ALEXANDRE BORGES - BLOG
[Pages:26]Windows Commands and Tools ? Part 1
ALEXANDRE BORGES - BLOG
Windows Commands and Tools ? Part 1
Author: Alexandre Borges Revision: A.1 Website:
This document is the first part of a series of articles about useful Windows commands (graphical or not) which can help you in a daily administration. Most them are self-explanatory. All commands were tested in a Windows 7 environment. Enjoy it!
Command 1: How to verify the firewall status (WinXP and Win7 ? deprecated command)
C:\>netsh firewall show state
Firewall status:
-------------------------------------------------------------------
Profile
= Standard
Operational mode
= Disable
Exception mode
= Enable
Multicast/broadcast response mode = Enable
Notification mode
= Enable
Group policy version
= Windows Firewall
Remote admin mode
= Disable
Ports currently open on all network interfaces: Port Protocol Version Program ------------------------------------------------------------------5800 TCP Any (null) 5900 TCP Any (null) 1900 UDP Any (null) 2869 TCP Any (null)
IMPORTANT: Command executed successfully. However, "netsh firewall" is deprecated; use "netsh advfirewall firewall" instead. For more information on using "netsh advfirewall firewall" commands instead of "netsh firewall", see KB article 947709 at
Command 2: How to verify the firewall status and configuration (Win7)
C:\>netsh advfirewall show allprofiles
Domain Profile Settings: ----------------------------------------------------------------------
Page 1
Windows Commands and Tools ? Part 1
State
OFF
Firewall Policy
BlockInbound,AllowOutbound
LocalFirewallRules
N/A (GPO-store only)
LocalConSecRules
N/A (GPO-store only)
InboundUserNotification
Enable
RemoteManagement
Disable
UnicastResponseToMulticast
Enable
Logging:
LogAllowedConnections
Disable
LogDroppedConnections
Disable
FileName
%systemroot%\system32\LogFiles\Firewall\pfirewall
.log
MaxFileSize
4096
Private Profile Settings:
----------------------------------------------------------------------
State
OFF
Firewall Policy
BlockInbound,AllowOutbound
LocalFirewallRules
N/A (GPO-store only)
LocalConSecRules
N/A (GPO-store only)
InboundUserNotification
Enable
RemoteManagement
Disable
UnicastResponseToMulticast
Enable
Logging:
LogAllowedConnections
Disable
LogDroppedConnections
Disable
FileName
%systemroot%\system32\LogFiles\Firewall\pfirewall
.log
MaxFileSize
4096
Public Profile Settings:
----------------------------------------------------------------------
State
OFF
Firewall Policy
BlockInbound,AllowOutbound
LocalFirewallRules
N/A (GPO-store only)
LocalConSecRules
N/A (GPO-store only)
InboundUserNotification
Enable
RemoteManagement
Disable
UnicastResponseToMulticast
Enable
Logging:
LogAllowedConnections
Disable
LogDroppedConnections
Disable
FileName
%systemroot%\system32\LogFiles\Firewall\pfirewall
.log
MaxFileSize
4096
Ok.
