Ticker

6/recent/ticker-posts

Advertisement

What is Netstat

Netstat (Network Statistics) is a command-line tool used to display network connections, routing tables, interface statistics, and other network-related information on a system. It is often used for troubleshooting network issues, monitoring network performance, and inspecting open ports and connections.

Basic Syntax

netstat [options]

Common Netstat Commands and Options

  1. Display All Active Connections To show all active connections (TCP, UDP, and UNIX socket connections) on the system:

netstat -a

  1. Display Listening Ports To show all ports on which the system is listening (open ports):

netstat -l

    • -l: Show only listening ports.

 

  1. Display Listening Ports with Process IDs (PID) To display the listening ports along with the associated process ID:

netstat -tuln

    • -t: Show TCP connections.
    • -u: Show UDP connections.
    • -l: Show only listening ports.
    • -n: Show numerical addresses instead of resolving hostnames.

 

  1. Show Network Connections with Process Information To display network connections along with the associated processes (requires root or administrator privileges):

netstat -tulnp

    • -p: Show the PID and name of the program to which each socket belongs.

 

  1. Show Network Connections by Protocol To display connections for a specific protocol (e.g., TCP):

netstat -t

    • -t: Show TCP connections.

For UDP:

netstat -u

    • -u: Show UDP connections

 

  1. Display Routing Table To show the system’s routing table:

netstat -r

  1. Display Interface Statistics To display network interface statistics:

netstat -i

  1. Display Connection Information (Socket Statistics) To display detailed socket statistics:

netstat -s

  1. Display Network Connections Continuously To display active network connections and update the display at regular intervals (e.g., every 2 seconds):

netstat -c

  1. Show Detailed Information (Numeric Form) To display network information in numeric form without resolving hostnames:

netstat -n

  1. Show Summary Information To show a brief summary of network connections:

netstat -n -a

  1. Display TCP Statistics To display TCP-specific statistics:

netstat -t -s

  1. Display UDP Statistics To display UDP-specific statistics:

netstat -u -s

  1. Display All Connections, Show IP and Port Numbers To display all connections, including both listening and established connections, with numerical addresses and port numbers:

netstat -an

Example Use Cases

  1. List All Listening Ports:

netstat -tuln

  1. View Established TCP Connections: To list only the TCP connections that are established (showing local and remote addresses):

netstat -at

  1. Check for Active Connections with Process Names: To show all active connections and associated process names:

netstat -tulnp

  1. Show Routing Table:

netstat -r

  1. Monitor Network Activity in Real-Time: To continuously monitor network connections and updates:

netstat -c

  1. View Network Interface Statistics:

netstat -i

  1. View Socket Statistics:

netstat -s

  1. Display Network Connections in Numerical Format:

netstat -n

Conclusion

Netstat is a useful tool for network administrators and security professionals to monitor and troubleshoot network activity. It helps to view open ports, active connections, interface statistics, and other critical network information. Although it's being gradually replaced by more advanced tools like ss, it remains an essential part of networking and security diagnostics.

 

Post a Comment

0 Comments