If your computer sometimes receives datagrams that cause erroneous data or failures, you don't have to be surprised that TCP/IP can tolerate these types of errors and automatically resend datagrams. But if the cumulative number of error conditions is a significant percentage of the received IP datagram, or if its number is increasing rapidly, then you should use Netstat to find out why this is happening. Making good use of some basic commands of netstat can often play a big role in protecting network security. The functions of the following commands are very prominent.
Detecting network connections
If you suspect that someone has installed a Trojan on your computer, or if you have a virus, but you don't have a comprehensive tool to detect if this is the case, you can use Windows. Take a network command to see who is connecting to your computer. The specific command format is: netstat -an This command can see all the IPs that are connected to the local computer. It contains four parts ——proto (connection method), local address (local connection address), foreign address (and Locally established connection address), state (current port status). With the details of this command, we can fully monitor the connection on the computer to achieve the purpose of controlling the computer.
We enter the following at the command prompt: netstat -a shows all ports currently open on your computer, netstat -s -e shows your network details in more detail, including TCP, UDP, ICMP and IP Statistics may have been seen by everyone. Have you ever thought about the level of understanding of Vista, Windows 7 display protocol statistics and current TCP /IP network connection knowledge?
Xiaobian special finishing netstat command usage is as follows (Hint: which is arranged in the order of ab) &mdash ;—
NETSTAT: Vista/Windows7 displays protocol statistics and current TCP/IP network connections. You can run netstat directly without parameters, as shown in the figure:
NETSTAT [-a] [-b] [-e] [-f] [-n] [-o] [-p proto] [-r] [- s] [-t] [interval]
-a Show all connections and listening ports.
-b Displays the executables involved in creating each connection or listening port. In some cases, an executable program is known to host multiple independent components, in which case the sequence of components involved in creating a connection or listening port is displayed. In this case, the name of the executable is at the bottom [], and the component it calls is at the top until it reaches TCP/IP. Note that this option can be time consuming and can fail if you do not have sufficient permissions.
-e Displays Ethernet statistics. This option can be combined with the -s option.
-f Displays the fully qualified domain name (FQDN) of the external address.
-n Displays the address and port number in numeric form.
-o Shows the process IDs associated with each connection.
-p proto Displays the connection of the protocol specified by proto; proto can be any of the following: TCP, UDP, TCPv6 or UDPv6. If used with the -s option to display statistics for each protocol, proto can be any of the following: IP, IPv6, ICMP, ICMPv6, TCP, TCPv6, UDP, or UDPv6.
-r Displays the routing table.
-s Displays statistics for each protocol. By default, statistics for IP, IPv6, ICMP, ICMPv6, TCP, TCPv6, UDP, and UDPv6 are displayed; the -p option can be used to specify the default subnet.
-t Displays the current connection uninstall status.
interval Redisplays the selected statistics, the number of seconds between pauses between displays. Press CTRL+C to stop redisplaying statistics.