Netstat is a command line utility that is built into pretty much all the currently popular Operating Systems, Windows, OSX, Linux, Unix etc. Netstat literally shows you your NETwork STATus, including information such as what ports and programs are doing what and to whom ! In this post I intend to give a brief description of Netstat as it applies to Windows XP and Mac OSX.
As a command line program on XP you need to run Netstat within the MSDOS Prompt (Command Prompt) and on the Macintosh you need to open the Terminal program. To run the basic Netstat program on XP you need to type ‘netstat’ at the command prompt and on the Mac ‘netstat -f inet’. This difference is because on the Mac being Unix based you see a lot of additional (and in most cases unnecessary) information relating to Unix sockets unless you restrict the Mac to just the Internet related information.
The key information displayed by Netstat is as follows:
Protocol (TCP / UDP)
Socket (Local Address and/or Port)
Remote Address
State
Its worth nothing that under OSX you can use the ‘man netstat’ command to see detailed information relating to the Netstat program and under XP ‘netstat /?’.
Under XP if you would like to see information regarding what process or program is using a given connection, you can do this by using the ‘-b’ parameter. When looking at the output from Netstat the IP address 127.0.0.1 or the word localhost both mean your local machine, if 0.0.0.0 is shown, this relates to any IP address.
By default Netstat shows only current connections and connections that were recently closed. To see ports that are LISTENING, ie: Open Ports then start Netstat with the ‘-a’ parameter. This parameter works on both XP and OSX, on OSX the open ports are shows with a state of LISTEN and on XP as LISTENING. Note that these are open ports on your own machine and because the majority of people are behind a NAT router this does not necessarily mean that these ports are exposed to the internet. For information about what ports are exposed to the internet by your router then point your browser at www.grc.com and select the shields up option.
Netstat is a very powerful and useful program. Look at the help and play with the options, take control of your machine and understand what’s going off in the background.
"When you get to the end of your rope, tie a knot and hang on." - Franklin D Roosevelt
Sunday, 24 September 2006
Netstat, Built in SuperTool !
Labels:
stevechol Security
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment