When it comes to troubleshooting using simple tools it is very effective. The output of a simple test may infer that everything is working as expected, partially or in some other cases not working at all.
Consequently, this is generally also a fast way to identify where is the area that we need to focus our efforts or to validate the overall performances of our systems.
The most common tools that I use for network troubleshooting are:
Nmap
It’s a very powerful network scanner. It’s not installed by default on your operating system, except from some GNU/Linux security distribution (like Kali Linux).
“With great power comes great responsibility”.
Installing Nmap with APT (Debian, ubuntu, wsl , etc.):
1 |
apt-get install nmap -y |
With YUM (redhat, centos, etc.):
1 |
yum install nmap -y |
Check if multiple hosts are alive:
1 |
nmap -sP 10.0.10.1-100 |
Ping
Ping command operates on ICMP protocol and checks if a host, identified by name or IP, is reachable and how fast it is responding (measuring latency) if some packets have been dropped it can also show congestions on your link/path.
1 |
ping x.x.x.x |
But why don’t we use just PowerShell?
PowerShell : Test-Connection
1 2 3 4 5 6 7 |
PS C:\WINDOWS\system32> Test-Connection 172.16.9.222 -Count 3 Source Destination IPV4Address IPV6Address Bytes Time(ms) ------ ----------- ----------- ----------- ----- -------- LAB-BOX1 172.16.9.222 172.16.9.222 fe80::61a9:fe80:c702:3bf6%6 32 0 LAB-BOX1 172.16.9.222 172.16.9.2222 fe80::61a9:fe80:c702:3bf6%6 32 0 LAB-BOX1 172.16.9.222 172.16.9.222 fe80::61a9:fe80:c702:3bf6%6 32 0 |
Do you need a boolean value as a result?
1 2 |
PS C:\WINDOWS\system32> Test-Connection 172.16.9.222 -Quiet -Count 1 True |
But what if we want to check if a port is open on a given host?
A simple way of checking if a port is open would be opening a telnet session
1 |
telnet FQDN_OR_IP PORT_NUMBER |
or using a port scanner like (nmap).
That can be handy for testing not just security purpose and that can be integrated into other scripts.
Checking open ports on multiple hosts:
IP range and network
1 |
nmap -PN 172.16.9.100-222 |
1 |
sudo nmap -PN 172.16.9.222/24 |
1 |
sudo nmap -PN 172.16.9.222/24 |
Checking if specific ports are open
1 |
nmap -p 80,8080 172.16.9.100-255 |
PowerShell : Test-NetConnectionTest
1 2 3 4 5 6 7 8 9 10 11 12 |
PS C:\WINDOWS\system32> Test-NetConnection -Port 80 -computername 172.16.9.100 WARNING: TCP connect to (172.16.9.100 : 80) failed ComputerName : 172.16.9.100 RemoteAddress : 172.16.9.100 RemotePort : 80 InterfaceAlias : vEthernet (Virtual Switch LAB) SourceAddress : 172.16.9.100 PingSucceeded : True PingReplyDetails (RTT) : 0 ms TcpTestSucceeded : False |
Third-Party
There are other useful tools such netscanner from softperfect included in sysinternals.
Final Consideration
These tools are very effective and with a lot of features. Spending a couple of minutes reading the man page is definitely time well spent and can offer you new learning opportunities and sometimes the information you are looking for is described in one of the examples.