Networking Tools
Hi welcome to new interesting tutorial . In this tutorial we will provides lots of information regarding network monitoring. In previous topic we discussed about network related configurations and files and this tutorial its mainly related to network monitoring.
Introduction
There are so many tools with CLI/GUI for network monitoring but we will discuss here two command mode utilities. We use these tools when we need a quick response to see that our network or our ISP’s network is online. Tools which are very useful in networking are ping and netstat.
Ping
Assume that we have done the networking in small office and now we want to check that every system is connected with router/server or other systems/ISPs. Ping is the tool to communicate with devices. If the remote server is online, ping reports back the number of bytes and time it takes to get there. If the server is not online, it will give you an error message that remote system does not exist in term of request time out/unreachable/general failure. This tool is available in all operating systems.
Here we see that localhost (127.0.0.1) is connected. While ping will go on forever unless you hit Ctrl + C. Syntax ping ip. (You can restrict number of times you want to ping remote system by using option c (count))
You can restrict number of times you want to ping remote system by using option c
[root@faraz ~]# ping localhost PING localhost (127.0.0.1) 56(84) bytes of data. 64 bytes from localhost (127.0.0.1): icmp_seq=1 ttl=64 time=0.088 ms 64 bytes from localhost (127.0.0.1): icmp_seq=2 ttl=64 time=0.252 ms In below command we are using option c with ping command . We want to ping system 10 times [root@faraz ~]# ping -c 10 localhost PING localhost (127.0.0.1) 56(84) bytes of data. 64 bytes from localhost (127.0.0.1): icmp_seq=1 ttl=64 time=0.086 ms 64 bytes from localhost (127.0.0.1): icmp_seq=2 ttl=64 time=0.113 ms 64 bytes from localhost (127.0.0.1): icmp_seq=3 ttl=64 time=0.123 ms 64 bytes from localhost (127.0.0.1): icmp_seq=4 ttl=64 time=0.230 ms 64 bytes from localhost (127.0.0.1): icmp_seq=5 ttl=64 time=0.232 ms 64 bytes from localhost (127.0.0.1): icmp_seq=6 ttl=64 time=0.122 ms 64 bytes from localhost (127.0.0.1): icmp_seq=7 ttl=64 time=0.124 ms 64 bytes from localhost (127.0.0.1): icmp_seq=8 ttl=64 time=0.124 ms 64 bytes from localhost (127.0.0.1): icmp_seq=9 ttl=64 time=0.122 ms 64 bytes from localhost (127.0.0.1): icmp_seq=10 ttl=64 time=0.585 ms --- localhost ping statistics --- 10 packets transmitted, 10 received, 0% packet loss, time 9006ms rtt min/avg/max/mdev = 0.086/0.186/0.585/0.141 ms [root@faraz ~]#
Netstat
netstat stand for network statistics. This is command line tool to monitoring network connections both incoming and outgoing as well as viewing routing tables, interface statistics etc. It is very useful in network troubleshooting and performance measurement. netstat is one of the most basic network service debugging tool, it tells you which ports are open and whether programs are listening on ports. This tool is very important and much useful for Linux Network/System Administrator to determine network traffic performance.
List all the listening ports of tcp and udp by using command netstat –a.
