1. ss command: It dump socket (network connection) statistics such
as all TCP / UDP connections, established connection per protocol
(e.g., display all established ssh connections), display all the tcp
sockets in various state such as ESTABLISHED or FIN-WAIT-1
and so on.
2. netstat command: It can display network connections, routing
tables, interfaces and much more.
3. tcptrack and iftop commands : Displays information about TCP connections it sees
on a network interface and display bandwidth usage on an interface by host
respectively.
Display Currently Established, Closed, Orphaned
and Waiting TCP sockets, enter:
# ss -s
Sample outputs:
Total: 529 (kernel 726)
TCP: 1403 (estab 286, closed 1099, orphaned 1, synrecv 0, timewait 1098/0), ports 774
1 of 9 05/12/2011 11:16 AM
Linux: Check Network Connection Command http://www.cyberciti.biz/faq/check-network-connec...
Transport Total IP IPv6
* 726 - -
RAW 0 0 0
UDP 27 13 14
TCP 304 298 6
INET 331 311 20
FRAG 0 0 0
Or you can use the netstat command as follows:
# netstat -s
Sample outputs:
Ip:
102402748 total packets received
3 with invalid addresses
0 forwarded
0 incoming packets discarded
102192035 incoming packets delivered
95627316 requests sent out
Icmp:
6726 ICMP messages received
167 input ICMP message failed.
ICMP input histogram:
destination unreachable: 2353
timeout in transit: 4
echo requests: 4329
10323 ICMP messages sent
0 ICMP messages failed
ICMP output histogram:
destination unreachable: 5994
echo replies: 4329
IcmpMsg:
InType3: 2353
InType8: 4329
InType11: 4
OutType0: 4329
OutType3: 5994
Tcp:
839222 active connections openings
2148984 passive connection openings
1480 failed connection attempts
1501 connection resets received
281 connections established
101263451 segments received
94668430 segments send out
9820 segments retransmited
0 bad segments received.
1982 resets sent
Udp:
1024635 packets received
18 packets to unknown port received.
0 packet receive errors
1024731 packets sent
TcpExt:
592 invalid SYN cookies received
396 resets received for embryonic SYN_RECV sockets
2 packets pruned from receive queue because of socket buffer overrun
Display All Open Network Ports
Use the ss command as follows:
# ss -l
Sample outputs:
Recv-Q Send-Q Local Address:Port Peer Address:Port
0 50 127.0.0.1:mysql *:*
0 128 127.0.0.1:11211 *:*
0 128 *:sunrpc *:*
0 128 :::www :::*
0 128 *:55153 *:*
0 3 10.1.11.27:domain *:*
0 3 192.168.1.101:domain *:*
0 3 127.0.0.1:domain *:*
# netstat -tulpn
Sample outputs:
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 127.0.0.1:3306 0.0.0.0:* LISTEN 1380/mysqld
tcp 0 0 127.0.0.1:11211 0.0.0.0:* LISTEN 1550/memcached
tcp 0 0 0.0.0.0:111 0.0.0.0:* LISTEN 936/portmap
tcp 0 0 0.0.0.0:55153 0.0.0.0:* LISTEN 1025/rpc.statd
tcp 0 0 10.1.11.27:53 0.0.0.0:* LISTEN 1343/named
tcp 0 0 192.168.1.101:53 0.0.0.0:* LISTEN 1343/named
tcp 0 0 127.0.0.1:53 0.0.0.0:* LISTEN 1343/named
tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 979/sshd
tcp 0 0 127.0.0.1:631 0.0.0.0:* LISTEN 1828/cupsd
tcp 0 0 0.0.0.0:7001 0.0.0.0:* LISTEN 10129/transmission
tcp 0 0 0.0.0.0:25 0.0.0.0:* LISTEN 1694/master
tcp 0 0 127.0.0.1:953 0.0.0.0:* LISTEN 1343/named
tcp 0 0 0.0.0.0:8000 0.0.0.0:* LISTEN 1539/icecast2
tcp6 0 0 :::80 :::* LISTEN 1899/apache2
tcp6 0 0 :::53 :::* LISTEN 1343/named
tcp6 0 0 :::22 :::* LISTEN 979/sshd
tcp6 0 0 ::1:631 :::* LISTEN 1828/cupsd
tcp6 0 0 :::7001 :::* LISTEN 10129/transmission
