In this article I will explain a few common and useful utilities for network and operating systems in general.

 

Netstat

 

The main purpose of netstat is to give a quick general overview of the connections the system is using. Plus information such as, the protocol typically TCP/UDP or the current status state.

 

 

Open a DOS prompt {start-run-cmd}. Then type “netstat” you’ll see output like the following

 

You can further specify the output by using different flags. Filtering by either TCP or UDP are common. The syntax may differ slightly depending on the operating system. For example on my OS X system it’s: netstat –p tcp

 

 

 

The various connection states are:

 

ESTABLISHED – Both hosts are connected.

CLOSING – The remote host has agreed to close its connection.

LISTENING – Your computer is waiting to handle an incoming connection.

SYN_RCVD – A remote host has asked for you to start a connection.

SYN_SENT – Your computer has accepted to start a connection.

LAST_ACK – Your computer needs to obliterate the packets before closing the connection.

TIMED_WAIT – See above.

CLOSE_WAIT – The remote host is closing its connection with your computer.

FIN_WAIT 1 – A client is closing its connection.

FIN_WAIT 2 – Both hosts have agreed to close the connection.

To view the complete list of flags supported by netstat. On Windows type: “netstat /?”. Under Linux/OSX you can use “man netstat” which gives a detailed description of all the options.

It is also very useful for checking for any possible undesired programs or viruses that you might suspect. Typically they will try to establish out going connections.

 

TOP command

 

The TOP command is native to unix type operating systems such as Linux and OS X. It shows all the processes currently running

 

 

 

To sort by memory usage: press M

 

You can filter processes for a specific user by using the –u flag. i.e: $ top –u root

 

One of my most used flags is the –k (or kill). This is very useful for terminating a program or process that has locked up or otherwise won’t close by normal means.

 

Once you’ve located a process that needs to be killed, press ‘k’ which will ask for the process id, and signal to send.  Note: some kill processes by not be successful, unless you have proper permission to. Such as under the root/super user account

 

PID to kill: 1309 Kill PID 1309 with signal [15]: PID USER      PR  NI  VIRT  RES  SHR S %CPU %MEM    TIME+  COMMAND  1309 geek   23   0 2483m 1.7g  27m S    0 21.8  45:31.32 gagent  1882 geek   25   0 2485m 1.7g  26m S    0 21.7  22:38.97 gagent  5136 root    16   0 38040  14m 9836 S    0  0.2   0:00.39 nautilus

 

There are many flags that can be used under TOP. Which can be fully covered in-depth with a single article. I would encourage you to look through the manual “man top” or with a Google search.

 

Until next time I hope you may find this article informative.