Our social:

Basics and The power of "natstat" command...!!!!

The ‘netstat’ command is short for Network Statistics which is used for monitoring the
protocol statistics such as the TCP/IP, UDP and so on.




The ‘-a’ switch when used with the‘netstat’ command is used for displaying the all the connections including the incoming and outgoing traffic. The below screenshot is taken when I was connected to the internet, so that it will be much easier to understand how it works.



As you can see in the above picture, the first column mentions whether it is a TCP or a UDP data gram,The second column describes the local computer name and then followed by the port number
separated by a colon ‘:’, then the third column denotes the remote machine name or host name
and finally the fourth column displays the state whether a connection is established or is listening and so on.

The ‘-b’ switch along with the ‘netstat’ command is used to display the name of the application that holds the responsibility for the machine to connect to a remote host. The ‘netstat –b’ command was executed when I was searching www.google.com using the Chrome web browser.


The ‘netstat –e’ command is used to display the Ethernet statistics such as the number of bytes sent and received and so on, the below image if the screenshot taken while downloading some stuffs from the internet .

This information is also helpful in logging and monitoring networking activities, also for checking the connectivity and the speed.

The ‘netstat –n’ command is used to display the connections established with the remote host, but instead of displaying the hostname this reveals the Decimal dotted IP addresses of the remote machines. The screenshot is taken after executing this command in my computer,


In the above screenshot, you can see that instead of displaying the hostname of the local and remote
machine, it displays the IP addresses and the port numbers in a numerical form.

The ‘netstat –o’ command is used to display the processes ID (PID) of all the processes that holds
the responsibility to connect to the remote host. The below screenshot reveals the PID of the(Chrome.exe– web browser) since I was using it to browse the internet.


The ‘netstat’ command is also used to narrow down and monitor specific protocol statistics, for example if I want to monitor the TCP connections alone then I may spawn the ‘netstat –p TCP’
command, else if I want to monitor UDP connections alone then I may use the ‘netstat –p UDP’
command, likewise you may narrow down the results specific to your needs by replacing the TCP and UDP with the following available protocol options (IP, IPv6, ICMP, ICMPv6, TCP, TCPv6, UDP, or UDPv6).

The ‘netstat –r’ command is used for displaying the routing table which can also be obtained by using the route command. Here is a screenshot taken and here is how the routing information looks like,


The ‘netstat –s’ command is used to display the statistics per protocol, so that it will display the statistics such as packets received, sent , discarded, requests and responses and so on for each protocols such as the IP, TCP, UDP, ICMP and so on.




POWER of  'netstat':


You can also specify the interval for the ‘netstat’ command, so that the command gets executed
automatically by itself on the specified intervals, for example, if I want to monitor the TCP incoming and outgoing traffics for every 25 seconds then I may spawn the below command,

C:\>netstat -p TCP 25

So, that the command ‘netstat -p TCP’ will get executed by itself for every 25 seconds automatically.

That's It friends ..!!!! Hope You like it.