tcp6 0 0 ::1:953 :::* LISTEN 1343/named
udp 0 0 239.255.255.250:1900 0.0.0.0:* 11937/opera
udp 0 0 239.255.255.250:1900 0.0.0.0:* 11937/opera
udp 0 0 0.0.0.0:111 0.0.0.0:* 936/portmap
udp 0 0 0.0.0.0:777 0.0.0.0:* 1025/rpc.statd
udp 0 0 0.0.0.0:38297 0.0.0.0:* 1025/rpc.statd
udp 0 0 192.168.1.101:33843 0.0.0.0:* 11937/opera
udp 0 0 10.1.11.27:53 0.0.0.0:* 1343/named
udp 0 0 192.168.1.101:53 0.0.0.0:* 1343/named
udp 0 0 127.0.0.1:53 0.0.0.0:* 1343/named
udp 0 0 0.0.0.0:68 0.0.0.0:* 5840/dhclient
udp 0 0 127.0.0.1:11211 0.0.0.0:* 1550/memcached
udp 0 0 0.0.0.0:7001 0.0.0.0:* 10129/transmission
udp 0 0 10.1.11.27:33372 0.0.0.0:* 11937/opera
udp6 0 0 :::53 :::* 1343/named
Display All TCP Sockets
Type the ss command as follows:
# ss -t -a
Or use the netstat command as follows:
# netstat -nat
Display All UDP Sockets
Type the ss command as follows:
# ss -u -a
Or use the netstat command as follows:
# netstat -nau
lsof Command
You can use the lsof command follows to list more information about open ports:
# lsof -i :portNumber
# lsof -i tcp:portNumber
# lsof -i udp:portNumber
# lsof -i :80 | grep LISTEN
View Established Connections Only
Use the netstat command as follows:
# netstat -natu | grep 'ESTABLISHED'
Say Hello To tcptrack
The tcptrack command displays the status of TCP connections that it sees on a given
network interface. tcptrack monitors their state and displays information such as state,
source/destination addresses and bandwidth usage in a sorted, updated list very much
like the top command.
as all TCP / UDP connections, established connection per protocol
(e.g., display all established ssh connections), display all the tcp
sockets in various state such as ESTABLISHED or FIN-WAIT-1
and so on.
2. netstat command: It can display network connections, routing
tables, interfaces and much more.
3. tcptrack and iftop commands : Displays information about TCP connections it sees
on a network interface and display bandwidth usage on an interface by host
respectively.
Display Currently Established, Closed, Orphaned
and Waiting TCP sockets, enter:
# ss -s
Sample outputs:
Total: 529 (kernel 726)
TCP: 1403 (estab 286, closed 1099, orphaned 1, synrecv 0, timewait 1098/0), ports 774
1 of 9 05/12/2011 11:16 AM
Linux: Check Network Connection Command http://www.cyberciti.biz/faq/check-network-connec...
Transport Total IP IPv6
* 726 - -
RAW 0 0 0
UDP 27 13 14
TCP 304 298 6
INET 331 311 20
FRAG 0 0 0
Or you can use the netstat command as follows:
# netstat -s
Sample outputs:
Ip:
102402748 total packets received
3 with invalid addresses
0 forwarded
0 incoming packets discarded
102192035 incoming packets delivered
95627316 requests sent out
Icmp:
6726 ICMP messages received
167 input ICMP message failed.
ICMP input histogram:
destination unreachable: 2353
timeout in transit: 4
echo requests: 4329
10323 ICMP messages sent
0 ICMP messages failed
ICMP output histogram:
destination unreachable: 5994
echo replies: 4329
IcmpMsg:
InType3: 2353
InType8: 4329
InType11: 4
OutType0: 4329
OutType3: 5994
Tcp:
839222 active connections openings
2148984 passive connection openings
1480 failed connection attempts
1501 connection resets received
281 connections established
101263451 segments received
94668430 segments send out
9820 segments retransmited
0 bad segments received.
1982 resets sent
Udp:
1024635 packets received
18 packets to unknown port received.
