The Typical Default Win9x Networking Environment

Purpose and Scope
There are a finite number of ways that a Win95 box can connect to a
 1.  One network interface card (NIC) to another via a 'crossover'
     Ethernet cable.
 2.  One NIC to a hub/switch/router directly.
 3.  A dialup adapter to a dial-up networking (DUN) server (modem to
     Internet Service Provider (ISP)).
 4.  A 'direct' connection using a serial/parallel/USB port and a special
 5.  other, ambiguous, out-of-scope-and-therefore-not-that-important ways...

Case #4 above is just about useless in terms of the scope of this article.

About 80-90% of my observations have been with Win95OSR2.x.  I've used
Win98, it sucked worse.  I will never try to use WinME unless I'm getting
paid to.  Win95OSR1 and prior sucked too.  At least OSR2.x made use of
USB devices (with the correct, unsupported driver) and FAT32.  It was
Microsoft's first, real attempt at a multi-tasking, multi-threading,
32-bit operating system for the home/small business consumer.  NT Server
is for the most part pretty cool, and for those that can lock down an
NT Server install, works very well.  I have yet to find a use for NT
Workstation.  Kick 'em when they're down: NT gaming sucked.

Win2000: Aside from the fact it was created in Redmond, this one ain't
all that bad once you dumb it down. NT kernel *and* you can game on it.

WinXP: Used it once or twice.  Sucks.

win2003: Have heard it's their best yet.  We'll see...

Opinion (Microsoft O.S. software): expensive. bloated. proprietary.
                                   buggy. non-standardized.

From here on out, when I say Win95, I mean Win95OSR1, Win95OSR2.x, and the
Win98's.  And yes, Windows for Workgroups will implement most of these
commands too with Microsoft's TCP/IP 32-bit patch to it.

Microsoft's TCP/IP stack for Win95 provides the user with nine commands
that help answer network-related questions: arp, ftp, nbtstat, net,
netstat, ping, route, tracert, and winipcfg.  There are others, but
again, they are out of scope.  After the next sentence, the net command
will be out of scope.  Save the net command for implementing what
you learn with the other commands, as it's primary purpose is to connect
(disconnect/debug) a client and a server in a corporate, M$ O.S. network.

I'll try to cover the possible scenarios one may encounter when invoking
a command to help one understand the functionality of a given command
first (you can't telnet to a public IP address if you don't have a route
o get there available).

Lastly, some of what you may read is my opinion, and some of what I write
is fact.  When you get to a fact (or a statement I project as fact),
consider this: I do not try to project facts I don't think are true.
When you get to an opinion, consider this: this is written for the newbie
and I have purposely omitted some options, extraneous results, and the like
for sake of content - I'm not writing a book, and the basics are the
basics.  So, from here on out as well, it's KISS.

What's your connection? - You do have one, don't you?
To get to a DOS prompt: click Start button, click Run, type "command"
into the box and press Return.  This is the 'command line environment'
(DOS shell, DOS prompt), it's the best place to be when running Windows.
Start, Run, "winipcfg" is a good one too, and we'll cover that next.
The other seven commands have options, parameters, arguments, and flags
that make Start, Run, [command] a moot point of execution.

WinIPCfg brings up a graphical user interface (GUI) window.  Click on the
'More Info>>' button to show the good stuff.  Check out the different
Ethernet Adapters you have available from the combo box (drop down thing
with the arrow on it).  If you have a dialup adapter or two (or more),
those usually represent the 'interface' your modem uses.  If you have an
AOL Adapter, same thing, except it's tuned specifically for AOL's (or
Compuserve's) network.  If you have a NIC (Network Interface Card - the
card the Ethernet, coaxial cable, or transceiver plugs into), that should
show up as well.  PPP (point-to-point protocol) adapters (if listed) are
used for Microsoft's VPN (Virtual Private Network) client, and, guess
what...  out of scope.

For optimal use of these commands (NOT necessarily the safest!), a NIC
connected to the Internet with a public IP address works best, and a modem
to the Internet second to best.  If you can't "get to the 'Net", don't
worry: you can still use the commands to learn the important concepts of a
'default' Win95 network environment.

When you're connected to the 'Net, find an adapter that has a public IP
address.  Chances are, when you're using the other seven commands, this is
the IP address the world is seeing.  Just because you ping someone, doesn't
mean they don't know who pinged them.  TCP/IP packets have destination AND
source IP addresses embedded into them.

Know Your Default Gateway - your 'next hop'
Not much to say on this topic.  Your default gateway is the IP address
of the device 'interface' that is your next hop (packet destination) for
TCP/IP communications (your cable modem, your ISP's loose NT Terminal
Server box, your Cisco to a T-3 (you dog you)).  You ping anything, it sees
the request first, and the result(s) last (usually).

Understand Your Subnet Mask some other time, just not now
But you'd better do it!

DHCP Server - Dynamic Host Configuration Protocol server
Dynamic being the big word here kids, as opposed to static.  As in static
IP address... static, doesn't change.  Does  not  change.

If your ISP applies the word 'dynamic' to actually assign you a different
IP address each time you connect, the device that owns the IP address in
this box gave it to you (my ISP uses it, but has only changed my IP once
since I installed the cable modem many, many months ago).  It also
determines how long that IP is valid, by issuing a 'lease' on the address.

Opinion (DHCP and the 'Net): some people like getting different IP's all
                             the time so as to have more anonymity with
                             their connection; some people like static IP's
                             so as to use computer services requiring one.

Primary and Secondary WINS Servers - whoo boy
Microsoft's Windows Internet Naming Service servers try to keep track of
what NetBIOS machine names are running on a given network segment/subnet/
network(s), what users have logged on from what IP addresses, what IP's
belong to Workgroup, to Primary, and to Secondary Domain Controllers,
and more (scope, scope, scope).  Win2000 uses something called Active
Directory, which is a combination of the Internet's Domain Name System
and WINS.  Let's just say that if you never have to deal with WINS during
your use of the seven commands, you're fortunate.

