find open network connections with netstat

| May 17, 2011 | 0 Comments

Netstat command

Netstat command as the name suggests provides information on network statistics of a system. It is helpful in finding which IP addresses are connected to your system and on which ports. We can check the system’s routing table using it.
Simply using the netstat command gives lots of information which may not be useful. The trick is to use correct switches along with the command to display the information you want.

>> To display only tcp connections to your system use the following command.

netstat –tcp –numeric

[root@localhost ~]# netstat –tcp –numeric
Active Internet connections (w/o servers)
Proto Recv-Q Send-Q Local Address Foreign Address State
tcp 0 0 127.0.0.1:25 127.0.0.1:37427 TIME_WAIT
tcp 0 0 192.168.2.10:56207 61.246.63.75:80 ESTABLISHED

>> To know on which ports your system is listening to, use the following command.

netstat –tcp –listening –programs

The output is as follows.

[root@localhost ~]# netstat –tcp –listening –programs
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 *:mysql *:* LISTEN 1952/mysqld
tcp 0 0 *:sunrpc *:* LISTEN 1444/rpcbind
tcp 0 0 *:ssh *:* LISTEN 1813/sshd
tcp 0 0 localhost.localdomain:ipp *:* LISTEN 1479/cupsd
tcp 0 0 localhost.localdomain:smtp *:* LISTEN 1992/sendmail: acce
tcp 0 0 *:54043 *:* LISTEN 1547/rpc.statd
tcp 0 0 *:sunrpc *:* LISTEN 1444/rpcbind
tcp 0 0 *:ssh *:* LISTEN 1813/sshd
tcp 0 0 *:52470 *:* LISTEN 1547/rpc.statd
tcp 0 0 localhost6.localdomain6:ipp *:* LISTEN 1479/cupsd

>> To check the open UDP ports of your system, use the following command.

netstat -au

[root@localhost ~]# netstat -au
Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address Foreign Address State
udp 0 0 *:rquotad *:*
udp 0 0 *:34698 *:*
udp 0 0 *:bootpc *:*
udp 0 0 *:sunrpc *:*
udp 0 0 *:ipp *:*

>> To know the PID of a program which is running on a port, use the following command.

netstat -pt

The output is as follows.
[root@localhost ~]# netstat -pt
Active Internet connections (w/o servers)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 localhost.localdomain:smtp localhost.localdomain:34488 TIME_WAIT –
tcp 1 0 192.168.2.10:56207 feeds.bbci.co.uk:http CLOSE_WAIT 2512/clock-applet

This is very useful while debugging to identify which program is running on a particular port.

>> Another use of netstat command is used to check the system’s routing. This helps when you are not able to connect to any external network device such as your router.

netstat -r

[root@localhost ~]# netstat -r
Kernel IP routing table
Destination Gateway Genmask Flags MSS Window irtt Iface
192.168.2.0 * 255.255.255.0 U 0 0 0 eth0
default . 0.0.0.0 UG 0 0 0 eth0

So we see here that netstat is one of many network commands you can use on a linux system to debug networking issues.



  • Digg
  • Facebook
  • Twitter
  • Google Bookmarks
  • LinkedIn
  • RSS

No related posts.

Tags: ,

Category: Linux, Software, Technology

Leave a Reply

CAPTCHA Image
*
«
»