Kita boleh guna netstat atau command /sbin/ss untuk banyak pekara. Berikut dipaparkan sebahagian daripadanya:
1. Show who is connected to your system
One of the most useful things you can do with netstat is show exactly who is connected to your system either through an incoming or outgoing connection (whether it is your system which initiated it or the other system). This will simply list all of them:
netstat -a
Look at the "Foreign Address" column to see where the connection is coming from, and "Local Address" to see what on the local machine is it connected.
The following command will show just the TCP (-t) and UDP (-u) connections:
netstat -tua
If you want to turn off hostnames, or domain names, and display only IP numbers just add the -n option.
netstat -tuan
If you want it to display this continuously to see as connections come and go add the -c option.
netstat -tuanc
Needless to say, perhaps, with IP addresses of everyone connecting revealed you can use other tools like traceroute to determine where exactly is it coming from.
2. Show listening ports
If you'd like to see which services are actually listening for incoming connections, perhaps to ensure you don't have something listening that you don't want to be listening, just use the -l option.
netstat -l
You can also limit this to only a specific type of traffic, like TCP in this example (for UDP just use -u):
netstat -lt
3. Find the port used by a program
We can get a little bit more specific by combining the netstat command with other common UNIX utilities like grep, in this example, where we make it easier to find which port is used by a program. We use grep to conveniently dig this info out of the netstat output:
netstat -ap | grep znc
In this example we get a list of all connections mentioning ZNC with the ports it is using, and addresses it is connected to.
4. Check on the routing table
With netstat you can easily see the kernel IP routing table being used on your system using the -r option:
netstat -r
5. Show all statistics
Being a statistics utility you can of course see a summary of a great number of statistics about your system's networking. Just run the netstat command with the -s option:
netstat -s
This will display a huge list of statistics, but you'll immediately recognize the most interesting ones depending on what you're looking for. For example you can see a total number of packets received, number of active TCP connections, and a number of extended more detailed statistics for each protocol.
Note
These examples are based on netstat in Linux, where it has been succeeded by the ss command from the iproute2 package, but it should apply to most UNIX and UNIX like systems. You can also check the manual page readily available via the man netstat command for more information.
No comments:
Post a Comment