After covering topics like how to kill a remote connecting malware on Windows and how to create bootable USB in Windows from the command line, today, we are going to talk about a command and its variants to monitor network and network traffic on Windows. Yes, we are talking about the Netstat command.
As its name suggests, netstat command is a short form for network statistics. However, this short command has a lot of capabilities to find a large amount of information about our network such as ports, their status, connections (incoming and outgoing), protocols and much more information.
As you can see above, this command will display the state all of the connections from your computer. You can see that local address and the foreign address are in the raw format.
It disables the DNS lookups as it takes time and it’s often not necessary to perform the lookup for the information being sought.
Also, you can notice that the netstat command displays the current state of all of the connections on the device. Some of the states’ examples are:
Each entry under this command shows an IP address followed by a port number. You’ll see something like this —
Here, TCP is the protocol, 192.168.1.8 is the local IP address, 55544 is the local port number, 188.8.131.52 is the foreign IP address and 443 is the foreign port number while the connection is established already.
If you are aware of the port numbers then you can figure out from the above entry that it is a HTTPS connection to the IP address 184.108.40.206.
Also read: Speed Up Internet Using CMD (Command Prompt)
However, if you are also interested in knowing about the foreign address name instead of the IP address, just type netstat -a.
With this command, you can see all the active connections and instead of just showing the raw IP address of the foreign address, it does DNS lookup as well.
This command will show you statistics of the overall packets.
This netstat command shows you statistics per protocol. If you want to know the statistics for a particular protocol, you can follow the following variants of the netstat commands as shown below: