Little known netsh commands

How is your network card and computer routing?

Use the following command to see the routing table – from the command prompt type -

netsh interface ipv4 show route

Publish  Type      Met  Prefix                    Idx  Gateway/Interface Name
-------  --------  ---  ------------------------  ---  ------------------------
No       Manual    0    0.0.0.0/0                  11  192.168.2.1
No       Manual    256  127.0.0.0/8                 1  Loopback Pseudo-Interface 1
No       Manual    256  127.0.0.1/32                1  Loopback Pseudo-Interface 1
No       Manual    256  127.255.255.255/32          1  Loopback Pseudo-Interface 1
No       Manual    256  192.168.2.0/24             11  Wireless Network Connection
No       Manual    256  192.168.2.77/32            11  Wireless Network Connection
No       Manual    256  192.168.2.255/32           11  Wireless Network Connection
No       Manual    256  224.0.0.0/4                 1  Loopback Pseudo-Interface 1
No       Manual    256  224.0.0.0/4                11  Wireless Network Connection
No       Manual    256  255.255.255.255/32          1  Loopback Pseudo-Interface 1
No       Manual    256  255.255.255.255/32         11  Wireless Network Connection


If you want to see your specific routes per interface you can do that using type the 
following at a command prompt=

netsh interface ipv4 show route verbose

Destination Prefix:     0.0.0.0/0
Source Prefix:          0.0.0.0/0
Interface Index:        11
Gateway/Interface Name: 192.168.2.1
Publish:                No
Type:                   Manual
Metric:                 0
SitePrefixLength        0
ValidLifeTime           584415
PreferredLifeTime       584415


Destination Prefix:     127.0.0.0/8
Source Prefix:          0.0.0.0/0
Interface Index:        1
Gateway/Interface Name: Loopback Pseudo-Interface 1
Publish:                No
Type:                   Manual
Metric:                 256
SitePrefixLength        0
ValidLifeTime           Infinite
PreferredLifeTime       Infinite


Destination Prefix:     127.0.0.1/32
Source Prefix:          0.0.0.0/0
Interface Index:        1
Gateway/Interface Name: Loopback Pseudo-Interface 1
Publish:                No
Type:                   Manual
Metric:                 256
SitePrefixLength        0
ValidLifeTime           Infinite
PreferredLifeTime       Infinite


Destination Prefix:     127.255.255.255/32
Source Prefix:          0.0.0.0/0
Interface Index:        1
Gateway/Interface Name: Loopback Pseudo-Interface 1
Publish:                No
Type:                   Manual
Metric:                 256
SitePrefixLength        0
ValidLifeTime           Infinite
PreferredLifeTime       Infinite


Destination Prefix:     192.168.2.0/24
Source Prefix:          0.0.0.0/0
Interface Index:        11
Gateway/Interface Name: Wireless Network Connection
Publish:                No
Type:                   Manual
Metric:                 256
SitePrefixLength        0
ValidLifeTime           Infinite
PreferredLifeTime       Infinite


Destination Prefix:     192.168.2.77/32
Source Prefix:          0.0.0.0/0
Interface Index:        11
Gateway/Interface Name: Wireless Network Connection
Publish:                No
Type:                   Manual
Metric:                 256
SitePrefixLength        0
ValidLifeTime           Infinite
PreferredLifeTime       Infinite


Destination Prefix:     192.168.2.255/32
Source Prefix:          0.0.0.0/0
Interface Index:        11
Gateway/Interface Name: Wireless Network Connection
Publish:                No
Type:                   Manual
Metric:                 256
SitePrefixLength        0
ValidLifeTime           Infinite
PreferredLifeTime       Infinite


Destination Prefix:     224.0.0.0/4
Source Prefix:          0.0.0.0/0
Interface Index:        1
Gateway/Interface Name: Loopback Pseudo-Interface 1
Publish:                No
Type:                   Manual
Metric:                 256
SitePrefixLength        0
ValidLifeTime           Infinite
PreferredLifeTime       Infinite


Destination Prefix:     224.0.0.0/4
Source Prefix:          0.0.0.0/0
Interface Index:        11
Gateway/Interface Name: Wireless Network Connection
Publish:                No
Type:                   Manual
Metric:                 256
SitePrefixLength        0
ValidLifeTime           Infinite
PreferredLifeTime       Infinite


Destination Prefix:     255.255.255.255/32
Source Prefix:          0.0.0.0/0
Interface Index:        1
Gateway/Interface Name: Loopback Pseudo-Interface 1
Publish:                No
Type:                   Manual
Metric:                 256
SitePrefixLength        0
ValidLifeTime           Infinite
PreferredLifeTime       Infinite


Destination Prefix:     255.255.255.255/32
Source Prefix:          0.0.0.0/0
Interface Index:        11
Gateway/Interface Name: Wireless Network Connection
Publish:                No
Type:                   Manual
Metric:                 256
SitePrefixLength        0
ValidLifeTime           Infinite
PreferredLifeTime       Infinite

Pocket Guide To Securing Mobile Devices – Dark Reading

Oct25

With workers bringing their own smartphones and tablets into the company, IT security needs to focus on creating a more secure environment, not on securing each device -Pocket Guide To Securing Mobile Devices – Dark Reading.

New Botnets Gaining Traction Across The Web, Study Says – Dark Reading

Oct25

Damballa report shows seven new botnets among the top 10 largest; off-the-shelf construction kits dominate list. via DarkReading share- New Botnets Gaining Traction Across The Web, Study Says – Dark Reading.

TDL4 Botnet Now Even Harder To Kill – Dark Reading

Oct25

Researchers say that the rootkit used in the TDL4 botnet has been partially rewritten in what appears to be an attempt by the creators to make it even harder to eradicate. via DarkReading Share -TDL4 Botnet Now Even Harder To Kill – Dark Reading.

Notes

UPDATE – See note at the end of this article.

(This first option of repair the MBR can fix the Win32/Popureb.E virus)

Option 1

Try Malwarebytes, Super AntiSpyware portable in Safe Mode First

Option 2

You must boot the PC into repair mode, hitting F8 before windows starts and select:

Repair my Computer

Select the Command Prompt

The virus may have caused damage to your Master Boot Record (MBR) and Boot Configuration Data (BCD). :

bootrec /fixmbr

bootrec /fixboot

bootrec /rebuildbcd

Reboot your computer

Note: This should fix the MBR. You will then run your anti-virus again. Repairing an MBR can be risky.

Kaspersky’s fix

Here’s a quick fix Dawn found! Kudos to her for finding a fix to save time -

http://www.bleepingcomputer.com/virus-removal/remove-tdss-tdl3-alureon-rootkit-using-tdsskiller

Other Notes -

Which anti-malware should you use when removing a virus or malware? Here’s a list if removal is tough. These programs can be used for system maintenance. You should use cleaners such as Glary or CCleaner to clean your computer first. So boot into safe mode and uncheck all startup items (NOT process) by typing msconfig in the run line. Then run these programs when removing a virus / malware.

Online Scanners

Kaspersky Virus Scanner

McAfee Security Scan

Panda Security Antivirus Scan

Qualys Browser Check

QualysGuard Malware Detection

Symantec Security Check

TrendMicro HouseCall Virus Scan

Webroot Spy Sweeper

Windows Live

CVE-2013-3496 (vipnet_client, vipnet_coordinator, vipnet_personal_firewall, vipnet_safedisk)
Infotecs ViPNet Client 3.2.10 (15632) and earlier, ViPNet Coordinator 3.2.10 (15632) and earlier, ViPNet Personal Firewall 3.1 and earlier, and ViPNet SafeDisk 4.1 (0.5643) and earlier use weak permissions (Everyone: Full Control) for a folder under %PROGRAMFILES%\Infotecs, which allows local users to gain privileges via a Trojan horse (1) executable file or […]
CVE-2013-2849 (chrome)
Multiple cross-site scripting (XSS) vulnerabilities in Google Chrome before 27.0.1453.93 allow user-assisted remote attackers to inject arbitrary web script or HTML via vectors involving a (1) drag-and-drop or (2) copy-and-paste operation.
CVE-2013-2848 (chrome)
The XSS Auditor in Google Chrome before 27.0.1453.93 might allow remote attackers to obtain sensitive information via unspecified vectors.
CVE-2013-2847 (chrome)
Race condition in the workers implementation in Google Chrome before 27.0.1453.93 allows remote attackers to cause a denial of service (use-after-free and application crash) or possibly have unspecified other impact via unknown vectors.
CVE-2013-2846 (chrome)
Use-after-free vulnerability in the media loader in Google Chrome before 27.0.1453.93 allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors, a different vulnerability than CVE-2013-2840.

TTC Shelbyville – Technical Blog

Computer Information Technology

Daily Archives: Tuesday, October 25, 2011 1:08 am

Little known netsh commands

Pocket Guide To Securing Mobile Devices – Dark Reading

New Botnets Gaining Traction Across The Web, Study Says – Dark Reading

TDL4 Botnet Now Even Harder To Kill – Dark Reading

Follow “TTC Shelbyville - Technical Blog”

S	M	T	W	T	F	S
« Sep				Nov »
						1
2	3	4	5	6	7	8
9	10	11	12	13	14	15
16	17	18	19	20	21	22
23	24	25	26	27	28	29
30	31

Share This Post!

Like this:

Share This Post!

Like this:

Share This Post!

Like this:

Share This Post!

Like this:

Follow “TTC Shelbyville - Technical Blog”