Practical Uses of the Netstat Command

Netstat command is a DOS command used to find all active TCP connections between your computer and other network devices with port numbers and TCP connection state.

By simply using this command on the command prompt, you will get the list of active TCP connections between local IP addresses(your computer) and foreign IP addresses.

The netstat command has many uses in computer security.

You can also find the port numbers open in those connections. This feature helps the netstat command to view the foreign computers connected to your PC. Check the image below to understand it.

How to use the netstat command

You can use the netstat command better if you understand the command syntax. I give you a list of proper command syntax for your reference below.

List of Common Netstat Command Syntax

  1. netstat -n: Displays addresses and port numbers in numerical form.

  2. netstat -a: Displays all connections and listening port.

  3. netstat -b: Displays the executable in creating each connection or listening ports.

  4. netstat -e: Displays Ethernet statistics.

  5. netstat -o: Displays the Process Identifier associated with each connection.

  6. netstat -p: Shows connections for the specific protocol only.

  7. netstat r: Displays the routing table.

  8. netstat s: It displays per-protocol statistics.

Practical Uses of Netstat Command

It is a handy tool for securing your computer. There are many practical uses: finding any programs that establish a connection to the Internet without your knowledge, finding the IP address of a chat friend while sharing a file, etc. Let us check some of such uses.

  1. Check For Programs that Established Connections

    We can find the names of applications installed on your computer to establish a connection between your computer and a foreign address. Use the following format to find every application having an active TCP connection.

    Run the Command Prompt with administrative privileges to execute netstat.

    Let me explain the steps to find active applications with connections to remote servers.

    1. Type Command Prompt on the Windows Search and run as administrator.

    2. Type netstat -b and press the enter key.

    code to find active internet programs

    Run the Command Prompt in administrator mode to execute this command. To learn how to do this, visit the link below.

  2. Find Process Identifiers

    With the netstat -o command, you can find active TCP connections made on your computer with exact Process Identifiers(PID).

    Practical uses of netstat command

  3. Find the Absolute Domain name of the Foreign Host

    We can find the absolute domain name or Fully Qualified Domain Name(FQDN). It will give you a clear picture of the Internet foreign hosts with a connection to your computer. The syntax to find the Fully Qualified Domain Name of foreign addresses is:

    netstat -f

    Check the screenshot for a better understanding.

    Find FQDN of foreign connections

  4. Find the Offload with Netstat Command

    We can find the current offload state of TCP connections using it. The syntax to check the current TCP chimney offload state is:

    netstat -t

    important uses

I hope you enjoyed this tutorial. Let me share a few recent posts as the suggested readings.