5 Windows Network Commands You May Not Know
When it comes to troubleshooting network connectivity or finding network information from a computer/workstation, there are some very powerful and helpful commands that you may or may not know about in finding network information.
Finding IP Address Information
Most of us know about ipconfig and its various switches, however, there is another even more powerful tool for finding and even configuring network parameters that is used in Windows and it is the netsh command.  Instead of using ipconfig /all to find IP address information as well as other configured values such as DNS and DHCP you can use the command:
netsh interface IP show config which will show you all of the above in a more concise and easier to parse format as well as tell you other useful information.
Tracing a route to a computer/Internet node
The tracert command gives valuable information as to the router hops that a computer makes to reach a certain host/node on the Internet.  It is very useful when troubleshooting connection problems as it will give an idea of what point communication is failing.
Finding the MAC address of a remote computer
Finding the MAC address can be helpful especially for sys admins when looking for a host on the network potentially to identify traffic or apply network traffic rules, etc.  The nbtstat command was designed to help troubleshoot NetBIOS name resolution problems.  However, it can be used to serve the function of finding MAC addresses of a remote machine as well.  To find the MAC address use the command:
nbtstat -a %computername%
or
nbtstat -A %ipaddress%
Per TechNet: Â https://technet.microsoft.com/en-us/library/cc940106.aspx
| Switch | Name | Function |
|---|---|---|
| -a < name > | adapter status | Returns the NetBIOS name table and MAC address of the address card for the computer name specified. |
| -A < IP address > | Adapter status | Lists the same information as -a when given the target’s IP address. |
| -c | cache | Lists the contents of the NetBIOS name cache. |
| [ Number ] | Interval | Typing a numerical value tells Nbtstat to redisplay selected statistics each interval seconds, pausing between each display. Press Ctrl+C to stop redisplaying statistics. |
| -n | names | Displays the names registered locally by NetBIOS applications such as the server and redirector. |
| -r | resolved | Displays a count of all names resolved by broadcast or WINS server. |
| -R | Reload | Purges the name cache and reloads all #PRE entries from LMHOSTS. |
| -RR | ReleaseRefresh | Releases and reregisters all names with the name server. |
| -s | sessions | Lists the NetBIOS sessions table converting destination IP addresses to computer NetBIOS names. |
| -S | Sessions | Lists the current NetBIOS sessions and their status, with the IP address. |
| /? | Help | Displays this list. |
Finding login credentials and computername
In troubleshooting or finding network information, many times you must determine login information including login credentials as well as the login domain, group memberships, etc.  The whoami command can do many things for troubleshooting including all of the above information gathering.
The whoami command is really an awesome command to put in the “bag of tricks” for admins and even home users as you can find the SID for a user, the groups they are members of, priviledges, FQDN, etc.
Ping Command line switches
Most users are familiar with the ping command in Windows if you have been involved with any kind of network troubleshooting at all. Â However, we want to highlight a couple of the command switches that you may not be familiar with that are very beneficial in troubleshooting connectivity.
The ping -t command makes the ping continuous.  So you don’t have to keep issuing your ping command.  You can simply issue ping -t with the hostname or IP address and it will ping continuously whether or not it receives a response.  This is very handy to troubleshoot or to make sure of system reboot reconnects, etc.
The ping -a command is very helpful to determine a hostname if you have an IP address instead of the hostname and you need to find the hostname.  This switch queries the reverse DNS lookup to find the name of the machine with a particular IP address.