OK, look up top now, where the information does not change even when you
click on different Ethernet Adapters.

Host Name - your machine's Internet 'name'
This is different from your NetBIOS name (Control Panel, Network,
Identification Tab).  This is the name of your computer from the
Internet's perspective.  Usually, if you use DHCP for your IP address,
this name is assigned by your ISP.  If you typed this in (Control Panel,
Network, any interface's TCP/IP DNS tab), you probably have a static IP
address and your ISP may or may not care what you call your own machine.

DNS Servers - Domain Name System servers
Your ISP controls these.  They resolve web site names and servers to public
IP addresses so your browser or whatever can 'get there'.  These machines
provide a lot of information about the Internet if you use them properly.
They provide even more if you use them improperly.  If it was yours to
have, you'd have it.  Don't break DNS machines - they provide a great
service and dey been 'round awhile.

Other Stuff
Node Type (one of four types of WINS nodes), NetBIOS Scope Id (logical
NetBIOS 'subnet' groupings), IP Routing Enabled (can machine route IP),
WINS Proxy Enabled (can machine store WINS workgroup browser information),
NetBIOS Resolution Uses DNS (will WINS resolution use DNS resolution).
Heavy Microsoft stuff.  Perhaps the bane of their existence.  If you're
bored, learn this stuff.  RFC compliance (what?!?).

Do You Have To Do That In Public?
Well, using the seven commands basically depends on whether or not you're
connected to the Internet.  I mentioned previously that the public NIC
card is the way to go, but that a modem connection would also work.  If
you use AOL (or some other auto-configuring-wizard-won't-connect-me-until-
I've-forked-over-a-credit-card-number-piece-of-shit-software-package) then
all you have to do is type your password, press Return, and wait for a
modem connection.  If successfully logged in, you can 'Get to a DOS
Prompt' and use the commands... you may proceed.

If you use an independent ISP who makes network configurations available
to you, chances are good that you're already connected as well.  But maybe
reading on to figure out what you set your equipment to do might prove

If you've got yerself one of them there brand-spankin-new cable modems,
or DSL lines, or better, but aren't quite sure what happened before the
technician asked you to sign the paper, what's up next should be right up
your alley.

Control Panel, Network icon - the name says it all
What strikes you first should probably be the uncanny resemblance between
the green-icon adapters here and those listed in the WinIpCfg combo box.
These are your available (installed) interfaces, and they represent the
physical device used to send and receive your TCP/IP packets.  You may
have one (or more) blue-computer-screen-icon network Clients installed.
Scrolling down may reveal your pretty-wire-icon Protocols installed.
And finally, you may have a pretty-hand-showing-your-benevolence-by-
holding-a-computer-out-to-the-world Service running on your machine (if
you do, and it's called Personal Web Server, and you didn't know you were
running your own web site... uninstall it)(if you do and it's called File
and Printer Sharing for Microsoft Networks and your ISP doesn't block the
NetBIOS ports (137-139) at your default gateway (ask them), remove it).

Here lies the nuts and bolts of your TCP/IP configuration.  You can
control just about everything from here.  Yep, one typo without corrective
documentation to fix it and you might never connect again.  If you decide
to change stuff in here, you'd better be sure you know what you're doing
(that's not asking a lot is it?).

NetBIOS - simply put, I think
Let's move to the Identification tab before we cover the Configuration
tab (what about the Access Control Tab?  It ain't got no scope).

The Computer Description typed here is typically used during Microsoft
Network browsing events to display a given subnet's machine's description
(read: WINS browsing a.k.a. Network Neighborhood).  The WorkGroup is
pretty irrelevant unless you're in a corporate networked environment and
don't answer to a Domain Controller (hopefully rare).  The computer name
is how Microsoft's NetBEUI protocol and Microsoft's WINS services see
you.  This name would be seen on the Internet if at any point while you
are connected, someone asks for it and gets it because of a lack of a
block on the NetBIOS ports (137, 138, & 139).  Steve Gibson's Shields Up!
web site contains an example of this type of exposure.  Other [mis|ab]uses
include cookies, Internet Explorer, SpyWare, and more.

Back to the Config Tab
Sorry, we're done.  You need at least one Adapter listed and you need the
TCP/IP Protocol.  This minimal setup will make the seven commands
available.  If you add the Client for Microsoft Networks, you will only be
enabling WINS services.

Opinion (NetBIOS & WINS): Unless you have a need to run the Microsoft
                          Client, don't.

DUN - Dial-Up Networking
Well... another can o' worms.  *sigh*
Just make sure it's upgraded to (at least) version 1.3.  Visit  Get the other patches for your specific operating
system.  Seriously.  Use of these commands relies on them (the executable
files) being up to date.  I've got about 5 or 6 I try to do on every Win95
machine I deal with, but there's at least 25 or 30 that could apply (not
counting IE related ones).

Anyway, if you use DUN, you've probably been provided with the necessary
configuration information and changing it would in all likelihood disable
your Internet connection.  And what fun would that be?

More Other Stuff
RAS (Remote Access Service) - useful in corporate environments, the service
coordinating segment to segment network connections (whether dialup, SLIP,
PPP, PPTP, etc.).  NDISWAN (yea) - neat name for VPN related pseudo-
protocol.  WinSock (Windows Sockets) - complete with their own API
(Application Programming Interface), most useful Windows IP connections
are 'socket' oriented

this seems like a good place to end

0.6 2/6/04
corrections, suggestions, etc. - spud ]at[ attrition ]dot[ org

thanks for your participation