What does the command “netstat ” do ?

ABOUT netstat

In computing, netstat (network statistics) is a command-line network utility tool that displays network connections for the Transmission Control Protocol (both incoming and outgoing), routing tables, and a number of network interface (network interface controller or software-defined network interface) and network protocol statistics. It is available on Unix-like operating systems including macOS, Linux, Solaris, and BSD, and is available on Windows NT-based operating systems including Windows XP, Windows Vista, Windows 7, Windows 8 and Windows 10.

It is used for finding problems in the network and to determine the amount of traffic on the network as a performance measurement.[1] On Linux this program is mostly obsolete, although still included in many distributions.

On Linux, netstat (part of "net-tools") is superseded by ss (part of iproute2). Replacement for netstat -r is ip route. Replacement for netstat -i is ip -s link, replacement for netstat -g is ip maddr, all of which are recommended instead

RELATED SHELL SESSION EXPOSURE
[bash light=”true”]
$netstat –tcp
Active Internet connections (w/o servers)
Proto Recv-Q Send-Q Local Address Foreign Address State
tcp 0 0 debian.local:39585 74.125.169.8:http ESTABLISHED
tcp 0 0 debian.local:39586 74.125.169.8:http ESTABLISHED
tcp 0 0 debian.local:47951 maa03s17-in-f6.1e:https ESTABLISHED
tcp 0 0 debian.local:47203 maa03s17-in-f0.1e1:http ESTABLISHED
$
$netstat –tcp –numeric
Active Internet connections (w/o servers)
Proto Recv-Q Send-Q Local Address Foreign Address State
tcp 1 0 192.168.0.101:54541 46.22.210.18:80 CLOSE_WAIT
tcp 0 0 192.168.0.101:54542 46.22.210.18:80 ESTABLISHED
tcp 0 0 192.168.0.101:39585 74.125.169.8:80 ESTABLISHED
tcp 0 0 192.168.0.101:39586 74.125.169.8:80 TIME_WAIT
tcp 0 0 192.168.0.101:47951 74.125.236.198:443 ESTABLISHED
tcp 0 0 192.168.0.101:47203 74.125.236.192:80 ESTABLISHED
$netstat –tcp –numeric
Active Internet connections (w/o servers)
Proto Recv-Q Send-Q Local Address Foreign Address State
tcp 0 0 192.168.0.101:54542 46.22.210.18:80 TIME_WAIT
tcp 0 0 192.168.0.101:39585 74.125.169.8:80 ESTABLISHED
tcp 0 0 192.168.0.101:39586 74.125.169.8:80 TIME_WAIT
tcp 0 0 192.168.0.101:47951 74.125.236.198:443 ESTABLISHED
tcp 0 0 192.168.0.101:47203 74.125.236.192:80 ESTABLISHED
$netstat –tcp –listen
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address Foreign Address State
tcp 0 0 *:35436 *:* LISTEN
tcp 0 0 *:sunrpc *:* LISTEN
tcp 0 0 *:ssh *:* LISTEN
tcp 0 0 localhost:smtp *:* LISTEN
tcp6 0 0 [::]:sunrpc [::]:* LISTEN
tcp6 0 0 [::]:501100 [::]:* LISTEN
tcp6 0 0 [::]:ssh [::]:* LISTEN
tcp6 0 0 localhost:smtp [::]:* LISTEN
$netstat –tcp –listen
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address Foreign Address State
tcp 0 0 *:35436 *:* LISTEN
tcp 0 0 *:sunrpc *:* LISTEN
tcp 0 0 *:ssh *:* LISTEN
tcp 0 0 localhost:smtp *:* LISTEN
tcp6 0 0 [::]:sunrpc [::]:* LISTEN
tcp6 0 0 [::]:501100 [::]:* LISTEN
tcp6 0 0 [::]:ssh [::]:* LISTEN
tcp6 0 0 localhost:smtp [::]:* LISTEN
$netstat –tcp –program
(Not all processes could be identified, non-owned process info
will not be shown, you would have to be root to see it all.)
Active Internet connections (w/o servers)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 debian.local:39600 74.125.169.8:http ESTABLISHED 3846/chrome
tcp 0 0 debian.local:47951 maa03s17-in-f6.1e:https ESTABLISHED 3846/chrome
tcp 0 0 debian.local:47203 maa03s17-in-f0.1e1:http ESTABLISHED 3846/chrome
$
$netstat –tcp –route
Kernel IP routing table
Destination Gateway Genmask Flags MSS Window irtt Iface
default 192.168.0.1 0.0.0.0 UG 0 0 0 eth0
192.168.0.0 * 255.255.255.0 U 0 0 0 eth0
$netstat –tcp –statistics
IcmpMsg:
OutType3: 1
Tcp:
522 active connections openings
0 passive connection openings
14 failed connection attempts
16 connection resets received
2 connections established
60302 segments received
41524 segments send out
22 segments retransmited
21 bad segments received.
140 resets sent
UdpLite:
TcpExt:
190 TCP sockets finished time wait in fast timer
495 delayed acks sent
1 delayed acks further delayed because of locked socket
Quick ack mode was activated 32 times
47899 packet headers predicted
1353 acknowledgments not containing data payload received
406 predicted acknowledgments
7 congestion windows recovered without slow start after partial ack
22 other TCP timeouts
32 DSACKs sent for old packets
3 DSACKs sent for out of order packets
5 DSACKs received
25 connections reset due to unexpected data
16 connections reset due to early user close
TCPSackShiftFallback: 2
TCPChallengeACK: 21
TCPSYNChallenge: 21
IpExt:
InMcastPkts: 929
OutMcastPkts: 42
InBcastPkts: 16
OutBcastPkts: 14
InOctets: 83827635
OutOctets: 2776707
InMcastOctets: 332300
OutMcastOctets: 5264
InBcastOctets: 1808
OutBcastOctets: 1006
$

[/bash]
LINKS
https://en.wikipedia.org/wiki/Netstat
https://stackoverflow.com/tags/netstat/info

Bash – netstat ( network statistics related ) – Video Tutorial Related

[ source : http://www.youtube.com/user/metalx1000 ]