[root@faraz ~]# netstat -a Active Internet connections (servers and established) Proto Recv-Q Send-Q Local Address Foreign Address State tcp 0 0 0.0.0.0:sunrpc 0.0.0.0:* LISTEN tcp 0 0 0.0.0.0:mountd 0.0.0.0:* LISTEN tcp 0 0 192.168.122.1:domain 0.0.0.0:* LISTEN tcp 0 0 0.0.0.0:35382 0.0.0.0:* LISTEN tcp 0 0 0.0.0.0:ssh 0.0.0.0:* LISTEN tcp 0 0 localhost:ipp 0.0.0.0:* LISTEN tcp 0 0 localhost:smtp 0.0.0.0:* LISTEN tcp 0 0 0.0.0.0:51329 0.0.0.0:* LISTEN tcp 0 0 0.0.0.0:nfs 0.0.0.0:* LISTEN tcp 0 0 192.168.8.110:ssh 192.168.8.106:57764 ESTABLISHED tcp6 0 0 [::]:sunrpc [::]:* LISTEN tcp6 0 0 [::]:40848 [::]:* LISTEN tcp6 0 0 [::]:mountd [::]:* LISTEN tcp6 0 0 [::]:ssh [::]:* LISTEN tcp6 0 0 localhost:ipp [::]:* LISTEN tcp6 0 0 localhost:smtp [::]:* LISTEN tcp6 0 0 [::]:nfs [::]:* LISTEN tcp6 0 0 [::]:32994 [::]:* LISTEN udp 0 0 0.0.0.0:40641 0.0.0.0:* udp 0 0 0.0.0.0:mdns 0.0.0.0:* udp 0 0 0.0.0.0:32608 0.0.0.0:*
List only tcp port connections by using command netstat –at.
[root@faraz ~]# netstat -at Active Internet connections (servers and established) Proto Recv-Q Send-Q Local Address Foreign Address State tcp 0 0 0.0.0.0:sunrpc 0.0.0.0:* LISTEN tcp 0 0 0.0.0.0:mountd 0.0.0.0:* LISTEN tcp 0 0 192.168.122.1:domain 0.0.0.0:* LISTEN tcp 0 0 0.0.0.0:35382 0.0.0.0:* LISTEN tcp 0 0 0.0.0.0:ssh 0.0.0.0:* LISTEN tcp 0 0 localhost:ipp 0.0.0.0:* LISTEN tcp 0 0 localhost:smtp 0.0.0.0:* LISTEN tcp 0 0 0.0.0.0:51329 0.0.0.0:* LISTEN tcp 0 0 0.0.0.0:nfs 0.0.0.0:* LISTEN tcp 0 64 192.168.8.110:ssh 192.168.8.106:57764 ESTABLISHED tcp6 0 0 [::]:sunrpc [::]:* LISTEN tcp6 0 0 [::]:40848 [::]:* LISTEN tcp6 0 0 [::]:mountd [::]:* LISTEN tcp6 0 0 [::]:ssh [::]:* LISTEN tcp6 0 0 localhost:ipp [::]:* LISTEN tcp6 0 0 localhost:smtp [::]:* LISTEN tcp6 0 0 [::]:nfs [::]:* LISTEN tcp6 0 0 [::]:32994 [::]:* LISTEN [root@faraz ~]#
List only udp port connections by using command netstat –au.
[root@faraz ~]# netstat -au Active Internet connections (servers and established) Proto Recv-Q Send-Q Local Address Foreign Address State udp 0 0 0.0.0.0:40641 0.0.0.0:* udp 0 0 0.0.0.0:mdns 0.0.0.0:* udp 0 0 0.0.0.0:32608 0.0.0.0:* udp 0 0 0.0.0.0:941 0.0.0.0:* udp 0 0 localhost:951 0.0.0.0:* udp 0 0 0.0.0.0:nfs 0.0.0.0:* udp 0 0 192.168.122.1:domain 0.0.0.0:* udp 0 0 0.0.0.0:bootps 0.0.0.0:* udp 0 0 0.0.0.0:bootpc 0.0.0.0:* udp 0 0 0.0.0.0:mountd 0.0.0.0:* udp 0 0 0.0.0.0:sunrpc 0.0.0.0:* udp 0 0 0.0.0.0:39549 0.0.0.0:* udp 0 0 0.0.0.0:59526 0.0.0.0:* udp6 0 0 [::]:49880 [::]:* udp6 0 0 [::]:64255 [::]:* udp6 0 0 [::]:55556 [::]:* udp6 0 0 [::]:941 [::]:* udp6 0 0 [::]:nfs [::]:* udp6 0 0 [::]:mountd [::]:* udp6 0 0 [::]:sunrpc [::]:* [root@faraz ~]#
List all active listening port connections by using command netstat –l (small L).
