Local and Foreign Address using netstat

Hacking Truth
0


Local and Foreign Address using netstat



In the context of netstat command, the 'Local Address' refers to the network address of your own computer, where a particular network service is running. The 'Foreign Address' refers to the network address of the remote computer or device that your computer is connected to for that specific network service. This command provides information about network connections and network statistics on your system.


 
We will begin by viewing the help information screen by executing the following command:

netstat -h



We will then view all active connections by typing the following:

netstat

 

 


 



We can use netstat to display both local and foreign addresses in numeric IP form using the “-n” parameter.

netstat -n



If we want to view only TCP connections, we need to add the “-t” parameter.

netstat -t



Similary, if we want to view only UDP connections, we need to add the “-u” parameter.

netstat -u



We can combine and operate multiple parameters in a single command as follows;




netstat -tn

 

Let’s look at the figure;

1) This area shows our local IP address and port number for each connection.

2) This field shows our remote IP address and port number for each connection.

3) This area displays the TCP / UDP status of each connection;



 

 


 

 

# LISTEN: represents waiting for a connection request from any remote TCP and port.
 

# SYN-SENT: represents waiting for a matching connection request after having sent a connection request.
 

# SYN-RECEIVED: represents waiting for a confirming connection request acknowledgment after having both received and sent a connection request.
 

# ESTABLISHED: represents an open connection, data received can be delivered to the user.  The normal state for the data transfer phase of the connection.
 

# FIN-WAIT-1: represents waiting for a connection termination request from the remote TCP, or an acknowledgment of the connection termination request previously sent.

# FIN-WAIT-2: represents waiting for a connection termination request from the remote TCP.
 

# CLOSE-WAIT: represents waiting for a connection termination request from the local user.
 

# CLOSING: represents waiting for a connection termination request acknowledgment from the remote TCP.
 

# LAST-ACK: represents waiting for an acknowledgment of the connection termination request previously sent to the remote TCP (which includes an acknowledgment of its connection termination request).
 

# TIME-WAIT: represents waiting for enough time to pass to be sure the remote TCP received the acknowledgment of its connection termination request.
 

# CLOSED: represents no connection state at all.

 

 

 

Disclaimer

All tutorials are for informational and educational purposes only and have been made using our own routers, servers, websites and other vulnerable free resources. we do not contain any illegal activity. We believe that ethical hacking, information security and cyber security should be familiar subjects to anyone using digital information and computers. Hacking Truth is against misuse of the information and we strongly suggest against it. Please regard the word hacking as ethical hacking or penetration testing every time this word is used. We do not promote, encourage, support or excite any illegal activity or hacking.

 


Post a Comment

0 Comments
* Please Don't Spam Here. All the Comments are Reviewed by Admin.
Post a Comment (0)
Our website uses cookies to enhance your experience. Learn More
Accept !