netstat (network statistics) is a command used for monitoring network connections (incoming & outgoing) as well as viewing routing tables, interface statistics etc. netstat is available on all Unix-like Operating Systems and also available on Windows operating system.
Features:
a. Useful in terms of network troubleshooting (traffic, ports, network connections), networking statistics and performance measurement.
b. netstat is one of the most basic network service debugging tools, telling you what ports are open and whether any programs are listening on ports.
c. provide detailed information about how a computer is communicating with other computers or network devices.
Netstat Command Syntax:
netstat [-a] [-b] [-e] [-f] [-n] [-o] [-p protocol] [-r] [-s] [-t] [-x] [-y] [time_interval] [/?]
-a : displays active TCP connections, TCP connections with the listening state, as well as UDP ports that are being listened to.
-b : This netstat option is very similar to the -o option listed below, but instead of displaying the PID, will display the process's actual file name. Using -b over -o might seem like it's saving you a step or two but using it can sometimes greatly extend the time it takes netstat to fully execute.
-e : Use this option with the netstat command to show statistics about your network connection. This data includes bytes, unicast packets, non-unicast packets, discards, errors, and unknown protocols received and sent since the connection was established.
-f : The -f option will force the netstat command to display the Fully Qualified Domain Name (FQDN) for each foreign IP addresses when possible.
-n : Use the -n option to prevent netstat from attempting to determine host names for foreign IP addresses. Depending on your current network connections, using this option could considerably reduce the time it takes for netstat to fully execute.
-o : A handy option for many troubleshooting tasks, the -o option displays the process identifier (PID) associated with each displayed connection. See the example below for more about using netstat -o.
-p : Use the -p option to show connections or statistics only for a particular protocol. You can not define more than one protocol at once, nor can you execute netstat with -p without defining a protocol.
protocol : When specifying a protocol with the -p option, you can use tcp, udp, tcpv6, or udpv6. If you use -s with -p to view statistics by protocol, you can use icmp, ip, icmpv6, or ipv6 in addition to the first four I mentioned.
-r : Execute netstat with -r to show the IP routing table. This is the same as using the route command to execute route print.
-s : The -s option can be used with the netstat command to show detailed statistics by protocol. You can limit the statistics shown to a particular protocol by using the -s option and specifying that protocol, but be sure to use -s before -p protocol when using the options together.
-t : Use the -t option to show the current TCP chimney offload state in place of the typically displayed TCP state.
-x : Use the -x option to show all NetworkDirect listeners, connections, and shared endpoints.
-y : The -y option can be used to show the TCP connection template for all connection. You cannot use -y with any other netstat option.
time_interval : This is the time, in seconds, that you'd like the netstat command to re-execute automatically, stopping only when you use Ctrl-C to end the loop.
/? : Use the help option to show details about the netstat command's several options.
Happy Monitoring :)
Features:
a. Useful in terms of network troubleshooting (traffic, ports, network connections), networking statistics and performance measurement.
b. netstat is one of the most basic network service debugging tools, telling you what ports are open and whether any programs are listening on ports.
c. provide detailed information about how a computer is communicating with other computers or network devices.
Netstat Command Syntax:
netstat [-a] [-b] [-e] [-f] [-n] [-o] [-p protocol] [-r] [-s] [-t] [-x] [-y] [time_interval] [/?]
-a : displays active TCP connections, TCP connections with the listening state, as well as UDP ports that are being listened to.
-b : This netstat option is very similar to the -o option listed below, but instead of displaying the PID, will display the process's actual file name. Using -b over -o might seem like it's saving you a step or two but using it can sometimes greatly extend the time it takes netstat to fully execute.
-e : Use this option with the netstat command to show statistics about your network connection. This data includes bytes, unicast packets, non-unicast packets, discards, errors, and unknown protocols received and sent since the connection was established.
-f : The -f option will force the netstat command to display the Fully Qualified Domain Name (FQDN) for each foreign IP addresses when possible.
-n : Use the -n option to prevent netstat from attempting to determine host names for foreign IP addresses. Depending on your current network connections, using this option could considerably reduce the time it takes for netstat to fully execute.
-o : A handy option for many troubleshooting tasks, the -o option displays the process identifier (PID) associated with each displayed connection. See the example below for more about using netstat -o.
-p : Use the -p option to show connections or statistics only for a particular protocol. You can not define more than one protocol at once, nor can you execute netstat with -p without defining a protocol.
protocol : When specifying a protocol with the -p option, you can use tcp, udp, tcpv6, or udpv6. If you use -s with -p to view statistics by protocol, you can use icmp, ip, icmpv6, or ipv6 in addition to the first four I mentioned.
-r : Execute netstat with -r to show the IP routing table. This is the same as using the route command to execute route print.
-s : The -s option can be used with the netstat command to show detailed statistics by protocol. You can limit the statistics shown to a particular protocol by using the -s option and specifying that protocol, but be sure to use -s before -p protocol when using the options together.
-t : Use the -t option to show the current TCP chimney offload state in place of the typically displayed TCP state.
-x : Use the -x option to show all NetworkDirect listeners, connections, and shared endpoints.
-y : The -y option can be used to show the TCP connection template for all connection. You cannot use -y with any other netstat option.
time_interval : This is the time, in seconds, that you'd like the netstat command to re-execute automatically, stopping only when you use Ctrl-C to end the loop.
/? : Use the help option to show details about the netstat command's several options.
Happy Monitoring :)
No comments:
Post a Comment