Evaluate Weigh the pros and cons of technologies, products and projects you are considering.

Hidden tools: Netstat

Microsoft has a tendency to hide useful utilities, so they're not always visible to users. Netstat is one of those...

utilities. This command is used to get information about the open connections on your system (ports, protocols being used, etc.), incoming and outgoing data and also the ports of remote systems to which you are connected. The Netstat command gets all this networking information by reading the kernel routing tables in the memory. Netstat is basically a program that accesses network related data structures within the kernel, then provides an ASCII format at the terminal. It can provide users with reports on their routing tables, TCP connections, TCP and UDP "listens", and protocol memory management.

The ASCII format at the terminal is arranged as follows:

Protocol: This can be TCP, UDP, or sometimes even, IP.

Local System Name: This is our machine name.

Remote System This is the non-numerical form of the system we are connected to.

Remote Port: This is the port of the remote system we are connected to.

State of the Connection: This is the state of your connection.

Netstat can also be useful tool to help detect Trojans, because it lists the ports being used. For example, if Netstat returns a port number of 12345(TCP) or 31337(UDP), you can be sure that you are being infected because 12345(TCP) is the port number used by the Netbus Trojan, and 31337(UDP) is the port number used by the Back Orifice Trojan. So you see this can be a very helpful tool.

This was last published in May 2001

Dig Deeper on Windows Systems and Network Management Tools and Techniques

Start the conversation

Send me notifications when other members comment.

By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Please create a username to comment.