsh mbn’ context.
namespace – Changes to the `netsh namespace’ context.
nap – Changes to the `netsh nap’ context.
netio – Changes to the `netsh netio’ context.
p2p – Changes to the `netsh p2p’ context.
ras – Changes to the `netsh ras’ context.
rpc – Changes to the `netsh rpc’ context.
set – Updates configuration settings.
show – Displays information.
trace – Changes to the `netsh trace’ context.
wcn – Changes to the `netsh wcn’ context.
wfp – Changes to the `netsh wfp’ context.
winhttp – Changes to the `netsh winhttp’ context.
winsock – Changes to the `netsh winsock’ context.
wlan – Changes to the `netsh wlan’ context.

The following sub-contexts are available:
advfirewall branchcache bridge dhcpclient dnsclient firewall http interface ips
ec lan mbn namespace nap netio p2p ras rpc trace wcn wfp winhttp winsock wlan
Netsh contexts
————–
Netsh utility interacts with others using dynamic-link library files. Each Netsh helper DLL provides an extensive set of features called a context, which is a group of commands specific to this DLL networking component. These contexts extend the functionality of netsh. For ex., Dhcpmon.dll provides netsh the context and set of commands necessary to configure and manage DHCP settings.

For more information about Netsh contexts, use this command in the netsh shell:

netsh>show helper
DLL Filename Command
———— ——-
HNETMON.DLL bridge
DGNET.DLL diag
FWCFG.DLL firewall
IFMON.DLL interface
IFMON.DLL ip
IPV6MON.DLL ipv6
IPV6MON.DLL 6to4
IPV6MON.DLL isatap
IPV6MON.DLL portproxy
RASMONTR.DLL ras
RASMONTR.DLL aaaa
RASMONTR.DLL appletalk
RASMONTR.DLL ip
RASMONTR.DLL ipx
RASMONTR.DLL netbeui
IPMONTR.DLL routing
IPMONTR.DLL ip
IPPROMON.DLL autodhcp
IPPROMON.DLL dnsproxy
IPPROMON.DLL igmp
IPPROMON.DLL nat
IPPROMON.DLL ospf
IPPROMON.DLL relay
IPPROMON.DLL rip
IPPROMON.DLL routerdiscovery
IPXMONTR.DLL ipx
IPXPROMN.DLL netbios
IPXPROMN.DLL rip
IPXPROMN.DLL sap
IFMON.DLL winsock
netsh>
List of available netsh contexts
——————————–
AAAA – commands for AAAA
Shows and sets the configuration of the Authentication, Authorization, Accounting, and Auditing (AAAA) database used by the Internet Authentication Service (IAS) and the Routing and Remote Access service.

DHCP – commands for DHCP
Administers DHCP servers and provides an equivalent alternative to console-based management.

Diag – diagnostic (diag) commands
Administers and troubleshoots operating system and network service parameters.

Interface – commands for Interface IP
Configures the TCP/IP protocol (including addresses, default gateways, DNS servers, and WINS servers) and displays configuration and statistical information.

RAS – commands for RAS
Administers remote access servers.

Routing – commands for Routing
Administers Routing servers.

WINS – commands for WINS
Administers WINS servers.
Displaying all of the adapter
—————————–
To display all of the adapters in the computer with their current IP addresses to determine the correct adapter name, type the following command:

Netsh interface ip show config

Change static address to DHCP
—————————–
To switch the specified adapter from a static address to DHCP, type the following command:

netsh interface ip set address “Local Area Connection” dhcp

Displays just the DNS server addresses
————————————–
netsh interface ip show dnsservers

Displays the TCP connections
—————————-
netsh interface ip show tcpconnections

Shows only TCP statistics
————————
netsh interface ip show tcpstats

Displays the UDP connections
—————————-
netsh interface ip show udpconnections

Shows only UDP statistics
————————–
netsh interface ip show udpstats

Change to a static address
—————————-
netsh interface ip set address “Local Area Connection” static ipaddr subnetmask gateway metric

eg:- netsh interface ip set address “Local Area Connection” static 192.168.0.10 255.255.255.0 192.168.0.1 1

Dump all the network information
——————————–
netsh dump

Import your IP settings
———————–

netsh -f c:\location1.txt or netsh exec c:\location2.txt

some examples

>netsh interface ipv4 show compartments

Id Interfaces Routes HopLimit
—— ———- —— ——–
1 3 15 128

>netsh interface ipv4 show global
Querying active state…

General Global Parameters
———————————————
Default Hop Limit : 128 hops
Neighbor Cache Limit : 256 entries per interface
Route Cache Limit : 128 entries per compartment
Reassembly Limit : 536866752 bytes
ICMP Redirects : enabled
Source Routing Behavior : dontforward
Task Offload : enabled
Dhcp Media Sense : enabled
Media Sense Logging : disabled
MLD Level : all
MLD Version : version3
Multicast Forwarding : disabled
Group Forwarded Fragments : disabled
Randomize Identifiers : enabled
Address Mask Reply : disabled

Current Global Statistics
———————————————
Number of Compartments : 1
Number of NL clients : 7
Number of FL providers : 4

>netsh interface ipv4 show ipstats
MIB-II IP Statistics
——————————————————
Forwarding is: Disabled
Default TTL: 128
In Receives: 2390189991
In Header Errors: 26416400
In Address Errors: 7060
Datagrams Forwarded: 0
In Unknown Protocol: 123
In Discarded: 8170
In Delivered: 2364039939
Out Requests: 2522875753
Routing Discards: 0
Out Discards: 2071
Out No Routes: 1462
Reassembly Timeout: 60
Reassembly Required: 0
Reassembled Ok: 0
Reassembly Failures: 0
Fragments Ok: 0
Fragments Failed: 0
Fragments Created: 0
>netsh interface ipv4 show route

>netsh interface ipv4 show subinterfaces

MTU MediaSenseState Bytes In Bytes Out Interface
—— ————— ——— ——— ————-
4294967295 1 0 8784 Loopback Pseudo-Interface 1
1500 1 1352228023139 1700849690717 Local Area Connection 2
1300 1 61980 13485540 Local Area Connection* 9

Enforce a system lock (screen saver lock)after a defined interval

It is possible to enforce a system lock after a defined interval. This requires the following two policy settings:
• Password protect the screen saver
• Screen saver timeout

using group policy preferences power plan is not a solution here ,as it is workgroup.

Local Group Policy Object (LGPO) that you can use to lock down settings on that machine. And if you have admin privileges on every machine in your workgroup, you can configure the LGPOs for your machines remotely from a single machine instead of having to walk around to each of them and log on locally.

To configure the LGPO on a remote machine, open a new MMC console, add the Group Policy snap-in, and click Browse to set the focus to a different machine than the local computer.

screensaver TS
Group Policy under/User Configuration/Administrative Templates/Control Panel/Display

Instructions
1
Click “Start.” Type “Gpedit.msc” into the search box at the bottom of the Start menu. Press “Enter.”
2
Click “Yes” in the User Account Control prompt window, if one appears.
3
Navigate to the “User Configuration\Administrative Templates\Control Panel\Personalization” folder in the left pane of the Group Policy window.
4
Double-click the “Password Protect the Screen Saver” setting in the right pane of the Group Policy Editor window.
5
Click “Enabled.” Click “OK.”
6
Double-click the “Screen Saver Timeout” setting in the right pane.
7
Click “Enabled.”
8
Type the number of seconds you want to lock the PC after into the “Seconds” box. For example, type “600” if you want to lock the PC after 10 minutes.
9
Click “OK.”

 

The setting for the screensaver is in the path HKCU\ControlPanel\Desktop\ScreenSaveActive – a value of 0 switches off the Screensaver, while the value 1 turns it on.the screensaver is activated and is switches on after 10 minutes.

%d bloggers like this: