Study of netstat Command

 

Experiment

Study of netstat Command

๐ŸŽฏ Aim

To study and analyze network connections, routing tables, and interface statistics using the netstat command.

๐Ÿ“˜ Objective

By the end of this experiment, students will be able to:

  • View active network connections
  • Identify listening ports and services
  • Display routing tables
  • Analyze network statistics

๐Ÿ“– Theory

The netstat (network statistics) command is used to:

  • Display active TCP/UDP connections
  • Show listening ports
  • View routing tables
  • Display interface statistics

๐Ÿ‘‰ It is useful for:

  • Network monitoring
  • Troubleshooting
  • Security analysis

⚠️ Note: netstat is deprecated in modern Linux systems and replaced by the ss command, but it is still widely used for learning.

๐Ÿงพ Syntax

netstat [options]

๐Ÿ”ง Common Options

  • -a → Show all connections (listening + non-listening)
  • -t → Show TCP connections
  • -u → Show UDP connections
  • -l → Show listening ports
  • -n → Show numerical addresses (no DNS resolution)
  • -p → Show process ID and program name
  • -r → Show routing table
  • -i → Show interface statistics

๐Ÿงฐ Prerequisites

  • Linux system
  • Root/sudo privileges (for some options)

๐Ÿ”ฌ Procedure & Commands

1️⃣ Display All Connections

netstat -a

2️⃣ Show TCP Connections

netstat -t

3️⃣ Show UDP Connections

netstat -u

4️⃣ Show Listening Ports

netstat -l

5️⃣ Show Numerical Addresses

netstat -n

6️⃣ Show Process Information

sudo netstat -p

7️⃣ Display Routing Table

netstat -r

8️⃣ Display Interface Statistics

netstat -i

9️⃣ Combined Command (Common Use)

netstat -tulnp

๐Ÿ‘‰ Shows:

  • TCP & UDP
  • Listening ports
  • Numeric addresses
  • Process details

๐Ÿ–ฅ️ Sample Output

tcp   0   0 127.0.0.1:8080   0.0.0.0:*   LISTEN   1234/apache2

๐Ÿ” Output Interpretation

FieldMeaning
Proto            Protocol (TCP/UDP)
Local Address            Local IP and port
Foreign Address            Remote IP and port
State            Connection state (LISTEN, ESTABLISHED)
PID/Program            Process using the port

๐Ÿ”‘ Common States

  • LISTEN → Waiting for connection
  • ESTABLISHED → Active connection
  • TIME_WAIT → Connection closing
  • CLOSE_WAIT → Waiting to close

๐Ÿ“ Exercises for Students

  1. Display all active connections on your system.
  2. Identify which ports are in listening state.
  3. Find the process using a specific port.
  4. Display routing table and interpret it.
  5. Compare output with ss command.

❓ Viva Questions

  • What is netstat used for?
  • Difference between TCP and UDP?
  • What is a port number?
  • What does LISTEN state mean?
  • Why is netstat being replaced by ss?

⚠️ Precautions

  • Use sudo carefully when viewing process details
  • Large output may be difficult to analyze
  • Prefer ss in modern systems for performance

✅ Result

The netstat command is a powerful tool for analyzing network connections and system activity, widely used for troubleshooting and monitoring.

Comments

Post a Comment

Popular posts from this blog

Networks Lab PCCSL507 Semester 5 KTU CS 2024 Scheme - Dr Binu V P

 About Me   Dr Binu V P Syllabus Learn Linux well before you start- refer blog Experiments Familiarize Linux networking commands ifconfig ifplugstatus iftop ping ip traceroute mtr netstat whois nmap nmcli speedtest-cli bmon nslookup tcpdump Wireshark     Download Wireshark     Wireshark Documentaion     Setting up a capture     Capturing Live network data      Analysis of HTTP Protocol using Wireshark Socket Programming Basic Implementation of  TCP Client Server Communication using sockets. TCP Client-Server Communication to Identify Matrix Type (Upper/Lower/Diagonal) Implementation of UDP Client-Server Communication using Sockets in C UDP Client-Server Communication for Translating “New Generation English” to Formal English Cisco's Packet Tracer
Read more

Analysis of HTTP Protocol using Wireshark

Experiment Title Analysis of HTTP Protocol using Wireshark Aim To capture and analyze HTTP packets using Wireshark and study the structure of HTTP request and response messages. Objective To understand HTTP request and response formats To analyze packet-level communication using Wireshark To extract protocol-specific information from captured traffic Software Required Wireshark Web Browser (Chrome / Firefox / Edge) Internet Connection Theory ๐ŸŒ What is HTTP? HTTP (HyperText Transfer Protocol) is an application-layer protocol used for communication between web clients (browsers) and web servers. ๐Ÿ” HTTP Communication Client sends a GET request Server responds with: Status code Requested resource Metadata ๐Ÿ“ฆ HTTP Message Types Request Message Contains: Method (GET, POST) URL Headers (Accept, User-Agent, etc.) Response Message Contains: Status code (200, 404, etc.) Headers (Content-Type, Content-Length, etc.) Body (HTML co...
Read more

Study and Use of ifconfig Command

   Experiment  Study and Use of ifconfig Command ๐ŸŽฏ Aim To familiarize students with the ifconfig command in Linux for viewing and configuring network interfaces. ๐Ÿ“˜ Objective By the end of this experiment, students will be able to: Display network interface details Enable/disable network interfaces Assign IP addresses manually Understand key networking parameters ๐Ÿงฐ Prerequisites Linux system (e.g., Ubuntu/Debian/Kali) Basic terminal knowledge Root or sudo privileges ๐Ÿ“– Theory The ifconfig ( interface configuration ) command is used to: View network interface configuration Assign IP addresses Enable or disable interfaces ⚠️ Note: On modern systems, ifconfig is deprecated and replaced by the ip command (from iproute2 ), but it is still widely used for learning and legacy systems. ๐Ÿงพ Syntax ifconfig [interface] [options] interface → Network interface name (e.g., eth0 , wlan0 ) options → Actions like up, down, assigning...
Read more