Home > Networking > Example Unix and Windows/Powershell Network Socket Table Commands

Example Unix and Windows/Powershell Network Socket Table Commands

October 7th, 2016

1. What tcp sockets are open?

Unix
netstat -an | egrep -I “^tcp.*LISTEN”
netstat -an | egrep -I “^tcp.*LISTEN” | awk ‘{split($4,a,”:”);print a[2]}’

Powershell
netstat -an | select-string “LISTEN”
netstat -an | select-string “LISTEN” | %{$i=%{$_.Line.Split(“:”)};$j=$i[1] -replace ‘\s+’,’ ‘;$k=$j.Split(” “);$k[0]} | where {$_ -ne “”}

2. What TCP ports are in an ESTABLISHED/LISTEN state

Unix
netstat -an | egrep ESTABLISH
netstat -an | egrep ESTABLISH | awk ‘{split($4,a,”:”);print a[2]}’

Powershell
netstat -an | select-string “ESTABLISHED”
netstat -an | select-string “ESTABLISHED” | %{$i=%{$_.Line.Split(“:”)};$j=$i[1] -replace ‘\s+’,’ ‘;$k=$j.Split(” “);$k[0]} | where {$_ -ne “”}

3. What connections are in some sort of Wait State?

Unix
netstat -an | egrep WAIT
Powershell
netstat -an | select-string “WAIT”

4. How many connections are in some sort of WAIT state?

Unix

netstat –an | egrep WAIT | wc –l
Powershell
netstat -an | select-string “WAIT” | where {$_ -ne “”} | Measure-Object –Line

5. What are the IP address and ports of the remote machines that are in some sort of WAIT state to this machine?

Unix

nestat -an | egrep WAIT | awk ‘{print $4}’
Powershell
netstat -an | select-string “WAIT” | %{$_ -replace ‘\s+’,’ ‘ } | %{$i=$_.Split(” “);$i[3]}

6. What are the IP address (no ports) of the remote machines that are in some sort of WAIT state to this machine?

Unix

netstat -an | egrep WAIT | awk ‘{print($4,a,”:”);print a[1]}’
Powershell
netstat -an | select-string “WAIT” | %{$_ -replace ‘\s+’,’ ‘ } | %{$i=$_.Split(” “);$i[3]} | %{$i=$_.Split(“:”);$i[0]}

7. What are the unique IP address of remote connections in some sort of WAIT state?

Unix
netstat -an | egrep WAIT | awk ‘{split($4,a,”:”);print a[1]}’ | sort -u
Powershell
netstat -an | select-string “WAIT” | %{$_ -replace ‘\s+’,’ ‘ } | %{$i=$_.Split(” “);$i[3]} | %{$i=$_.Split(“:”);$i[0]} | Sort-Object | Get-Unique

Comments are closed.