Netstat

Netstat ( network statistics engl. " network statistics " ) is a command line program that displays protocol statistics and current computer network connections.

History

Netstat appeared in 1983 for the first time with the introduction of TCP / IP in 4.2 BSD on. For developed in 1991, Linux has been implemented as netstat. The Windows 1993 published was 3:11 with a nachzuinstallierenden extension also communicate with TCP / IP and got so also an implementation of the netstat command. All netstat- implementations are relatively similar in functionality, however, their parameters and their output a little different.

Application

With these statistics, you can find out which ports are open or which connections to remote hosts exist. For existing connections, inter alia, the address of the remote site can be read.

Under certain circumstances, one can thus find out if your computer is infected with a backdoor program. An unknown open port or an unknown IP address are indications of a possible infection. However, this is only meaningful if other programs, such as a web browser, be terminated earlier, as they are often also connect to computers with no known IP addresses.

Netstat is a command line program without a graphical user interface. But there are programs that represent netstat statistics graphically, such as TCPView from Sysinternals.

It is available for Unix and Unix-like and integrated by default in Windows or mainframe systems, but the syntax is different.

Netstat can display all connections and ports being monitored. The compounds are primarily ordered by protocols. Distinction is made between TCP and UDP. In addition there are local and Remote-Adresse/Portnummer and status. From this table it can be seen, for example, if a firewall closes the ports or leaves.

Also, can the function associated with each link representing parent process identification.

As security software netstat also holds potential for abuse by hackers ( eg identification of open ports).