Broadband - Exchange
Login Scripts - Net Admin
Outlook - Windows Mobile
Windows
Terminal Services /
Remote Desktop Shortcut Keys
Limiting the Number of Logins a User Can Make
When you are on the internet or are working in an networked environment you may think you have problems with your network connection. However it would be helpful if you could diagnose whether there is a problem and what it is.
Fortunately there are some useful tools built in to all versions of Windows which can help you, you just need to know what they are and how to use them. This page explains them and gives you some example of the circumstances when it is a good idea to use them. |
In the context of this article, |
Most of the tools on this page are accessed from the DOS or Command prompt. While this can look a little scary to a novice user, it can be quite powerful and allow you to manipulate your system and see what is going on in a a way that isn't possible with nice looking GUI (Graphic User Interface) tools. However if you are a novice to the Command Prompt, then you should read our introduction here.
Although you can run these tools from the "Run" box off the start menu, as soon as the command has finished, the box will close which will stop you from seeing the results. Always open a command box first and then enter the command there.
Presumptions
This page and the tools listed presume that you have checked that your network settings are entered correctly - IP address and DNS settings. If you are unsure, you should speak to your network administrator or internet service provider before continuing. These tools can help you discover if the settings you have are working correctly, but need something to work from originally.
It also presumes that you have checked your physical connections. Network cables should have a light flashing indicating a connection. Connections to the Internet should have some kind of indication that the connection is live.
Tools and Scenarios
Below is a list of tools that are discussed on this page, along with some scenarios that they will be useful for. Simply find the scenario you are trying to resolve and try the tools that can help you diagnose the problem.
Getting Help
When working with the tools you can get help by typing the command, then "/?" , e.g.. "ping /?" (minus the quotes).
Saving the Results
If you are running a command, or want to view the help then you can send the results to a file for viewing elsewhere or to send to a friend, colleague or helpdesk for diagnosis. Simply enter >c:\<filename>.txt after your command to send the results to a file instead of the screen. To use ping as an example:
ping /? >c:\ping.txt
ping www.amset.info >c:\ping.txt
This sends the results of "ping /?" or the ping to amset.info to a text file in the root of your c: drive called "ping.txt" which you can view with a text editor like notepad.
Scenario list
To help you choose the tool you need to diagnose your problem, this handy chart outlines some of the potential problems and which tool will help you diagnose where the problem is.
| ping/pathping | traceroute | netstat | net shell | dns and dns lookup | telnet | external tools | |
| Cannot connect to a web site, but can connect to others | ping/pathping | trace route | dns and dns lookup | telnet | external tools | ||
| Cannot connect to email, but can browse web sites | ping/pathping | trace route | telnet | ||||
| Suspect malicious application on machine | netstat | dns and dns lookup | |||||
| My ISP has a general problem | external tools | ||||||
| IP networking problems on my local machine | ping/pathping | netstat | net shell |
Ping is probably one of the most used Command Line tools and for good reason. it is a quick and easy way to see whether the site or service you are trying to connect to is actually alive. It is usually the first tool most network administrator use when faced with any kind of problem. You can use results from other actions to carry out further actions in Ping to discovered where the problem may be.
Using Ping
To use ping, simply open a command prompt and enter ping then the name of the host that you want to check, without the http, ftp etc or any directories, slashes or other information.
ping www.amset.info
You can also ping IP addresses:
ping 81.27.96.35
After pressing enter you will get a number of responses:
| Response returned | Which means... |
| ping request could not find host... | The address you have entered doesn't exist. Check your spelling and try again. |
| reply from... | The address that you have entered is alive and responding to pings |
| request timed out... | The address was found but it isn't responding to ping requests |
Getting the "Request timed out" doesn't always mean that the host you are pinging is actually down. Some sites will block the "ping packets" from being returned as a security measure, so they will never respond to a ping. There are other tests that you can do to verify whether the host is alive or not, using Telnet.
Infinite Ping
With an additional command you can ask your machine to keep pinging a machine until you end it. This is useful if you are moving a cable that you think is a problem or you have an intermittent fault.
To continuously ping a host, add the command "-t" to the end after the host. For example:
ping www.amset.info -t
To end the continuous ping, press Ctrl and C which sends a break to it.
Path Ping (Windows XP and Windows 2003 server only)
Path ping is a new tool introduced by Microsoft which combines ping and Trace Route. It analyzes the route in the same way that trace route does, but sends multiple pings to each hop on the way. It then collects statistics on this route to tell you whether one particular hop is being very slow, indicating a problem. This does make it a slower tool than ping, but can provide more information useful for diagnosis.
Using Path Ping
Using pathping is very similar to the standard ping application. In a command prompt enter the command "pathping" then the host or Ip address that you want to check. For example:
pathping www.amset.info
pathping 81.27.96.35
After pressing enter you will get one of two results. Either "unable to resolve target" which means that the name doesn't exist or the pathping will begin, only to end with a successful or failure result code. Refer to the tracert results table below for information on these result codes.
If the process seems to be going on too long, then press Ctrl and C to end it.