[root@faraz ~]# netstat -l Active Internet connections (only servers) Proto Recv-Q Send-Q Local Address Foreign Address State tcp 0 0 0.0.0.0:sunrpc 0.0.0.0:* LISTEN tcp 0 0 0.0.0.0:mountd 0.0.0.0:* LISTEN tcp 0 0 192.168.122.1:domain 0.0.0.0:* LISTEN tcp 0 0 0.0.0.0:35382 0.0.0.0:* LISTEN tcp 0 0 0.0.0.0:ssh 0.0.0.0:* LISTEN tcp 0 0 localhost:ipp 0.0.0.0:* LISTEN tcp 0 0 localhost:smtp 0.0.0.0:* LISTEN tcp 0 0 0.0.0.0:51329 0.0.0.0:* LISTEN tcp 0 0 0.0.0.0:nfs 0.0.0.0:* LISTEN tcp6 0 0 [::]:sunrpc [::]:* LISTEN tcp6 0 0 [::]:40848 [::]:* LISTEN tcp6 0 0 [::]:mountd [::]:* LISTEN tcp6 0 0 [::]:ssh [::]:* LISTEN tcp6 0 0 localhost:ipp [::]:* LISTEN tcp6 0 0 localhost:smtp [::]:* LISTEN tcp6 0 0 [::]:nfs [::]:* LISTEN tcp6 0 0 [::]:32994 [::]:* LISTEN udp 0 0 0.0.0.0:40641 0.0.0.0:* udp 0 0 0.0.0.0:mdns 0.0.0.0:* udp 0 0 0.0.0.0:32608 0.0.0.0:* udp 0 0 0.0.0.0:941 0.0.0.0:* udp 0 0 localhost:951 0.0.0.0:* udp 0 0 0.0.0.0:nfs 0.0.0.0:* udp 0 0 192.168.122.1:domain 0.0.0.0:* udp 0 0 0.0.0.0:bootps 0.0.0.0:* udp 0 0 0.0.0.0:bootpc 0.0.0.0:* udp 0 0 0.0.0.0:mountd 0.0.0.0:* udp 0 0 0.0.0.0:sunrpc 0.0.0.0:* udp 0 0 0.0.0.0:39549 0.0.0.0:* udp 0 0 0.0.0.0:59526 0.0.0.0:* udp6 0 0 [::]:49880 [::]:* udp6 0 0 [::]:64255 [::]:* udp6 0 0 [::]:55556 [::]:* udp6 0 0 [::]:941 [::]:* udp6 0 0 [::]:nfs [::]:* udp6 0 0 [::]:mountd [::]:* udp6 0 0 [::]:sunrpc [::]:* raw6 0 0 [::]:ipv6-icmp [::]:* 7 Active UNIX domain sockets (only servers) Proto RefCnt Flags Type State I-Node Path unix 2 [ ACC ] STREAM LISTENING 26978 @/tmp/.ICE-unix/2850 unix 2 [ ACC ] STREAM LISTENING 21075 private/smtp unix 2 [ ACC ] STREAM LISTENING 21078 private/relay unix 2 [ ACC ] STREAM LISTENING 21099 private/lmtp unix 2 [ ACC ] STREAM LISTENING 21102 private/anvil unix 2 [ ACC ] STREAM LISTENING 21106 private/scache unix 2 [ ACC ] STREAM LISTENING 11378 /run/lvm/lvmpolld.socket unix 2 [ ACC ] STREAM LISTENING 26951 @/tmp/dbus-ce4gMkRasC unix 2 [ ACC ] STREAM LISTENING 16006 /run/gssproxy.sock unix 2 [ ACC ] STREAM LISTENING 11400 /run/lvm/lvmetad.socket unix 2 [ ACC ] STREAM LISTENING 30606 /run/user/1000/at-spi2-JIMMBY/socket unix 2 [ ACC ] STREAM LISTENING 30357 /run/user/1000/at-spi2-5OMZBY/socket unix 2 [ ACC ] STREAM LISTENING 11160 /run/systemd/private unix 2 [ ACC ] STREAM LISTENING 30376 /run/user/1000/at-spi2-M65SBY/socket unix 2 [ ACC ] STREAM LISTENING 14521 /var/run/lsm/ipc/sim unix 2 [ ACC ] STREAM LISTENING 14523 /var/run/lsm/ipc/simc unix 2 [ ACC ] STREAM LISTENING 14380 @ISCSIADM_ABSTRACT_NAMESPACE unix 2 [ ACC ] STREAM LISTENING 27979 /tmp/.esd-1000/socket unix 2 [ ACC ] STREAM LISTENING 14275 /var/run/avahi-daemon/socket unix 2 [ ACC ] STREAM LISTENING 21037 public/pickup unix 2 [ ACC ] STREAM LISTENING 21041 public/cleanup unix 2 [ ACC ] STREAM LISTENING 21044 public/qmgr unix 2 [ ACC ] STREAM LISTENING 21066 public/flush unix 2 [ ACC ] STREAM LISTENING 21081 public/showq unix 2 [ ACC ] STREAM LISTENING 14285 /var/run/dbus/system_bus_socket unix 2 [ ACC ] STREAM LISTENING 6870 /run/systemd/journal/stdout unix 2 [ ACC ] STREAM LISTENING 14295 /var/run/rpcbind.sock unix 2 [ ACC ] STREAM LISTENING 30426 /run/user/1000/at-spi2-2GV5BY/socket unix 2 [ ACC ] STREAM LISTENING 33767 /var/run/NetworkManager/private-dhcp unix 2 [ ACC ] STREAM LISTENING 27124 /run/user/1000/keyring/gpg unix 2 [ ACC ] STREAM LISTENING 16125 /var/run/abrt/abrt.socket [root@faraz ~]#
List all active listening tcp ports by using command netstat –lt.
[root@faraz ~]# netstat -lt Active Internet connections (only servers) Proto Recv-Q Send-Q Local Address Foreign Address State tcp 0 0 0.0.0.0:sunrpc 0.0.0.0:* LISTEN tcp 0 0 0.0.0.0:mountd 0.0.0.0:* LISTEN tcp 0 0 192.168.122.1:domain 0.0.0.0:* LISTEN tcp 0 0 0.0.0.0:35382 0.0.0.0:* LISTEN tcp 0 0 0.0.0.0:ssh 0.0.0.0:* LISTEN tcp 0 0 localhost:ipp 0.0.0.0:* LISTEN tcp 0 0 localhost:smtp 0.0.0.0:* LISTEN tcp 0 0 0.0.0.0:51329 0.0.0.0:* LISTEN tcp 0 0 0.0.0.0:nfs 0.0.0.0:* LISTEN tcp6 0 0 [::]:sunrpc [::]:* LISTEN tcp6 0 0 [::]:40848 [::]:* LISTEN tcp6 0 0 [::]:mountd [::]:* LISTEN tcp6 0 0 [::]:ssh [::]:* LISTEN tcp6 0 0 localhost:ipp [::]:* LISTEN tcp6 0 0 localhost:smtp [::]:* LISTEN tcp6 0 0 [::]:nfs [::]:* LISTEN tcp6 0 0 [::]:32994 [::]:* LISTEN [root@faraz ~]#
Showing statistics of only tcp protocol by using command netstat –st.
[root@faraz ~]# netstat -st
IcmpMsg:
InType0: 109
InType3: 11
InType8: 77
InType11: 147
OutType0: 77
OutType3: 11
OutType8: 158
Tcp:
0 active connections openings
1 passive connection openings
0 failed connection attempts
0 connection resets received
1 connections established
3786 segments received
2641 segments send out
0 segments retransmited
0 bad segments received.
