Indlela yokusebenzisa i-Netstat Command

Izibonelo, ukushintsha, nokuningi

Umyalo we-netstat ngumyalo we- Command Prompt osetshenziselwa ukubonisa ulwazi oluningiliziwe mayelana nendlela ikhomputha yakho ekhuluma ngayo namanye amakhompyutha noma amadivayisi wenethiwekhi.

Ngokuqondile, umyalo we-netstat ungabonisa imininingwane mayelana nokuxhumeka kwenethiwekhi ngayinye, izibalo zokuxhumana zenethiwekhi jikelele kanye nokunye okuningi, konke okungasiza ukuxazulula izinkinga ezithile zokuxhumana.

Ukutholakala kwe-Netstat Command

Umyalo we-netstat utholakala ngaphakathi kwe- Command Prompt ezinhlokweni eziningi ze-Windows kufaka phakathi i- Windows 10 , i- Windows 8 , i- Windows 7 , i- Windows Vista , i- Windows XP , i-Windows Server izinhlelo zokusebenza , nezinye izinguqulo ezindala ze-Windows, futhi.

Qaphela: Ukutholakala kwamashintshi athile we-netstat nomyalo we-netstat we- syntax ungahluka kusuka ohlelweni lokusebenza kuya ohlelweni lokusebenza.

I-Netstat Command Syntax

inqubo ye- [ -a ] [ -b ] [ -e ] [ -f ] [ -n ] [ -o ] [ -s ] [ -s ] [ -s ] [ -t ] [ -x ] [ -y ] [ isikhathi_ngaphakathi ] [ /? ]

Ithiphu: Bheka ukuthi Ungafunda kanjani i-Syntax ye-Command uma ungaqiniseki ukuthi ungafunda kanjani i-syntax yomyalo we-netstat njengoba kuboniswe ngenhla.

Yenza umyalo we-netst kuphela wukubonisa uhlu olulula kakhulu lwawo wonke ama-TCP asebenzayo okuxhunyanisiwe, okuzokodwa, azobonisa ikheli le-IP lendawo (ikhompyutha yakho), ikheli le-IP langaphandle (enye ikhompyutha noma idivayisi yenethiwekhi), kanye nabo izinombolo zechwep, kanye nombuso we-TCP.

-a = Lo mshini ubonisa ukuxhumana okusebenzayo kwe-TCP, ukuxhumana kwe-TCP nezwe lokulalela, kanye namachweba akwa-UDP alalelwa.

-b = Lokhu kushintshaniswa kwe-netstat kufana kakhulu ne -o ukushintsha okubalulwe ngezansi, kodwa esikhundleni sokubonisa i-PID, izobonisa igama lefayela eliyilo le nqubo. Ukusebenzisa -b over -o kungase kubonakale sengathi kukulondoloza isinyathelo noma ezimbili kodwa ukusebenzisa ngezinye izikhathi kungandisa kakhulu isikhathi esithatha i-netstat ukuba iphumelele ngokugcwele.

-e = Sebenzisa lo mshini ngomyalo we-netstat ukukhombisa izibalo mayelana nokuxhumeka kwenethiwekhi yakho. Le datha ifaka ama-byte, amaphakethe we-unicast, amaphakethe angewona amaconsi, ama-discard, amaphutha, kanye nezivumelwano ezingaziwa ezitholiwe futhi zithunyelwe kusukela ukuxhumeka kusungulwe.

-f = I-- f switch izophoqa umyalo we-netstat ukuthi ubonise igama le- Domain elifanelekile ngokuphelele (i-FQDN) kwamakheli we-IP angaphandle angakhona.

-n = Sebenzisa i -n ukushintsha ukuvimbela i-netstat ekuzameni ukunquma amagama we-host for amakheli we-IP angaphandle. Kuye ngokuxhumeka kwenethiwekhi yakho yamanje, ukusebenzisa lo mshini kunganciphisa isikhathi esithathayo ukuze i-netstat isebenze ngokuphelele.

