The netstat command displays the network connections that have been established, the port's which these connections are using, the routing table, the statistics related to an interface(eth0 etc) and statistics for a particular protocol(ipv4,ipv6,icmp). You can use it to see whether a trojan or a backdoor connection is established with your pc acting as a server to a client (remote pc).
The netstat command and its options are explained below:-
NETSTAT [-a] [-b] [-e] [-n] [-o] [-p proto] [-r] [-s] [-v] [interval]
The options:-
-a :It displays all the connections and listening ports(the server listens for a connection to be established).
-b : It displays the program(executable) that is used for establishing connection.
-e: It displays the packet statistics at ethernet level. One often uses it along with the -s option.
-n: It displays the addresses in the numerical form(ip addresses) rather than using their names.
-o: It displays the owning process id that is a process id of the process that is using the connection. The process id's obtained can be used to check whether the process is malicious or not. You can check it by using the tasklist command with /SVC switch or can use process monitor to do the same and then by comparing the PID of the output with the output of the tasklist command, you can see whether the process is a malware and if it is the case then you should immediately check your computer for trojans and backdoors and try and terminate the process manually.
-p protocol: It displays the connection's that are established for the protocol mentioned. The protocol can be IPV4,IPV6,TCP,UDP etc.
-r : It displays the routing table. A routing table shows the interfaces, active routes under which it shows the gateway, the destination address, the subnet mask etc.
-s :It displays the statistics that are listed for each protocol seperately
-v: It is used along with -b and shows the sequence of components (ie dll's) used to establish connection.
interval: It displays the statistics after the seconds specified by the interval.
Example usages:
1) netstat -b -v : It shows the sequence of components used to establish connection for the processes listed by b option.
2) netstat -e -s: It displays the total bytes that are sent or received and the per protocol statistics.
Jun 23, 2009
Subscribe to Feeds
About Me
Google Translate
Connect !
Categories
ADF
(30)
java
(21)
windows
(20)
Counter Strike 1.6
(13)
Android
(11)
Unix/Linux
(10)
ADF security
(8)
Apache Spark
(8)
Scala
(6)
Search engine Optimization
(6)
jdeveloper11g
(6)
rest
(6)
Computer Networking
(5)
Cool Tutorials
(5)
Retrofit
(5)
Security
(5)
Fortress
(4)
OIM11g
(4)
jsf
(4)
oracle 11g
(4)
Big Data
(3)
Hive
(3)
OPSS
(3)
OpenLDAP
(3)
Wordpress
(3)
javascript
(3)
sql
(3)
website on pc
(3)
Google
(2)
Programming Stuff
(2)
Songbird
(2)
Usenet
(2)
php
(2)
search engines
(2)
wallpapers
(2)
webserver
(2)
Dynamic Dns
(1)
ECM
(1)
Impala
(1)
Lucene
(1)
Softwares
(1)
apache
(1)
code coverage
(1)
firefox
(1)
jmeter
(1)
whitepaper
(1)
Total Pageviews
Popular Posts
-
Are you annoyed of motion blur that occurs in Need For Speed Most Wanted when the car goes at higher speeds ? Well if you are then there ...
-
This tutorial provides you with tips on how to get a consistent 100fps or round about that. Prerequisites: a graphics card external b...
-
To change cs 1.6 start-up or menu music , follow these simple steps:- Open the directory where counter strike is installed and navigate to...
-
The problem that you might face when you install ubuntu is it's default window manager GNOME is quite heavy on resources and tends to be...