36 resets sent
UdpLite:
TcpExt:
6 delayed acks sent
4 delayed acks further delayed because of locked socket
1236 packet headers predicted
636 acknowledgments not containing data payload received
1132 predicted acknowledgments
IPReversePathFilter: 3
TCPRcvCoalesce: 110
TCPAutoCorking: 1
TCPOrigDataSent: 2538
IpExt:
InNoRoutes: 12
InMcastPkts: 18
OutMcastPkts: 22
InBcastPkts: 70
InOctets: 367392
OutOctets: 543186
InMcastOctets: 4355
OutMcastOctets: 4515
InBcastOctets: 6460
InNoECTPkts: 4342
[root@faraz ~]#
List all active listening udp ports by using command netstat –lu.
[root@faraz ~]# netstat -lu Active Internet connections (only servers) Proto Recv-Q Send-Q Local Address Foreign Address State udp 0 0 0.0.0.0:40641 0.0.0.0:* udp 0 0 0.0.0.0:mdns 0.0.0.0:* udp 0 0 0.0.0.0:32608 0.0.0.0:* udp 0 0 0.0.0.0:941 0.0.0.0:* udp 0 0 localhost:951 0.0.0.0:* udp 0 0 0.0.0.0:nfs 0.0.0.0:* udp 0 0 192.168.122.1:domain 0.0.0.0:* udp 0 0 0.0.0.0:bootps 0.0.0.0:* udp 0 0 0.0.0.0:bootpc 0.0.0.0:* udp 0 0 0.0.0.0:mountd 0.0.0.0:* udp 0 0 0.0.0.0:sunrpc 0.0.0.0:* udp 0 0 0.0.0.0:39549 0.0.0.0:* udp 0 0 0.0.0.0:59526 0.0.0.0:* udp6 0 0 [::]:49880 [::]:* udp6 0 0 [::]:64255 [::]:* udp6 0 0 [::]:55556 [::]:* udp6 0 0 [::]:941 [::]:* udp6 0 0 [::]:nfs [::]:* udp6 0 0 [::]:mountd [::]:* udp6 0 0 [::]:sunrpc [::]:* [root@faraz ~]#
Showing statistics of only udp protocol by using command netstat –su.
[root@faraz ~]# netstat -su
IcmpMsg:
InType0: 109
InType3: 11
InType8: 77
InType11: 147
OutType0: 77
OutType3: 11
OutType8: 158
Udp:
109 packets received
1 packets to unknown port received.
0 packet receive errors
286 packets sent
0 receive buffer errors
0 send buffer errors
UdpLite:
IpExt:
InNoRoutes: 12
InMcastPkts: 20
OutMcastPkts: 22
InBcastPkts: 70
InOctets: 372507
OutOctets: 550282
InMcastOctets: 4500
OutMcastOctets: 4515
InBcastOctets: 6460
InNoECTPkts: 4411
[root@faraz ~]#
Statistics are shown for the tcp, udp, icmp and ip protocol by using command netstat –s. (Try it yourself)
Displaying service name with their process id number by using command netstat –tp.
[root@faraz ~]# netstat -tp Active Internet connections (w/o servers) Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name tcp 0 0 192.168.8.110:ssh 192.168.8.106:57764 ESTABLISHED 3767/sshd: root@pts [root@faraz ~]#
Displaying kernel ip routing table by using command netstat –r.
[root@faraz ~]# netstat -r Kernel IP routing table Destination Gateway Genmask Flags MSS Window irtt Iface default www.huaweimobil 0.0.0.0 UG 0 0 0 enp0s3 192.168.8.0 0.0.0.0 255.255.255.0 U 0 0 0 enp0s3 192.168.122.0 0.0.0.0 255.255.255.0 U 0 0 0 virbr0 [root@faraz ~]# netstat -rn Kernel IP routing table Destination Gateway Genmask Flags MSS Window irtt Iface 0.0.0.0 192.168.8.1 0.0.0.0 UG 0 0 0 enp0s3 192.168.8.0 0.0.0.0 255.255.255.0 U 0 0 0 enp0s3 192.168.122.0 0.0.0.0 255.255.255.0 U 0 0 0 virbr0 [root@faraz ~]#
Showing network interface packet transactions including both transferring and receiving packets with MTU (Maximum Transmission Unit) size by using command netstat –i.