-o = Okukhethwa kukho okunamandla emisebenzini eminingi yokuxazulula izinkinga, i -o ishintshi ibonisa isihlonzi senqubo (i-PID) ehlotshaniswa nokuxhumeka okubonisiwe. Bheka isibonelo ngezansi ukuze uthole okuningi mayelana nokusebenzisa netstat -o .

-p = Sebenzisa i-- p switch ukukhombisa ukuxhumana noma izibalo kuphela ngenqubo ethile. Awukwazi ukuchaza ngaphezulu kweyodwa protocol ngesikhathi esisodwa, futhi awukwazi ukwenza netstat nge -p ngaphandle kokuchaza iprotocol .

protocol = Uma ucacisa iphrothotho nge-- p inketho, ungasebenzisa i- tcp , udp , tcpv6 , noma udpv6 . Uma usebenzisa -s-- p ukubuka izibalo nge-protocol, ungasebenzisa i- icmp , ip , icmpv6 , noma i- ipv6 ngaphezu kwezine zokuqala engishilo .

-r = Yenza i-netstat nge -r ukukhombisa ithebula le-IP yokuhamba. Lokhu kufana nokusebenzisa umyalo womzila wokukhipha ukuphrinta komzila .

-s = I --s option ingasetshenziswa ngomyalo we-netstat ukuze ubonise izibalo eziningi ngokulandela umthetho. Ungakwazi ukukhawulela izibalo eziboniswe kwinqubo ethile ngokusebenzisa i --s option bese ucacisa leyo protocol , kodwa qiniseka ukusebenzisa -s ngaphambi -p protocol uma usebenzisa ukushintshana ndawonye.

-t = Sebenzisa i -t switch ukuze ubonise isimo samanje se-TCP isilawuli esilahlayo esikhundleni sombuso we-TCP obonisiwe.

-x = Sebenzisa inketho ye-- x ukuze ubonise bonke abalaleli be-NetworkDirect, ukuxhumeka, kanye nama-endpoints abelwe ngawo.

-y = I-i-switch ingasetshenziswa ukukhombisa ithemplate yokuxhumeka kwe-TCP yazo zonke ukuxhumana. Awukwazi ukusebenzisa -y nganoma iyiphi enye inketho ye-netstat.

isikhathi_interval = Lesi yisikhathi, ngemizuzwana, ukuthi ungathanda umyalo we-netstat ukuthi uphinde usebenze ngokuzenzekelayo, ukuma kuphela uma usebenzisa i- Ctrl-C ukuqeda loop.

/? = Sebenzisa inkinobho yokusiza ukuze ubonise imininingwane mayelana nezinketho eziningana zomyalo we-netstat.

Ithiphu: Yenza yonke imininingwane ye-netstat emgqeni wokulayela isebenze kalula ngokukhipha lokho okubonayo esikrinini kufayili yombhalo usebenzisa umqhubi we- redirection . Bheka ukuthi Ungabuyekeza kanjani ukulayisha okuphuma ku-Ifayela ukuze uthole imiyalelo ephelele.

Izibonelo ze-Netstat Command

netstat -f

Kulesi sibonelo sokuqala, ngenza i-netstat ukukhombisa wonke uxhumano lwe-TCP olusebenzayo. Kodwa-ke, ngifuna ukubona amakhompyutha engixhumeke kuwo kwifomethi ye-FQDN [ -f ] esikhundleni sekheli le-IP elilula.

Nasi isibonelo salokho ongase ubone:

Ukuxhumana Okusebenzayo I-Proto Ikheli Lendawo Ikheli Langaphandle Ikheli Lombuso I-TCP 127.0.0.1:5357 VM-Windows-7: 49229 I-TIME_WAIT TCP 127.0.0.1:49225 VM-Windows-7: 12080 TIME_WAIT TCP 192.168.1.14:49194 75.125.212.75:http CLOSE_WAIT TCP 192.168 .1.14: 49196 a795sm.avast.com:http CLOSE_WAIT TCP 192.168.1.14:49197 a795sm.avast.com:http CLOSE_WAIT TCP 192.168.1.14:49230 I-TIM-PC: wsd TIME_WAIT TCP 192.168.1.14:49231 I-TIM-PC: icslap EYISIKHATHI I-TCP 192.168.1.14:49232 I-TIM-PC: netbios-ssn TIME_WAIT TCP 192.168.1.14:49233 I-TIM-PC: netbios-ssn TIME_WAIT TCP [:: 1]: 2869 VM-Windows-7: 49226 I-TCP EPHAKILE [:: 1] : 49226 VM-Windows-7: icslap KUSETSHENZISWE

Njengoba ubona, nginezixhumanisi ezingu-11 ezisebenzayo ze-TCP ngesikhathi ngenza i-netstat. I-protocol kuphela (ekhompyutheni ye- Proto ) efakwe ku-TCP, okwakulindelwe ngoba angizange ngiyisebenzise -a .

Ungabona futhi amaqoqo amathathu ekheli le-IP kukholomu yekheli lendawo-ikheli lami langempela le-IP le- 192.168.1.14 kanye nezinguqulo zombili ze-IPv4 ne-IPv6 zamakheli wami we- loopback , kanye nechweba ukuxhumana okunye okukusebenzisayo. Ikholomu Yekheli Langaphandle libala ukuthi i-FQDN ( 75.125.212.75 ayizange ixazulule ngesizathu esithile) kanye nalolo dolobha.

Ekugcineni, ikholomu likahulumeni libala isimo se-TCP salolu xhumano oluthile.

netstat -o

Kulesi sibonelo, ngifuna ukusebenzisa i-netstat ngokujwayelekile ngakho kubonisa kuphela ukuxhumana okusebenzayo kwe-TCP, kodwa futhi ngifuna ukubona isihlonzi senqubo ehambisanayo [ -o ] kokuxhumeka ngalunye ngakho ngiyakwazi ukubona ukuthi iyiphi ikhompiyutha yami eqalisiwe ngayinye.

Nansi ikhompyutha yami ebonisiwe:

Ukuxhumana Okusebenzayo I-Proto Ikheli Lendawo Ikheli Langaphandle I-State PID TCP 192.168.1.14:49194 75.125.212.75:http CLOSE_WAIT 2948 TCP 192.168.1.14:49196 a795sm: http CLOSE_WAIT 2948 TCP 192.168.1.14:49197 a795sm: http CLOSE_WAIT 2948

Cishe uqaphele ikholomu entsha ye- PID . Kulokhu, ama-PID afana, okusho ukuthi uhlelo olufanayo kwikhompyutheni yami luvule lezi zixhumanisi.

Ukuze unqume ukuthi yiluphi uhlelo olumelelwa i-PID ka- 2948 kwikhompyutheni yami, konke okufanele ngiyenze ivuliwe Umphathi we-Task , chofoza kuthebhu yezinqubo , bese uqaphela igama lezithombe elidweliswe eduze kwe-PID Ngibheke kukholomu ye- PID . 1

Ukusebenzisa umyalo we-netstat ne--o inketho ingaba usizo kakhulu uma ulandela phansi uhlelo olusebenzisa ukwabelana okukhulu kakhulu kwe- bandwidth yakho. Kungasiza futhi ukuthola indawo okuyo kuyo lapho uhlobo oluthile lwe- malware , noma ngisho nenye ingxenye yesofthiwe esemthethweni, kungenzeka ukuthi ithumele ulwazi ngaphandle kwemvume yakho.

Qaphela: Nakuba lesi sibonelo kanye nesibonelo esidlule bobabili begijima kukhompyutha efanayo, futhi kungakapheli iminithi komunye nomunye, ungabona ukuthi uhlu lwe-TCP olusebenzisanayo luhluke kakhulu. Lokhu kungenxa yokuthi ikhompyutha yakho ihlale ixhuma, futhi ixhuma kusuka, amanye amadivaysi ahlukahlukene kwinethiwekhi yakho nakuwebhusayithi.

netstat -s -p tcp -f

Kulesi sibonelo sesithathu, ngifuna ukubona izibalo ezithile zomthetho [ -s ] kodwa hhayi zonke, izibalo ze-TCP kuphela [ -p tcp ]. Ngifuna futhi amakheli angaphandle aboniswe kwifomethi ye-FQDN [ -f ].

Yilokho umyalo we-netstat, njengoba kuboniswe ngenhla, owenziwe kwikhompyutha yami:

Izibalo ze-TCP ze-IPv4 Active ivulekile = 77 I-Passive ivula = 21 Ukuhluleka kokuxhumeka kwe-Connections = 2 Ukusetha kabusha ukuxhumeka = 25 Ukuxhumeka kwamanje = Izigaba ezingu-5 ezitholiwe = 7313 Izigaba ezithunyelwe = 4824 Amagceke abuyele emuva = 5 Ukuxhumeka okusebenzayo I-Proto Ikheli Lendawo Ikheli Langaphandle I-State TCP 127.0.0.1: 2869 VM-Windows-7: 49235 I-TIME_WAIT TCP 127.0.0.1:2869 I-VM-Windows-7: 49238 I-TCP ESIKHETHEKILE 127.0.0.1:49238 VM-Windows-7: icslap I-TCP EFANELE 192.168.1.14:49194 75.125.212.75:http CLOSE_WAIT TCP 192.168.1.14:49196 a795sm.avast.com:http CLOSE_WAIT TCP 192.168.1.14:49197 a795sm.avast.com:http CLOSE_WAIT

Njengoba ubona, izibalo ezehlukene ze-TCP protocol ziboniswa, njengoba nazo zonke izixhumanisi ezisebenzayo ze-TCP ngaleso sikhathi.

netstat -e-t 5

Kulesi sibonelo sokugcina, ngenza umyalo we-netstat ukukhombisa ezinye izibalo zokuxhumana zesikhungiso se-network [ -e ] futhi ngifuna ukuthi lezi zibalo zivuselelwe njalo efasiteleni lomyalo njalo ngemizuzwana emihlanu [ -t 5 ].

Nakhu okukhiqizwa esikrinini:

I-Interface Izibalo Ezifunyenwe I-Bytes Ethunyelwe 22132338 1846834 Amaphakethe we-Unicast 19113 9869 Amaphakethe angewona ama-unicast 0 0 Alahleka 0 0 Amaphutha 0 0 Izivumelwano ezingaziwa 0 Isikhombisi-Isibalo Izibalo ezitholwe ngamabhayithi athunyelwe 22134630 1846834 Amaphakethe a-Unicast 19128 9869 Amaphakethe angabonwanga 0 0 Alahleka 0 0 Amaphutha 0 0 Angaziwa Izivumelwano 0 ^ C

Izingcezu eziningi zolwazi, ongabona lapha futhi engibhale kuzo -i- syntax ngenhla, ziboniswa.

Ngivumela kuphela umyalo we-netstat ukwenza ngokuzenzakalelayo isikhathi esisodwa esengeziwe, njengoba ungabona ngamatafula amabili kulo mphumela. Qaphela i- ^ C ngezansi, ebonisa ukuthi ngisebenzise umyalo we-Ctrl-C wokuyeka ukuyeka ukusebenza komyalo.

Izimiso Ezihlobene Ne-Netstat

Umyalo we-netstat uvame ukusetshenziselwa neminye imiyalo ehlobene ne-Command Prompt efana ne-network like nslookup, ping , tracert , ipconfig, nabanye.

[1] Kungadingeka ukuthi ufake ngesandla ikholomu ye-PID kumphathi wezinkampani. Ungakwenza lokhu ngokukhetha i- "PID (Process Identifier)" ibhokisi lokuhlola elivela ku-Buka -> Khetha Amakholomu kuMphathi Wezinkampani. Ungase futhi uchofoze inkinobho ethi "Bonisa izinqubo kubo bonke abasebenzisi" kuthebhu yezinqubo uma i-PID oyifunayo ayibhalisiwe.