Posted on

How to use Netstat to Track Detailed Network Statistics

Click here to subscribe for more videos like this!

Hey guys, welcome back. So, last video we looked at a way to really track packets and the packets that are actually being sent to and from this machine individually as packets, and now we’re going to talk about a man called “netstat” which is an abbreviated term for network statistics. So, basically the command that we’re going to be using throughout this video is netstat, and based on the flags that we pass it it’s going to return different statistics. So, if I put “netstat -nr” the “n” option makes netstat print addresses as dots, you know dotted IP addresses rather than symbolic host network name, so this is gonna make sense if you want to see the actual IP addresses rather than the domains that are connected to the machine. And, so this is what I’ve got right now. Basically, gives us the information that were looking for regarding the IP routing table, and so the “r” flag in that command that I just put basically states that we’re looking for the kernel IP routing table, and that basically shows what certain things are routed to. So, let’s actually display network interface statistics themselves, and we’re gonna do that with the “-I” command. So, we’re gonna take “netstat -I” and this shows us the usage of each of our devices, and so we can see the local host here which was configured has sent this many packets right here, and it’s received this many packets. As compared to our wireless interface which so far has received that many, and actually this is bytes not packets, and this many. So, you can kind of see how this would be useful. We can actually display connections to our machine as well, and so I think my system update is still going, it is, so this is going to be good. What we’re gonna do is run the “netstat” with the flags -ta, and this is going look for active sockets and it’s going to print out the status of them, and basically you know the foreign address in the local address. So, this obviously is our local machine here. These are the foreign addresses that it’s connecting to, and so what I’m going to do is I’m going to run “netstat -tan” and it’s gonna show IP addresses instead of the host names. And so you can see how that’s gonna be useful because we can actually combine elements of the different flags that we’re passing to the netstat command, and it’s basically you know going to change the way that each of these outputs works. And, so that is how you would use netstat to view active connections and active route of IP addresses internally through through the command line here, and you know if you’re not sure if you think your computer may be connecting to a malicious host or something, what you can do is you can take these IP addresses and you can actually look them up through through a website like network-tools. I think it’s it could be .org I’m not sure, but you can find information about each one of these hosts if you’re not sure where it came from. And, just by looking at these you might be able to you know the actual host names themselves you may know what they are. I think these are all my updates that are happening through the software update, or so that’s I don’t recognize any of these. So, that’s how to use netstat. I hope you guys enjoyed this video and found informative. I hope you guys can basically understand what netstat does. It’s a very simple command but it’s a very useful in a lot of circumstances. So, thank you guys for watching this video, I’ll see you guys soon.