Netstat: A small but powerful tool for administrators

Learn how to check for network spies using the netstat command.

Netstat is a powerful command used to check whether your workstation is under attack.

How can you tell when someone is listening to your computer from outside your secure LAN or VPN -- from the wilds of the Internet? By "listening to your computer," I mean that someone outside has established an unauthorized connection with your Workstation so that he can attack or take valuable information from your node.

In order to find whether this had happened, you can use various tools. One of these tools is called netstat.

How to use it?

netstat -an

Now you can see some output from which you can find any listening ports. The output will give the protocol, local address, foreign address and state. Even though this tool is very good, it takes some research to learn from its output.

You can also use other tools like Fport, nmap, etc., which will give much more detail, but netstat command is already built into most Linux/Unix machines.

This was first published in February 2004

Dig deeper on Linux administration tools

0 comments

Oldest 

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

SearchDataCenter

SearchServerVirtualization

SearchCloudComputing

SearchEnterpriseDesktop

Close