More information on pathping can be found in the online Windows Help system.
Netsh Ping
You can also ping through the Netshell interface, allowing you to ping certain servers and settings that are configured on your machine. See the netsh section below for more information on this powerful application.
When you browse the Internet, your machine doesn't not connect directly to the other site, it goes through many hops. This can be as few as one or two if you are connecting to the web servers internally or at your internet service provider, to as many as 30 if you are browsing to a web site hosted on the other side of the world. In most cases you don't need to worry about how many hops you go through. the ISP will be routing your traffic to the required host, possible over a number of routes to ensure that your request reaches it and the reply gets back.
What Trace Route does is show you the route that it is taking.
If you are getting a problem where you cannot connect to a certain site, trace route can help you diagnose whether it is a local problem, an ISP problem or a wider issue.
Using Trace Route
The trace route command is "tracert" and as with ping, you can trace to either an name or an IP address. In an open command prompt windows, enter the command tracert followed by the host you want to connect to.
tracert www.amset.info
tracert 81.27.96.35
After pressing enter, the trace will either fail immediately, or you will get one of the following result codes:
| Message | Which means... |
| Unable to resolve target system <site name> | the name you entered doesn't exist |
| Trace complete | trace was successful, the results will be shown above |
| Request timed out | either the host or one of the hops on the way didn't respond in the timeout period. This usually indicates there is a problem.* |
| Destination network unreachable | this means that a device that the rest of the Internet is sending traffic to the host cannot connect to it or doesn't know where to send the traffic. Again, usually indicates a problem that is often outside of your control.** |
* If you get this message more than two or three times together in a trace, you can usually do the CTRL-C key combination to stop it. Waiting for the timeout to complete is a waste of time.
** If you get this immediately then your internal routing is at fault. If it occurs after three or four hops then it is probably outside of your control.
If the problem is a hop outside of your ISP, there is very little that you can do. Hopefully the problem will be resolved or routers will find an alternative route around the problematic machine.
More information on tracert can be found in the online Windows Help system.
Net Stat is a tool that tells you what your machine is connected to at the moment the command is run. This makes it a very useful tool to see if your machine is connecting to servers that you don't know about - possibly via the so called "Spy Ware" or "Ad Ware". By adjusting the switches after the command you can change the way the information is presented.
This tool can display information about the active connections, as well as whether the machine is listening for connections - i.e. ready to receive a connection from another machine.
| Command | Displays |
| netstat | Active connections only, with the full domain name |
| netstat -a | Active connections and listening ports with full domain name |
| netstat -ao | Active connections and listening ports with full domain name and PID of application using it* |
| netstart -an | Active connections and listening ports but in numeric form (no domain names) |
| netstat -ano | Active connections and listening ports but in numeric form (no domain names) and PID of application using it* |
| netstat -<any of above> 30 | Repeats the command, updating the statistics after the number of seconds indicated. Change the number to increase or decrease the frequency Replace <any of the above> with either "a", "ao", "an" or "ano" |
* By adding the PID (Process Identification) you can see which application or service running on your machine is making the connection or is in a waiting state. To see the lists of processes, start the Task Manger (CTRL - ALT - DELETE then press Task manager, Right click on the taskbar and choose it from the options or press CTRL ALT ESC).
Once Task manager is loaded, if you cannot see PID in the list of columns, add it from the "View", "Select Columns" command.
Things to look for
If you have any of the following in a listening state on your machine and don't knowing know about running those type of applications then you may have an application on your system that is waiting for a third party to connect
| Port | Information |
| 25 | SMTP Server - email server |
| 80 | Web server |
| 110 | POP3 Server - email server |
If you see other ports that you want to check and the PID doesn't clarify their use then you can look at the official list maintained by the IANA (Internet Assigned Numbers Authority) here:
http://www.iana.org/assignments/port-numbers . This lists the most common port usage but is reliant on application providers registering the port use.
You could also do a search on Google for the word "port" and then the number to see if anyone else has reported it or can tell you what it is.
More information on netstat can be found in the online Windows Help system.
With the latest versions of Windows, the TCP/IP component is core to the operating system and therefore cannot be reinstalled, removed or disabled. This makes resolving problems with it a little more complex than before. Microsoft introduced with Windows 2000 a new utility that runs from the command line to allow you to adjust and diagnose the IP settings. This new command is called netsh (net shell). It takes preset commands, looks at what is configured in the operating system for those settings then uses them. Therefore you are testing the network settings as the operating system sees them.
There are two ways to operate the Netsh commands, both of which require a command prompt.
- By entering the full command string in the command prompt.
- By enter "netsh" and pressing enter.
If you going to be running lots of commands or want to look at the help files for subcommands, then method 2 is the better choice.
When you are in the netsh command shell, the prompt changes from "c:\>" to "netsh>"
Sample Netsh Commands
Below are some of the commands that you can run in a Netsh session and what they do. There are lots of commands available and these are just a sample of what is available.
