Pular para o conteúdo principal

Using netstat

Using netstat: "
As promised (in my article “How do I find my network information in Linux?“) I am going to introduce you to the netstat command. This command is a very useful tool for discovering networking information such as routing tables, network connections, interface statistics, masquerade connections, and multicast memberships. But it’s not quite as simple to use as some of of the other “discovery” tools (such as ifconfig). With netstat you really do need to know what you’re looking for and how to find it. This article will help you to understand just that.


Installation?
Fortunately your distribution should come with the netstat command pre-installed. To check this, open up a terminal window (that’s where you will use netstat anyway) and issue the command which netsat. This command should return something like /bin/netstat. That will tell you that the tool is installed and where the executable is.
Usage
Because netstat offers such a variety of options, it might be best if I first list some of the more useful options.
a: Shows the state of all sockets and routing table entries.
c: Display information continuously.
d: Show the state of all interfaces that use DHCP.
e: Show extended information.
g: Show the multicast group membership information for both IPv4 and IPv6.
i: Display a table of all network inferfaces.
l: Limit statistics to a defined interface.
M: Show multicast routing tables.
n: Shows network addresses as numbers instead of the default symbols.
p: Show address resolution tables.
P: Limit statistics to a defined protocol.
r: Show all routing tables.
t: Show TCP connections.
u: Show UDP connections.
v: Use verbose mode for output.
So let’s take a look and see how these can be used together.
netstat
By itself (no options) this command prints out generic statistics of the host you are currently connected to.
netstat -an
This command will display all connections to the host, including source and destination addresses and ports, and displays them as numbers.
netstat -rn
This command will display the routing table for the host in numeric form.
netstat -r
This command will display your routing table for your host.
netstat -natp
This command will display active TCP connections in numerical form.
netstat -t –listening
This will show you all tcp ports you host is listening on.



Figure 1
netstat –statistics
This command will display various statistics for your host’s interfaces. Note that this command will display a LOT of statistics. A snippet of the output will look like that shown in Figure 1.
As you can see, this command will display quite a bit of information. On top of that you might need to pipe this command through the less command in order to see it more easily. That full command would look like netstat –statistics | less. Using it that way would allow you to use your arrow keys to scroll up and down through the ouput.
Final thoughts
Although not an exhaustive look at the netstat command, this will get you started and using this handy tool. Since there are so many switches and options to use with netstat, in order to cover them all, take a look at the netstat man page (issue the command man netstat) where you can see each and every switch explained.
"

Comentários

Postagens mais visitadas deste blog

Improve Windows Security By Closing Open Ports

Improve Windows Security By Closing Open Ports : " A standard Windows operating system has a number of ports open after installation. Some of these ports are needed for the system to function properly while others might not. These ports can pose a security risk as every open port on a system might be an entry point for a malicious user. A port basically allows communication to or from the device. Characteristics are a port number, an IP address and a protocol type. This article will give you the tools at hand to identify and evaluate the open ports on your Windows system to make a decision in the end whether they can or should be closed or left open. Software programs and tools that we will use: CurrPorts : Available for 32-bit and 64-bit editions of Windows. It is a port monitor that displays all open ports on a computer system. We will use it to identify the ports and the programs that are using them. Windows Task Manager: Also used to identify the programs and link some p

Diagnosing a Blue Screen of Death Error in Windows

Diagnosing a Blue Screen of Death Error in Windows : For many years now the famous Blue Screen of Death (BSoD) has been the ultimate indication that something disastrous has happened to make your computer die, but how useful is the information in the BSoD and the respective crash dump file that Windows produces? The best article I ever found explaining the BSoD in depth is here on the Microsoft website, however it’s quite technical and doesn’t discuss how to actually troubleshoot a problem. The crash dump file is just technical details of what was being held in the computer’s memory at the time of the crash, and this will include details on every driver and service that was loaded, and every piece of software that was running. The most useful pieces of information are to be found on the BSoD itself and are highlighted on the screenshot below. These are the BSoD error name, the stop error code and the name of the driver or service that has failed (this last one might not always appea

FBackup is a simple, no-frills free backup application

FBackup is a simple, no-frills free backup application : "