[root@faraz ~]# netstat -i Kernel Interface table Iface MTU RX-OK RX-ERR RX-DRP RX-OVR TX-OK TX-ERR TX-DRP TX-OVR Flg enp0s3 1500 4765 0 0 0 3460 0 0 0 BMRU lo 65536 198 0 0 0 198 0 0 0 LRU [root@faraz ~]#
Showing interface table similar to ifconfig command by using command netstat –ie.
[root@faraz ~]# netstat -ie
Kernel Interface table
enp0s3: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 192.168.8.110 netmask 255.255.255.0 broadcast 192.168.8.255
inet6 fe80::a00:27ff:fe34:71df prefixlen 64 scopeid 0x20
ether 08:00:27:34:71:df txqueuelen 1000 (Ethernet)
RX packets 4799 bytes 463896 (453.0 KiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 3476 bytes 692966 (676.7 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536
inet 127.0.0.1 netmask 255.0.0.0
inet6 ::1 prefixlen 128 scopeid 0x10
loop txqueuelen 0 (Local Loopback)
RX packets 198 bytes 15084 (14.7 KiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 198 bytes 15084 (14.7 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
[root@faraz ~]#
To get netstat information every few seconds continuously by using command netstat –c.
[root@faraz ~]# netstat -c Active Internet connections (w/o servers) Proto Recv-Q Send-Q Local Address Foreign Address State tcp 0 64 192.168.8.110:ssh 192.168.8.106:61150 ESTABLISHED Active UNIX domain sockets (w/o servers) Proto RefCnt Flags Type State I-Node Path unix 2 [ ] DGRAM 11175 /run/systemd/shutdownd unix 2 [ ] DGRAM 6852 /run/systemd/notify unix 5 [ ] DGRAM 6873 /run/systemd/journal/socket unix 27 [ ] DGRAM 6875 /dev/log unix 3 [ ] STREAM CONNECTED 30206 @/tmp/.X11-unix/X0 unix 3 [ ] STREAM CONNECTED 16114 unix 3 [ ] STREAM CONNECTED 14531 unix 3 [ ] STREAM CONNECTED 26976 /var/run/dbus/system_bus_socket unix 3 [ ] STREAM CONNECTED 18289 unix 2 [ ] STREAM CONNECTED 27589 unix 3 [ ] STREAM CONNECTED 30149 unix 3 [ ] STREAM CONNECTED 29908 unix 3 [ ] STREAM CONNECTED 26740 @/tmp/dbus-AgDlDc7U39 unix 3 [ ] STREAM CONNECTED 15778 unix 3 [ ] STREAM CONNECTED 30360 unix 3 [ ] STREAM CONNECTED 29254 unix 3 [ ] STREAM CONNECTED 29972 unix 3 [ ] STREAM CONNECTED 21079 unix 3 [ ] STREAM CONNECTED 29141 unix 2 [ ] DGRAM 16152 unix 3 [ ] STREAM CONNECTED 14955 /run/systemd/journal/stdout unix 3 [ ] STREAM CONNECTED 30114 /var/run/dbus/system_bus_socket unix 3 [ ] STREAM CONNECTED 16471 unix 3 [ ] STREAM CONNECTED 21059 unix 3 [ ] STREAM CONNECTED 24567 /var/run/dbus/system_bus_socket unix 3 [ ] STREAM CONNECTED 22663 /run/systemd/journal/stdout unix 3 [ ] STREAM CONNECTED 29763 @/tmp/dbus-AgDlDc7U39 unix 3 [ ] STREAM CONNECTED 17911 unix 3 [ ] STREAM CONNECTED 30197 unix 3 [ ] STREAM CONNECTED 29154 unix 3 [ ] STREAM CONNECTED 28849 @/tmp/.X11-unix/X0 unix 3 [ ] STREAM CONNECTED 15086 unix 3 [ ] STREAM CONNECTED 16012 /run/gssproxy.sock unix 3 [ ] STREAM CONNECTED 12184 Active