0 packet receive errors
1024731 packets sent
TcpExt:
592 invalid SYN cookies received
396 resets received for embryonic SYN_RECV sockets
2 packets pruned from receive queue because of socket buffer overrun
Display All Open Network Ports
Use the ss command as follows:
# ss -l
Sample outputs:
Recv-Q Send-Q Local Address:Port Peer Address:Port
0 50 127.0.0.1:mysql *:*
0 128 127.0.0.1:11211 *:*
0 128 *:sunrpc *:*
0 128 :::www :::*
0 128 *:55153 *:*
0 3 10.1.11.27:domain *:*
0 3 192.168.1.101:domain *:*
0 3 127.0.0.1:domain *:*
# netstat -tulpn
Sample outputs:
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 127.0.0.1:3306 0.0.0.0:* LISTEN 1380/mysqld
tcp 0 0 127.0.0.1:11211 0.0.0.0:* LISTEN 1550/memcached
tcp 0 0 0.0.0.0:111 0.0.0.0:* LISTEN 936/portmap
tcp 0 0 0.0.0.0:55153 0.0.0.0:* LISTEN 1025/rpc.statd
tcp 0 0 10.1.11.27:53 0.0.0.0:* LISTEN 1343/named
tcp 0 0 192.168.1.101:53 0.0.0.0:* LISTEN 1343/named
tcp 0 0 127.0.0.1:53 0.0.0.0:* LISTEN 1343/named
tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 979/sshd
tcp 0 0 127.0.0.1:631 0.0.0.0:* LISTEN 1828/cupsd
tcp 0 0 0.0.0.0:7001 0.0.0.0:* LISTEN 10129/transmission
tcp 0 0 0.0.0.0:25 0.0.0.0:* LISTEN 1694/master
tcp 0 0 127.0.0.1:953 0.0.0.0:* LISTEN 1343/named
tcp 0 0 0.0.0.0:8000 0.0.0.0:* LISTEN 1539/icecast2
tcp6 0 0 :::80 :::* LISTEN 1899/apache2
tcp6 0 0 :::53 :::* LISTEN 1343/named
tcp6 0 0 :::22 :::* LISTEN 979/sshd
tcp6 0 0 ::1:631 :::* LISTEN 1828/cupsd
tcp6 0 0 :::7001 :::* LISTEN 10129/transmission
tcp6 0 0 ::1:953 :::* LISTEN 1343/named
udp 0 0 239.255.255.250:1900 0.0.0.0:* 11937/opera
udp 0 0 239.255.255.250:1900 0.0.0.0:* 11937/opera
udp 0 0 0.0.0.0:111 0.0.0.0:* 936/portmap
udp 0 0 0.0.0.0:777 0.0.0.0:* 1025/rpc.statd
udp 0 0 0.0.0.0:38297 0.0.0.0:* 1025/rpc.statd
udp 0 0 192.168.1.101:33843 0.0.0.0:* 11937/opera
udp 0 0 10.1.11.27:53 0.0.0.0:* 1343/named
udp 0 0 192.168.1.101:53 0.0.0.0:* 1343/named
udp 0 0 127.0.0.1:53 0.0.0.0:* 1343/named
udp 0 0 0.0.0.0:68 0.0.0.0:* 5840/dhclient
udp 0 0 127.0.0.1:11211 0.0.0.0:* 1550/memcached
udp 0 0 0.0.0.0:7001 0.0.0.0:* 10129/transmission
udp 0 0 10.1.11.27:33372 0.0.0.0:* 11937/opera
udp6 0 0 :::53 :::* 1343/named
Display All TCP Sockets
Type the ss command as follows:
# ss -t -a
Or use the netstat command as follows:
# netstat -nat
Display All UDP Sockets
Type the ss command as follows:
# ss -u -a
Or use the netstat command as follows:
# netstat -nau
lsof Command
You can use the lsof command follows to list more information about open ports:
# lsof -i :portNumber
# lsof -i tcp:portNumber
# lsof -i udp:portNumber
# lsof -i :80 | grep LISTEN
View Established Connections Only
Use the netstat command as follows:
# netstat -natu | grep 'ESTABLISHED'
Say Hello To tcptrack
The tcptrack command displays the status of TCP connections that it sees on a given
network interface. tcptrack monitors their state and displays information such as state,
source/destination addresses and bandwidth usage in a sorted, updated list very much
like the top command.
No comments:
Post a Comment