mswindows:start

This is an old revision of the document!

Microsoft Windows

Commandes rรฉseau

  • ๐—ถ๐—ฝ๐—ฐ๐—ผ๐—ป๐—ณ๐—ถ๐—ด โ€“ Show network configuration
  • ๐—ถ๐—ฝ๐—ฐ๐—ผ๐—ป๐—ณ๐—ถ๐—ด /๐—ฎ๐—น๐—น โ€“ Detailed IP/DNS info for incident validation
  • ๐—ถ๐—ฝ๐—ฐ๐—ผ๐—ป๐—ณ๐—ถ๐—ด /๐—ฟ๐—ฒ๐—น๐—ฒ๐—ฎ๐˜€๐—ฒ โ€“ Release IP to cut rogue connections
  • ๐—ถ๐—ฝ๐—ฐ๐—ผ๐—ป๐—ณ๐—ถ๐—ด /๐—ฟ๐—ฒ๐—ป๐—ฒ๐˜„ โ€“ Renew IP after network reset
  • ๐—ถ๐—ฝ๐—ฐ๐—ผ๐—ป๐—ณ๐—ถ๐—ด /๐—ณ๐—น๐˜‚๐˜€๐—ต๐—ฑ๐—ป๐˜€ โ€“ Clear DNS cache (stop DNS poisoning)
  • ๐—ฝ๐—ถ๐—ป๐—ด [๐—œ๐—ฃ] โ€“ Test host reachability (detect filtering/DoS)
  • ๐˜๐—ฟ๐—ฎ๐—ฐ๐—ฒ๐—ฟ๐˜ [๐—œ๐—ฃ] โ€“ Trace suspicious traffic path
  • ๐—ป๐˜€๐—น๐—ผ๐—ผ๐—ธ๐˜‚๐—ฝ [๐—ฑ๐—ผ๐—บ๐—ฎ๐—ถ๐—ป] โ€“ Investigate phishing/malware domains
  • ๐—ป๐—ฒ๐˜๐˜€๐˜๐—ฎ๐˜ -๐—ฎ๐—ป โ€“ Spot unusual open ports & connections
  • ๐—ป๐—ฒ๐˜๐˜€๐˜๐—ฎ๐˜ -๐—ฏ โ€“ See which process is making network connections
  • ๐—ฎ๐—ฟ๐—ฝ -๐—ฎ โ€“ Detect ARP spoofing/poisoning attempts
  • ๐—ต๐—ผ๐˜€๐˜๐—ป๐—ฎ๐—บ๐—ฒ โ€“ Verify compromised system identity
  • ๐—ด๐—ฒ๐˜๐—บ๐—ฎ๐—ฐ โ€“ Validate legitimate MAC addresses
  • ๐—ป๐—ฒ๐˜ ๐˜‚๐˜€๐—ฒ โ€“ Check unauthorized shared drive access
  • ๐—ป๐—ฒ๐˜ ๐˜€๐—ต๐—ฎ๐—ฟ๐—ฒ โ€“ List shared resources for data exfil risks
  • ๐—ป๐—ฒ๐˜ ๐˜€๐˜๐—ฎ๐—ฟ๐˜ โ€“ Spot suspicious or unauthorized services
  • ๐—ป๐—ฒ๐˜ ๐˜€๐˜๐—ผ๐—ฝ โ€“ Kill malicious services
  • ๐˜๐—ฎ๐˜€๐—ธ๐—น๐—ถ๐˜€๐˜ โ€“ See running processes (correlate with netstat)
  • ๐—ฟ๐—ผ๐˜‚๐˜๐—ฒ ๐—ฝ๐—ฟ๐—ถ๐—ป๐˜ โ€“ Inspect routing table for anomalies
  • ๐—ป๐—ฒ๐˜๐˜€๐—ต ๐—ฎ๐—ฑ๐˜ƒ๐—ณ๐—ถ๐—ฟ๐—ฒ๐˜„๐—ฎ๐—น๐—น ๐—ณ๐—ถ๐—ฟ๐—ฒ๐˜„๐—ฎ๐—น๐—น ๐˜€๐—ต๐—ผ๐˜„ ๐—ฟ๐˜‚๐—น๐—ฒ ๐—ป๐—ฎ๐—บ๐—ฒ=๐—ฎ๐—น๐—น โ€“ Review firewall rules for
  • mswindows/start.1757940836.txt.gz
  • Last modified: 2025/09/15 14:53
  • by alberto