Practical Uses of Netstat Command in Analyzing Connected Foreign Addresses

Netstat command is a DOS command used to find all active TCP connections between your computer and other network devices with port numbers and TCP connection state. By simply using this command on command prompt, you will get the list of active TCP connections between local IP address(your computer) and foreign IP addresses. You can also find the port numbers open in those connections. With proper syntax we can effectively use it to view how your computer is connected to foreign computers. It has many important uses in computer security. Check the image below to understand its simple use.
proper use

List of Common Netstat Command Syntax
  1. netstat -n : Displays addresses and port numbers in numerical form

  2. netstat -a : Displays all connections and listening ports

  3. netstat -b : Displays the executable involved in creating each connections or listening ports.

  4. netstat -e : Displays Ethernet statistics

  5. netstat -o : Displays the Process Identifier associated with each connection

  6. netstat -p :Shows connections for the specific protocol only

  7. netstat r : Displays the routing table

  8. netstat s : Displays per-protocol statistics

Practical Uses of Netstat Command

If you are working on computer security, it is very handy. There are many practical uses like finding any programs established a connection to Internet without your knowledge, finding the IP address of a chat friend while sharing a file etc. Let us check some of such uses.

  1. Check Programs Established Connections

    It is important to find the names of applications installed on your computer established connection between your computer and a foreign address. Use the following format to find every applications having an active TCP connection.

    netstat -b
    code to find active internet programs

    You must need to run Command Prompt in administrator mode to execute this command. To learn how to do this, visit the link below.
    The Requested Operation Requires Elevation (Run as Administrator)

  2. Find Process Identifiers

    With netstat -o command you can find active TCP connections made on your computer with exact Process Identifiers(PID).
    Practical uses

  3. Find Absolute Domain name of Foreign Host

    One of the important application is to find the absolute domain name or Fully Qualified domain Name(FQDN) of the connected foreign address. It will give you a clear picture of the Internet foreign hosts who are connected to your computer. The syntax to find Fully Qualified domain Name of foreign address is given below.

    netstat -f
    Find FQDN of foreign connections

  4. Find the Offload

    We can find the current offload state of TCP connections using it. The syntax to find current TCP chimney offload state is give below.

    netstat -t
    important uses

Suggested Readings
  1. I Can Ping Global DNS Server Address But Unable To Go Online

  2. How to find the Location of Your Yahoo Messenger Chat Friend

  3. Industry's Best Free Antivirus Software Products

  4. CMD Command To Open DOS In Any Drive

CoreNetworkZ -Network Portal


Anonymous said...

you have a fast server

rijuroy said...

when i type netstat -b it says "The requested operation requires elevation" what does that mean?

Atanu Dey said...

"The requested operation requires elevation" displays. Soloution is Please open the commnad prompt as Run as Administrator mode.

Admin said...

Thanks for providing solution Atanu.

@ Riju For more details please visit the link below.