20 Networking Tips and Tricks for Windows Sysadmins

We all wish we could be a little bit more efficient or perhaps get our work done just a little bit faster. The list below offers some tips and tricks to help make a sysadmin’s life a little easier. By no means is this an exhaustive list. The goal is to share some tidbits of information so sysadmins can squeeze a little more time out of their day. Here are 20 networking tips and tricks for Windows Sysadmins.

Netstat

The netstat command provides detailed information about the network. It displays protocol statistics and current TCP/IP connections. The information can be used to diagnose or troubleshoot network problems.

1. netstat – e displays Ethernet statistics. The interface statistics include bytes, unicast packets, non-unicast packets, discards, errors and unknown protocols.
2. netstat –r displays the route table. It can be used to determine why one system has a different experience than another on the same network.
3. netstat –f displays the full qualified domain name of the foreign address. This may be helpful to resolve names internally and externally.
4. netstat –ano can be used to track down which process identifier has an open port. –a shows all ports TCP and UDP, –n displays IP instead of the host name and –o displays active TCP connections and process ID.
5. netstat –antp is useful to audit network connections. –a shows all ports TCP and UDP, –n displays IP instead of the host name, –t displays only the TCP connections and –p displays process ID/name.
6. netstat –ab displays the current connections and the ports that are listening for incoming connections.

Handy FREE Utilities

7. Wireshark is a free sysadmin tool that captures packets and breaks them down into protocol headers and content. It lets you see everything that is happening on your network at a microscopic level.
8. Windows Sysinternals offers 60 select tools to help manage, diagnose and troubleshoot Windows systems and applications. The Sysinternals Suite contains general sysadmin tools. The Sysinternals Live provides the Sysinternals Suite tools via the Internet.
9. Process Explorer is a great tool that provides information on which process have loaded DLLs and open handles. This is handy to track down memory leaks and rogue processes. This tool is part of the Windows Sysinternals collection.
10. Windows System Control Center (WSCC) helps to view, organize and launch utilities. It acts as a repository for various utility suites. When installing WSCC for the first time, there is an option to download and install 270 troubleshooting tools. To launch a tool, select the desired tool from the pane on the left side. It supports NirSoft Suites and Windows Sysinternals.
11. NirSoft offers numerous utilities. One of the popular utilities is BlueScreenView that allows a sysadmin to view the crash information from the minidump files created from a blue screen of death.
12. TCPView shows all the connections the programs are making. It is a handy tool to audit machines to see if it is connecting to an unknown IP address. It is also useful to see which software consumes the most bandwidth and CPU. If the software is not being used, it can be removed.

Useful PowerShell Commands

Windows PowerShell is a command-line shell and scripting language to help control and automate the administration. These are some of the top PowerShell commands.

13. Get-Command will list the cmdlets under a specific module. For example, to see all the cmdlets included under the NetAdapter module:

Get-Command –Module NetAdapter

14. Use Get-Help to obtain more information on any cmdlet. –full gives all the available information. -online gives you online help. –examples gives examples and –detailed gives detailed information. The syntax is as follows:

Get-Help <cmdlet name> -Detailed

Get-Help <cmdlet name> -Examples

Get-Help <cmdlet name> -Full

15. Get-Service can be used to view all the Windows services on a local computer.
16. Get-Member provides information on the service objects cmdlet returns. After generating a list of service objects, more details on the properties of each object can be obtained. For example:

Get-Service | Get-Member

17. Select-Object can be used to specify specific properties to narrow down the amount of information.
18. Get-NetIPConfiguration, use this cmdlet to show the IP address and DNS servers on the system. This cmdlet presents a clear and concise picture of the system’s network configuration.
19. Get-NetIPAddress allows you to see the IP addresses configured on a system’s network adapters.
20. Get-Process used alone returns all the information about the processes running on the system.