Netstat – a command line tool for monitoring network connections

Chưa phân loại

Netstat (network statistics) is a command line tool for monitoring network connections both incoming and outgoing as well as viewing routing tables, interface statistics, masquerade connections, multicast memberships etc. It can be used to list out all the network (socket) connections on a system. It lists out all the tcp, udp socket connections and the unix socket connections. Netstat is available on all Unix-like Operating Systems and also available on Windows OS as well. It is very useful in terms of network troubleshooting and performance measurement. netstat is one of the most basic network service debugging tools, telling you what ports are open and whether any programs are listening on ports.

List out all connections

The first and most simple command is to list out all the current connections. Simply run the netstat command with the a option.

# netstat -a

check the following snippet for the netstat output. Output contain multiple pages, so some data are omitted.

Explanation of each column

Proto – tell us if the socket listed is TCP or UDP. TCP connections are used for browsing the web and downloading files. UDP connections are used by certain fast-paced computer games and sometimes by live streams.

Recv-Q & Send-Q – tell us how much data is in the queue for that socket, waiting to be read (Recv-Q) or sent (Send-Q). In short: if this is 0, everything’s ok, if there are non-zero values anywhere, there may be trouble.

Local Address & Foreign Address – tell to which hosts and ports the listed sockets are connected. The local end is always on the computer on which you’re running netstat and the foreign end is about the other computer

State – tells in which state the listed sockets are. The TCP protocol defines states, including “LISTEN” (wait for some external computer to contact us) and “ESTABLISHED” (ready for communication). The stranger among these is the “CLOSE WAIT” state. This means that the foreign or remote machine has already closed the connection, but that the local program somehow hasn’t followed suit.

The above command shows all connections from different protocols like tcp, udp and unix sockets. However this is not quite useful. Administrators often want to pick out specific connections based on protocols or port numbers for example.

Don’t resolve host, port and user name in netstat output

When you don’t want the name of the host, port or user to be displayed, use netstat -n option. This will display in numbers, instead of resolving the host name, port name, user name. This also speeds up the output, as netstat is not performing any look-up.

# netstat -an

List only TCP or UDP connections

To list out only tcp connections use the t options.

# netstat -t

Similarly to list out only udp connections use the u option.

Listing all LISTENING Connections

# netstat -l

Listing all TCP Listening Ports

# netstat -lt

Listing all UDP Listening Ports

# netstat -lu

Displaying Service name with PID

# netstat -tp

Displaying Kernel IP routing

# netstat -r

Showing Network Interface Transactions

# netstat -i

Displaying RAW Network Statistics

# netstat –statistics –raw

You can only use netstat truly effectively if you know much about your network and your Linux system.

ONET IDC thành lập vào năm 2012, là công ty chuyên nghiệp tại Việt Nam trong lĩnh vực cung cấp dịch vụ Hosting, VPS, máy chủ vật lý, dịch vụ Firewall Anti DDoS, SSL… Với 10 năm xây dựng và phát triển, ứng dụng nhiều công nghệ hiện đại, ONET IDC đã giúp hàng ngàn khách hàng tin tưởng lựa chọn, mang lại sự ổn định tuyệt đối cho website của khách hàng để thúc đẩy việc kinh doanh đạt được hiệu quả và thành công.
Bài viết liên quan

Packet Filter Analysis for ICMP in Wireshark

What is ICMP ? ICMP or Internet Control Message Protocol is Internet or Network layer protocol. In general it is used to...

Linux cp Command

“cp” is a built-in tool for all the UNIX-based platforms that are used to make copies of the file(s) and directory(s)....

Install Aircrack-ng on Ubuntu

Aircrack-ng is a whole suite of tools for Wireless Security Auditing. It can be used to monitor, test, crack or attack...
Bài Viết

Bài Viết Mới Cập Nhật

Mua Proxy V6 Nuôi Facebook Spam Hiệu Quả Tại Onetcomvn

Hướng dẫn cách sử dụng ProxyDroid để duyệt web ẩn danh

Mua proxy Onet uy tín tại

Thuê mua IPv4 giá rẻ, tốc độ nhanh, uy tín #1

Thuê địa chỉ IPv4 IPv6 trọn gói ở đâu chất lượng, giá RẺ nhất?