Netstat is a command line utility that can be used to list out all the network connections on a system. It lists out all the tcp, udp socket connections and the unix socket connections. Netstat also displays various network related information such as network connections, routing tables, interface statistics, masquerade connections, multicast memberships etc.

In this guide, we will see how to use this tool to gather information about network connections and open ports on a system.

Step 01 : List all connections with netstat

To view all the network connections, simply run the following command

#netstat -a

Step 02 : View network interfaces with netstat

You can view the network interfaces in your system by using the following command

#netstat -i

To get a more simple and readable output from the above command, use the -e option along with -i

#netstat -ie

Step 03 : View only active connections

You can get the list of already active connections by using the grep along with netstat command. These connections are tagging ”ESTABLISHED” state

#netstat -atnp | grep ESTA

Step 04 : List only TCP or UDP connections

Use the -t option along with netstat command to list only tcp connections.

#netstat -at

Use the -u option to list only udp connections.

#netstat -au

Step 05 : Check open ports that are listening to a service

In Linux, Services are using open ports to listen to the incoming connections. By using the following command, you can view it.

#netstat -tnl

This tool have the functionality to list the process name, process id and user id of the services that are listening on a particular port. The following command needs to be run with root privileges, otherwise it cannot detect the PIDs of processes running with root privileges. And also most services like http and ftp often run with root privileges.

#netstat -nlpt

Step 06 : Print network statistics

Run the following command to view the network statistics including the number of packets received and transmitted by protocols.

#netstat -s

In conclusion, Netstat is another useful tool that we can use to simplify the networking tasks in Linux. If you are looking for more information and options about netstat command, refer netstat manual docs or use man netstat command to know all the information.

The following two tabs change content below.
Ruwantha Nissanka is a Professional Cyber Security Engineer from Sri lanka with having a demonstrated history of providing cyber security services for multiple organizations in Sri Lanka. He is a positive person who wants to believe the best in others and he likes to help, encourage people and make them feel good.