In all cases, if you are running it outside of netsh (netsh>) then you need to prefix the command with "netsh" e.g:
netsh diag gui
| Action | Command |
| Try to connect to the mail server configured in Outlook Express | diag connect mail |
| Try to connect to the news server configured in Outlook Express | diag connect news |
| Try to connect to the Internet Explorer Proxy server (if configured) | diag connect ieproxy |
| Try to connect to a specific port on an IP address or host name | diag connect iphost <name> <port> |
| diag connect iphost <ip address> <port> | |
| Show network configuration | diag show all |
| Ping servers configured on your machine (run diag ping alone for the list of available server types) |
diag ping <server type> |
| Show the grpahical interface | diag gui |
| Reset IP Configuration | int ip reset |
| Show IP status | int ip show config |
More information on netsh can be found in the online Windows Help system.
DNS is core to the operation of most networks and the Internet. It stands for Domain Name Service and the best way to think of it is like a big phone book. Every machine on the Internet has a unique IP address. DNS maps those addresses to friendly names. For example www.bbc.co.uk is 212.58.224.125. Therefore if you are having problems with DNS settings or DNS lookups, it can hinder your web browsing.
If you are getting errors when browsing about hosts not being found, especially of they are popular sites like Microsoft, Yahoo or the BBC then your DNS could be at fault.
Flush DNS Cache
The first thing you should do is flush your DNS cache. This very simple, just start a command prompt and enter the following text:
"ipconfig /flushdns" (minus the quotes)
This will clean out the cache held on your local machine forcing it to look to the servers you have configured in your settings.
DNS Lookups
DNS lookups can be carried out from the command line using a tool called "nslookup". This tool doesn't have online help without entering the main shell.
A name lookup will tell you whether:
- The name or IP address exists
- What the current address is or which name it is registered to
To do a DNS lookup from a command line, open a command prompt and enter the following command:
nslookup <site address> for example nslookup www.bbc.co.uk
You can also do DNS lookups against other servers that don't belong to your ISP. This can verify whether your ISP has a problem. If you are running internal DNS servers (for example on a network) then using external DNS servers can be beneficial in discovering if the problem is local or not. To do this you need to enter the "nslookup" shell. Open a command prompt and just type "nslookup" (minus the quotes) and press enter. You will be told what server you are currently using for DNS.
To change server enter the command "server" then the IP address of the alternative DNS server that you want to use.
Then, to look up a host, just enter the name, for example www.bbc.co.uk .
When you have finished, type exit to leave the nslookup shell.
If you can browse successfully, then you might want to try one of the web based nslookup tools listed below in External Tools.
More information on nslookup can be found in the online Windows Help system.
Telnet is how everything on the Internet used to work. It is the way that you connect to UNIX type servers and is very basic. Therefore it is an excellent way to test your connectivity to hosts on and off your network.
With the more recent versions of Windows, telnet support from the command line has been introduced. For older versions of Windows you will to start the application from the start menu.
You can telnet to any port on a machine to see if it is working correctly. The most common telnet action is to connect to email servers. For example to connect to the email servers for Microsoft you would enter the following command in a Command Prompt:
telnet maila.microsoft.com 25
Note the spaces between the name and the number.
You can also telnet to port 80 (web), 110 (pop3 email). However unless you know the commands, actually navigating your way around is quite difficult. (For more information on using telnet to outbound SMTP email, see the telnet-test page of our Exchange section - here)
By telnetting to a host you can verify whether the port is open and ready to receive connections. If you cannot connect on the port, then that indicates a problem.
More information on Telnet can be found in the online Windows Help system.
There are many of servers out there that allow you to connect to them with a web browser and run simple network diagnostic tools for free. This is useful if you think that your ISP or internal network has a problem or you want to check connectivity from another country. The sites below have interfaces to these sites allowing you to choose the ones that you want to use.
Other sites in this list can give you information on domains and the DNS information.
Inclusion of a site in this list doesn't indicate endorsement or support from Amset IT Solutions Ltd.
All sites open in a new window.
Ping
http://www.tracert.com/cgi-bin/ping.pl
Tracert
http://www.geektools.com/traceroute.php
http://www.tracert.com/cgi-bin/trace.pl (you need the IP address for this one)
DNS Tools
Google Directory: http://directory.google.com/Top/Computers/Internet/Protocols/DNS/Web_Tools/
Whois (DNS Registration Information - who owns that domain)
http://www.geektools.com/cgi-bin/proxy.cgi
http://www.whois.net/
NS Lookup
http://www.tracert.com/resolver.html
Sponsored Links
12/04/2009
Back to the Top
Contact Us - Director's Blog
Windows Index - Home Page
Broadband - Exchange - Login Scripts - Network Admin - Outlook - Windows Mobile - Windows
© Sembee Ltd. 1998 - 2009. All rights reserved. Reproduction of any content on this web site is prohibited without express written consent. Use of this web site is subject to our terms and conditions. All trademarks and registered trademarks are property of their respective owners. This site is not endorsed or recommended by any company or organisation mentioned on this site. This site is to provide guidance only and as such we cannot be held responsible for any consequences of following the advice given.