Page 2
Windows Commands and Tools ? Part 1
Command 3: How to verify the firewall configuration (WinXP and Win7 ? deprecated command)
C:\>netsh firewall show config
Domain profile configuration:
-------------------------------------------------------------------
Operational mode
= Disable
Exception mode
= Enable
Multicast/broadcast response mode = Enable
Notification mode
= Enable
Allowed programs configuration for Domain profile: Mode Traffic direction Name / Program -------------------------------------------------------------------
Port configuration for Domain profile:
Port Protocol Mode Traffic direction Name
-------------------------------------------------------------------
1900 UDP Enable Inbound
Windows Live Communications Platform (SSDP)
2869 TCP Enable Inbound
Windows Live Communications Platform (UPnP)
ICMP configuration for Domain profile: Mode Type Description ------------------------------------------------------------------Enable 2 Allow outbound packet too big
Standard profile configuration (current):
-------------------------------------------------------------------
Operational mode
= Disable
Exception mode
= Enable
Multicast/broadcast response mode = Enable
Notification mode
= Enable
Service configuration for Standard profile: Mode Customized Name ------------------------------------------------------------------Enable No File and Printer Sharing Enable No Network Discovery
Allowed programs configuration for Standard profile:
Mode Traffic direction Name / Program
-------------------------------------------------------------------
Enable Inbound
Apache HTTP Server / C:\program files (x86)\postgresql\enterprisedb-
apachephp\apache\bin\httpd.exe
Disable Inbound
Free Download Manager / C:\program files (x86)\free download
manager\fdm.exe
Enable Inbound
Dropbox /
C:\Users\Administrator\AppData\Roaming\Dropbox\bin\Dropbox.exe
Enable Inbound
vncviewer.exe / C:\Program Files (x86)\UltraVNC\vncviewer.exe
Page 3
Windows Commands and Tools ? Part 1
Enable Inbound
WinSCP: SFTP, FTP and SCP client / C:\program files
(x86)\winscp\winscp.exe
Enable Inbound
Microsoft OneNote / C:\Program Files (x86)\Microsoft
Office\Office14\ONENOTE.EXE
Port configuration for Standard profile:
Port Protocol Mode Traffic direction Name
-------------------------------------------------------------------
5800 TCP Enable Inbound
vnc5800
5900 TCP Enable Inbound
vnc5900
1900 UDP Enable Inbound
Windows Live Communications Platform (SSDP)
2869 TCP Enable Inbound
Windows Live Communications Platform (UPnP)
ICMP configuration for Standard profile: Mode Type Description ------------------------------------------------------------------Enable 2 Allow outbound packet too big
Log configuration: ------------------------------------------------------------------File location = C:\Windows\system32\LogFiles\Firewall\pfirewall.log Max file size = 4096 KB Dropped packets = Disable Connections = Disable
IMPORTANT: Command executed successfully. However, "netsh firewall" is deprecated; use "netsh advfirewall firewall" instead. For more information on using "netsh advfirewall firewall" commands instead of "netsh firewall", see KB article 947709 at .
Command 4: How to list the running processes
C:\>tasklist
Image Name
PID Session Name Session# Mem Usage
========================= ======== ================ =========== ============
System Idle Process
0 Services
0 24 K
System
4 Services
0 56 K
smss.exe
436 Services
0 656 K
csrss.exe
628 Services
0 4.048 K
wininit.exe
704 Services
0 328 K
csrss.exe
728 Console
1 20.552 K
services.exe
772 Services
0 9.912 K
(truncated output)
Command 5: How to list the running services associated with processes
Page 4
Windows Commands and Tools ? Part 1
C:\>tasklist /SVC
Image Name
PID Services
========================= ========
============================================
System Idle Process
0 N/A
System
4 N/A
smss.exe
436 N/A
csrss.exe
628 N/A
wininit.exe
704 N/A
csrss.exe
728 N/A
services.exe
772 N/A
lsass.exe
784 KeyIso, ProtectedStorage, SamSs
lsm.exe
792 N/A
svchost.exe
900 DcomLaunch, PlugPlay, Power
nvvsvc.exe
976 NVSvc
svchost.exe
1016 RpcEptMapper, RpcSs
(truncated output)
Command 6: How to list started services
C:\>net start These Windows services are started:
Adobe Acrobat Update Service Application Information avast! Antivirus Background Intelligent Transfer Service Base Filtering Engine Bitvise SSH Server Bluetooth Support Service Certificate Propagation CNG Key Isolation COM+ Event System Computer Browser Cryptographic Services DCOM Server Process Launcher Desktop Window Manager Session Manager (truncated output)
Command 7: How to list network connections
C:\>netstat -oban
Active Connections
Proto Local Address Foreign Address State PID
TCP 0.0.0.0:22
0.0.0.0:0
LISTENING 13232
[BvSshServer.exe]
Page 5
................
................
In order to avoid copyright disputes, this page is only a partial summary.
To fulfill the demand for quickly locating and searching documents.
It is intelligent file search solution for home and business.
Related download
- d link dir 615 user manual
- configure a router as a upnp internet gateway device with
- user manual tenvis
- technicolor docsis gateway model cgm4331xxx user guide
- lg nas faq v0 lg electronics
- optimizing uds enterprise in windows 10
- what is home network security and why should i care
- air force association s cyberpatriot jmu
- pushback by end users disable appdata exe
- security flaws in universal plug and play h d moore