Internet connections (w/o servers) Proto Recv-Q Send-Q Local Address Foreign Address State tcp 0 0 192.168.8.110:ssh 192.168.8.106:61150 ESTABLISHED Active UNIX domain sockets (w/o servers) Proto RefCnt Flags Type State I-Node Path unix 2 [ ] DGRAM 11175 /run/systemd/shutdownd unix 2 [ ] DGRAM 6852 /run/systemd/notify unix 5 [ ] DGRAM 6873 /run/systemd/journal/socket unix 27 [ ] DGRAM 6875 /dev/log unix 3 [ ] STREAM CONNECTED 30206 @/tmp/.X11-unix/X0 unix 3 [ ] STREAM CONNECTED 16114 unix 3 [ ] STREAM CONNECTED 14531 unix 3 [ ] STREAM CONNECTED 26976 /var/run/dbus/system_bus_socket unix 3 [ ] STREAM CONNECTED 18289 unix 2 [ ] STREAM CONNECTED 27589 unix 3 [ ] STREAM CONNECTED 30149 unix 3 [ ] STREAM CONNECTED 29908 unix 3 [ ] STREAM CONNECTED 26740 @/tmp/dbus-AgDlDc7U39 unix 3 [ ] STREAM CONNECTED 15778 unix 3 [ ] STREAM CONNECTED 30360 unix 3 [ ] STREAM CONNECTED 29254 unix 3 [ ] STREAM CONNECTED 29972 unix 3 [ ] STREAM CONNECTED 21079 unix 3 [ ] STREAM CONNECTED 29141 unix 2 [ ] DGRAM 16152 unix 3 [ ] STREAM CONNECTED 14955 /run/systemd/journal/stdout unix 3 [ ] STREAM CONNECTED 30114 /var/run/dbus/system_bus_socket unix 3 [ ] STREAM CONNECTED 16471 unix 3 [ ] STREAM CONNECTED 21059 unix 3 [ ] STREAM CONNECTED 24567 /var/run/dbus/system_bus_socket unix 3 [ ] STREAM CONNECTED 22663 /run/systemd/journal/stdout unix 3 [ ] STREAM CONNECTED 29763 @/tmp/dbus-AgDlDc7U39
Now we want to find how many listening programs are running on a port by using command netstat –ap |grep ssh.
[root@faraz ~]# netstat -ap| grep ssh tcp 0 0 0.0.0.0:ssh 0.0.0.0:* LISTEN 1175/sshd tcp 0 0 192.168.8.110:ssh 192.168.8.106:61150 ESTABLISHED 6242/sshd: root@pts tcp6 0 0 [::]:ssh [::]:* LISTEN 1175/sshd unix 2 [ ACC ] STREAM LISTENING 26858 3011/ssh-agent /tmp/ssh-H42Tir49LfQc/agent.2850 unix 2 [ ACC ] STREAM LISTENING 27216 2824/gnome-keyring- /run/user/1000/keyring/ssh unix 3 [ ] STREAM CONNECTED 17710 1175/sshd unix 2 [ ] DGRAM 50038 6242/sshd: root@pts [root@faraz ~]#
Summary
In this tutorial we discussed network monitoring tools and we learn how to check network status, listening ports and their statistics. Monitor tools provides the real time availability of any network node. Through the above commands you can communicate with other systems and get theirs replies if the systems in running position. Once you deploy network system now you are able to share resources and configure different types of servers to facilitate users.
I hope you enjoyed this tutorial please let us know with your suggestion we will appreciate. Keep learning with us. 🙂
Thanks
netstat is indeed very useful, but it is being slowly deprecated in favor of ss, just like ifconfig was deprecated in favor of ip. The article http://bit.ly/ss-examples (in portuguese) shows some ss equivalent comands to the netstat comands of your article.