Netstat Command -Study Notes for PSC, SSC, and RRB IT Exams

Welcome to the Computer Science and Technology Study Materials section from CoreNetworkZ EdTech Solutions, a leading mock test and competitive exam preparation platform, for students preparing for SSC, DSSSB, and Kerala PSC examinations. Today, I will explain Netstat Command.

Netstat command is a DOS command used to find all active TCP connections between your computer and other network devices with port numbers and TCP connection state.

By simply using this command on the command prompt, you will get the list of active TCP connections between local IP addresses(your computer) and foreign IP addresses.

You can also find the port numbers open in those connections. This feature helps the netstat command to view the foreign computers connected to your PC. Check the image below to understand it.

You can use the netstat command better if you understand the command syntax. I give you a list of proper command syntax for your reference below.

SSC, DSSSB, and Kerala PSC conduct examinations for various IT posts.

Understanding ICMP error messages is essential for candidates appearing for the DSSSB PGT/TGT Computer Science, Kerala PSC Degree Level Exam, SSC Scientific Assistant (CS), VSSC Technical Assistant, and System Analyst posts. These networking fundamentals are core parts of the Computer Science syllabus.

Kerala PSC Degree Level examinations have a Computer Science section where students can expect questions that require them to explain the uses of Netstat Command. You can check the Kerala PSC Degree Level Common Prelims Syllabus under the Computer Science section. I recommend you download the syllabus using this official link.

Reference: https://www.keralapsc.gov.in/sites/default/files/2021-02/syllubus.pdf

I have read a few comments asking about various uses of this command. A comment from Resnish asks about getting the list of all listening ports active on a computer. Abhilash asked about the practical uses, and Adash is curious to know how to print the names of active programs connected to the Internet.

You can get them by using the Netstat command with the correct syntax. Read this list, and I am sure you will find the syntax suitable for your needs.

1. netstat -n: Displays addresses and port numbers in numerical form.
   
   
2. netstat -a: Displays all connections and listening port.
   
   
3. netstat -b: Displays the executable in creating each connection or listening ports.
   
   
4. netstat -e: Displays Ethernet statistics.
   
   
5. netstat -o: Displays the Process Identifier associated with each connection.
   
   
6. netstat -p: Shows connections for the specific protocol only.
   
   
7. netstat r: Displays the routing table.
   
   
8. netstat s: It displays per-protocol statistics.

Abhilash PV commented about the practical uses of this command. He is preparing for the SSC Scientific Assistant (CS) examination. You will find the command Netstat helpful in solving multiple problems in your practical life.

It is a handy tool for securing your computer. There are many practical uses: finding any programs that establish a connection to the Internet without your knowledge, finding the IP address of a chat friend while sharing a file, etc. Let us check some of such uses.

1. Check For Programs that Established Connections

   Let me answer the question by Adarsh Menon, a Kerala PSC aspirant. He asked how to find the programs on his computer connected to an external server.

   We can find the names of applications installed on your computer to establish a connection between your computer and a foreign address. Use the following format to find every application having an active TCP connection.

   
   

   Run the Command Prompt with administrative privileges to execute netstat.

   
   

   Let me explain the steps to find active applications with connections to remote servers.

   1. Type Command Prompt on the Windows Search and run as administrator.

   2. Type netstat -b and press the enter key.

   
   
   
   

   Run the Command Prompt in administrator mode to execute this command. To learn how to do this, visit the link below.

   The Requested Operation Requires Elevation (Run as Administrator)
   
   
   

2. Find Process Identifiers

   With the netstat -o command, you can find active TCP connections made on your computer with exact Process Identifiers(PID).

   
   
   
   

3. Find the Absolute Domain name of the Foreign Host

   We can find the absolute domain name or Fully Qualified Domain Name(FQDN). It will give you a clear picture of the Internet foreign hosts with a connection to your computer. The syntax to find the Fully Qualified Domain Name of foreign addresses is:

   
   
   

   netstat -f

   
   

   Check the screenshot for a better understanding.

   
   
   
   

4. Find the Offload with Netstat Command

   We can find the current offload state of TCP connections using it. The syntax to check the current TCP chimney offload state is:

   
   

   netstat -t

   
   
   
   

I hope you enjoyed this tutorial. Let me share a few recent posts as the suggested readings.

You have learned the basics of the Netstat command. I suggest you read the following tutorials for the detailed study.

1. https://www.cisco.com/c/en/us/support/docs/interfaces-modules/channel-interface-processors/12989-69.html
2. https://www.keralapsc.gov.in/sites/default/files/2021-02/syllubus.pdf
3. https://supportportal.juniper.net/s/article/Junos-How-to-identify-the-process-that-is-listening-on-a-specific-port?language=en_US