Netstat (Network Statistics) is a command-line tool used to display network connections, routing tables, interface statistics, and other network-related information on a system. It is often used for troubleshooting network issues, monitoring network performance, and inspecting open ports and connections.
Basic Syntax
netstat [options]
Common Netstat
Commands and Options
- Display All Active Connections To show all
active connections (TCP, UDP, and UNIX socket connections) on the system:
netstat -a
- Display Listening Ports To show all
ports on which the system is listening (open ports):
netstat -l
- -l: Show only listening ports.
- Display Listening Ports with Process IDs (PID) To display the listening ports along with the associated process ID:
netstat -tuln
- -t: Show TCP connections.
- -u: Show UDP connections.
- -l: Show only listening ports.
- -n: Show numerical addresses
instead of resolving hostnames.
- Show Network Connections with Process Information To display network connections along with the associated processes
(requires root or administrator privileges):
netstat -tulnp
- -p: Show the PID and name of the
program to which each socket belongs.
- Show Network Connections by Protocol To display
connections for a specific protocol (e.g., TCP):
netstat -t
- -t: Show TCP connections.
For UDP:
netstat -u
- -u: Show UDP connections
- Display Routing Table To show the
system’s routing table:
netstat -r
- Display Interface Statistics To display
network interface statistics:
netstat -i
- Display Connection Information (Socket Statistics) To display detailed socket statistics:
netstat -s
- Display Network Connections Continuously To display active network connections and update the display at
regular intervals (e.g., every 2 seconds):
netstat -c
- Show Detailed Information (Numeric Form) To display network information in numeric form without resolving
hostnames:
netstat -n
- Show Summary Information To show a
brief summary of network connections:
netstat -n -a
- Display TCP Statistics To display
TCP-specific statistics:
netstat -t -s
- Display UDP Statistics To display
UDP-specific statistics:
netstat -u -s
- Display All Connections, Show IP and Port Numbers To display all connections, including both listening and established
connections, with numerical addresses and port numbers:
netstat -an
Example Use Cases
- List All Listening Ports:
netstat -tuln
- View Established TCP Connections: To list
only the TCP connections that are established (showing local and remote
addresses):
netstat -at
- Check for Active Connections with Process Names: To show all active connections and associated process names:
netstat -tulnp
- Show Routing Table:
netstat -r
- Monitor Network Activity in Real-Time: To continuously monitor network connections and updates:
netstat -c
- View Network Interface Statistics:
netstat -i
- View Socket Statistics:
netstat -s
- Display Network Connections in Numerical Format:
netstat -n
Conclusion
Netstat is a useful tool for network administrators
and security professionals to monitor and troubleshoot network activity. It
helps to view open ports, active connections, interface statistics, and other
critical network information. Although it's being gradually replaced by more
advanced tools like ss, it remains an essential part of networking and
security diagnostics.
0 Comments