Linux Networking


Netstat stands for network statistics. Network sockets can either be connected or waiting for a connection. The connections use networking protocols like  Transport Control Protocol (TCP) or User Datagram Protocol UDP. They use Internet Protocol addresses and network ports to establish connections.

Sockets have two main states: They are either connected and facilitating an ongoing network communication, or they are waiting for an incoming connection to connect to them.  There are other states, such as the state when a socket is midway through establishing a connection on a remote device, but putting transient states aside, you can think of a socket as either being connected or waiting (which is often called listening).

The listening socket is called the server, and the socket that requests a connection with the listening socket is called a client. These names have nothing to do with hardware or computer roles. They simply define the role of each socket at each end of the connection.

The netstat command lets you discover which sockets are connected and which sockets are listening. Meaning, it tells you which ports are in use and which processes are using them. It can show you routing tables and statistics about your network interfaces and multicast connections.

The functionality of netstat has been replicated over time in different Linux utilities, such as ip and ss. It’s still worth knowing this granddaddy of all network analysis commands, because it is available on all Linux and Unix-like operating systems, and even on Windows and Mac.

netstat -a 

The ‘-a’ option is used to display all the existing connections.

netstat- a

netstat -at

To display only the TCP connection, execute the command with the ‘t’

netstat- at

netstat -au

To display only UDP connection, execute it with ‘u’ option 

netstat -au


netstat -tnl  

The listening connections are such connections that are available for connection requests. Any network process keeps an open port for the listening incoming connection requests.

netstat -tnl


netstat -rn  

The ‘r’ option is used to display the kernel routing information. It will display the same output as route command.

netstat -rn


netstat -i 

We can also display information about the network interfaces by using the netstat command. To display the network interfaces, execute the command with ‘i’ option

netstat -i


netstat -ct 

To display the netstat output continuously, execute the command with the ‘c’ option

netstat -ct



This command is also used to find DNS related query.

nslookup {domainName}




host command displays domain name for given IP address or vice-versa. It also performs DNS lookups related to the DNS query.

host {hostname}

host -t ns

The ‘ns’ option with ‘-t’ arguments are used to display the domain name servers.

host -t ns {hostname}



curl is a tool to transfer data from or to a server, using one of the supported protocols (DICT, FILE, FTP, FTPS, GOPHER, HTTP, HTTPS, IMAP, IMAPS, LDAP, LDAPS, MQTT, POP3, POP3S, RTMP, RTMPS, RTSP, SCP, SFTP, SMB, SMBS, SMTP, SMTPS, TELNET and TFTP). The command is designed to work without user interaction.

curl {option} {url}



Subscribe To Our Newsletter
You will receive our latest post and tutorial.
Thank you for subscribing!


Leave a Reply

Your email address will not be published. Required fields are marked *