Netstat prob

S

Soumikbhat

Baseband Member
Messages
29
They say that netstat helps us in listing open and closed ports....I'm totally dumb about it...

For Example - 'netstat' simply gives a long output but I'm giving the a small part of the output here (the name of my lappie is Soumik-pc) :

TCP 117.201.105.152:1927 maa03s05-in-f21:https ESTABLISHED
TCP 117.201.105.152:1933 searchsites:http TIME_WAIT
TCP 117.201.105.152:1956 static:http ESTABLISHED
TCP 117.201.105.152:1957 103.5.198.219:http CLOSE_WAIT
TCP 117.201.105.152:1958 resinapps2:http TIME_WAIT
TCP 117.201.105.152:1961 resinapps2:http TIME_WAIT
TCP 127.0.0.1:1748 soumik-PC:1749 ESTABLISHED
TCP 127.0.0.1:1749 soumik-PC:1748 ESTABLISHED


How to list the open ports from here?
 
I think I'd better post the entire output as a file attachment - this output here looks too clumsy!
 

Attachments

  • netstat.txt
    2.1 KB · Views: 5
Hi,

Well here is everything in that file.

Code: 
Active Connections
  Proto  Local Address          Foreign Address        State
  TCP    117.201.105.152:1282   213:http               CLOSE_WAIT
  TCP    117.201.105.152:1745   maa03s05-in-f29:https  ESTABLISHED
  TCP    117.201.105.152:1746   maa03s05-in-f21:https  ESTABLISHED
  TCP    117.201.105.152:1854   maa03s05-in-f20:http   ESTABLISHED
  TCP    117.201.105.152:1856   searchsites:http       ESTABLISHED
  TCP    117.201.105.152:1865   static:http            ESTABLISHED
  TCP    117.201.105.152:1869   static:http            ESTABLISHED
  TCP    117.201.105.152:1872   maa03s05-in-f25:http   ESTABLISHED
  TCP    117.201.105.152:1873   maa03s05-in-f0:http    ESTABLISHED
  TCP    117.201.105.152:1875   maa03s05-in-f25:http   ESTABLISHED
  TCP    117.201.105.152:1878   maa03s05-in-f27:http   ESTABLISHED
  TCP    117.201.105.152:1881   a118-214:http          ESTABLISHED
  TCP    117.201.105.152:1886   66.151.153.11:http     ESTABLISHED
  TCP    117.201.105.152:1890   media:http             ESTABLISHED
  TCP    117.201.105.152:1893   maa03s05-in-f27:http   ESTABLISHED
  TCP    117.201.105.152:1894   maa03s05-in-f27:http   ESTABLISHED
  TCP    117.201.105.152:1895   static:http            ESTABLISHED
  TCP    117.201.105.152:1897   beacon:http            ESTABLISHED
  TCP    117.201.105.152:1900   a118-214:http          ESTABLISHED
  TCP    117.201.105.152:1922   media:http             ESTABLISHED
  TCP    117.201.105.152:1923   media:http             ESTABLISHED
  TCP    117.201.105.152:1924   maa03s04-in-f19:https  ESTABLISHED
  TCP    117.201.105.152:1926   maa03s05-in-f0:http    ESTABLISHED
  TCP    117.201.105.152:1927   maa03s05-in-f21:https  ESTABLISHED
  TCP    117.201.105.152:1933   searchsites:http       TIME_WAIT
  TCP    117.201.105.152:1956   static:http            ESTABLISHED
  TCP    117.201.105.152:1957   103.5.198.219:http     CLOSE_WAIT
  TCP    117.201.105.152:1958   resinapps2:http        TIME_WAIT
  TCP    117.201.105.152:1961   resinapps2:http        TIME_WAIT
  TCP    127.0.0.1:1748         soumik-PC:1749         ESTABLISHED
  TCP    127.0.0.1:1749         soumik-PC:1748         ESTABLISHED

To start with this is just showing all the connections that are open on you computer or that you have connected to.

I would start with looking at the manpage for netstat. Then if you still need help I will see what I can do for you.
 
Do you know how TCP/IP networking works,

where every communication coming from your PC has a source port, (where it's come from in the form IPaddress:port) and a destination also in the format address:port?

that list is simply a list of what's connectted from where to what and the state of the connection.


I prefer using netstat -an to give an easier to read list.


TCP 192.168.16.173:64411 195.59.44.34:80 ESTABLISHED
TCP 192.168.16.173:64412 195.59.44.32:80 ESTABLISHED

This tells me that there is a (TCP) connection from my machine (192.168.16.173) to the server (195.59.44.34) on port (80) this is http. it tells me that the connection is established.

TCP [::]:80 [::]:0 LISTENING

this tells me that there is a TCP socket on my machine that is listening on port 80.

TCP 192.168.16.173:60311 65.55.8.8:443 CLOSE_WAIT

this tells me that there was a TCP connecttion from my machine to a remote server (65.55.8.8) on port 443, the state is close_wait, this means that all data has been transmitted and the port is ready to close.

for more information on the status have a look here: TCP Connection States and Netstat Output

does that make any more sense now?



Oh, one more thing to add, if you put netstat -n it tells you what process is using the connection as well..
 
So basically if I see only TCP and/or UDP in the output - that means only the ports used by TCP & UDP are open r8?
 
yes.

if no UDP ports are listed, then no UDP ports are in use.
 
You must log in or register to reply here.

Similar threads

S
Command Line Tools For Monitoring Linux & Linux System Preformence .
Replies
0
Views
1K
Spud1200
S
N
Lots of connections in netstat
Replies
0
Views
7K
negus
N
C
Hacked by malware
2
Replies
10
Views
8K
PP Mguire
PP Mguire
C
PC issue
Replies
1
Views
682
strollin
strollin
E
  • Locked
Am I being monitored?
Replies
3
Views
3K
ReikokuKo
ReikokuKo
Back
Top Bottom