When it comes to troubleshooting network-related issues or gaining insight into your system’s network connections, NetStat is a valuable command-line tool for Windows 11 users. NetStat, short for Network Statistics, provides information about network connections, routing tables, interface statistics, masquerade connections, and multicast memberships. In this blog post, we’ll delve into the basics of NetStat, explore its parameters, and discover how to use the FindStr utility in combination with NetStat to filter and analyze network data.
Basics of NetStat
NetStat is a command-line utility that comes pre-installed with Windows 11, making it readily available for users without the need for additional downloads or installations. To access NetStat, open the Command Prompt or PowerShell by searching for them in the Start menu or using the “Windows Key + X” shortcut, and then type “netstat” and hit Enter.
When you run the NetStat command without any parameters, it provides a list of all active network connections and listening ports on your system. This information can be a goldmine for network administrators, security experts, or anyone interested in understanding their system’s network activities.
Explanation of Parameters
NetStat has several parameters that allow you to customize the information it provides. Here are some commonly used parameters:
- -a: Displays all connections and listening ports, including those with no data.
- -n: Shows addresses and port numbers in numerical form instead of resolving hostnames.
- -o: Includes the process ID (PID) of each connection, which can be useful for troubleshooting or monitoring processes related to network activity.
- -b: Displays the name of the executable that initiated the connection. This can be especially helpful for identifying which applications are using the network.
- -f: Provides FQDN (Fully Qualified Domain Name) information for remote addresses, making it easier to identify where the connections are going.
- -r: Shows the routing table of the local machine.
- -s: Displays per-protocol statistics, like TCP, UDP, ICMP, and more.
- -p protocol: Allows you to filter results by specifying the protocol you’re interested in, e.g., -p TCP or -p UDP.
Using FindStr with NetStat
To further refine and analyze the data returned by NetStat, you can use the FindStr command. FindStr is a text-search utility that can filter and extract specific information from the output of other commands, like NetStat.
Here’s an example of how you can use FindStr with NetStat to find specific information, such as all the listening ports on your system:
netstat -an | findstr LISTENING
In this command, we first use NetStat with the -an parameter to list all connections and ports in numeric form. We then pipe the output to FindStr, which searches for the keyword “LISTENING.” This will filter the results to show only the ports that are actively listening for incoming connections.
Conclusion
NetStat is a powerful tool for gaining insights into your system’s network connections, and understanding its parameters can help you extract valuable information. When combined with FindStr, you can efficiently filter and analyze the network data to identify issues, monitor processes, and optimize your network usage. Whether you’re a network administrator, a security enthusiast, or a curious user, NetStat on Windows 11 is a must-know tool for keeping your network operations in check.
Other Posts to Check Out
This post is meant to be a quick overview. Check out the posts below for more information about netstat.
IP and Port Info using NetStat
Sample Output
Below is an a sample of an actual output from NetStat on a real computer. Note the use of the a, n, and o switches. Using these switches shows all connections and listening ports (even those with no data), enables showing all addresses and port numbers in numerical form, and includes the Process ID (PID) of the connection.
C:\>netstat -ano
Active Connections
Proto Local Address Foreign Address State PID
TCP 0.0.0.0:80 0.0.0.0:0 LISTENING 4
TCP 0.0.0.0:135 0.0.0.0:0 LISTENING 1572
TCP 0.0.0.0:445 0.0.0.0:0 LISTENING 4
TCP 0.0.0.0:5040 0.0.0.0:0 LISTENING 6484
TCP 0.0.0.0:5357 0.0.0.0:0 LISTENING 4
TCP 0.0.0.0:6742 0.0.0.0:0 LISTENING 17544
TCP 0.0.0.0:7680 0.0.0.0:0 LISTENING 3292
TCP 0.0.0.0:15150 0.0.0.0:0 LISTENING 46656
TCP 0.0.0.0:49664 0.0.0.0:0 LISTENING 1348
TCP 0.0.0.0:49665 0.0.0.0:0 LISTENING 1244
TCP 0.0.0.0:49666 0.0.0.0:0 LISTENING 2064
TCP 0.0.0.0:49667 0.0.0.0:0 LISTENING 3396
TCP 0.0.0.0:49668 0.0.0.0:0 LISTENING 6320
TCP 0.0.0.0:49671 0.0.0.0:0 LISTENING 1316
TCP 192.168.1.223:139 0.0.0.0:0 LISTENING 4
TCP 192.168.1.223:7680 192.168.1.217:60179 TIME_WAIT 0
TCP 192.168.1.223:7680 192.168.1.217:60181 TIME_WAIT 0
TCP 192.168.1.223:7680 192.168.1.217:60182 TIME_WAIT 0
TCP 192.168.1.223:49287 20.252.32.11:443 ESTABLISHED 55000
TCP 192.168.1.223:49288 52.111.246.13:443 ESTABLISHED 55000
TCP 192.168.1.223:49312 52.109.2.151:443 ESTABLISHED 45764
TCP 192.168.1.223:49313 52.109.2.151:443 ESTABLISHED 45764
TCP 192.168.1.223:49373 96.31.35.219:3306 ESTABLISHED 56984
TCP 192.168.1.223:49374 96.31.35.219:3306 ESTABLISHED 56984
TCP 192.168.1.223:49392 40.96.61.4:443 ESTABLISHED 55000
TCP 192.168.1.223:49414 13.64.180.106:443 ESTABLISHED 6908
TCP 192.168.1.223:49673 52.9.93.236:443 TIME_WAIT 0
TCP 192.168.1.223:49681 104.26.0.8:443 ESTABLISHED 23260
TCP 192.168.1.223:49682 20.50.80.210:443 TIME_WAIT 0
TCP 192.168.1.223:49699 192.168.1.220:53 TIME_WAIT 0
TCP 192.168.1.223:49700 192.168.1.220:53 TIME_WAIT 0
TCP 192.168.1.223:49701 192.168.1.220:53 TIME_WAIT 0
TCP 192.168.1.223:49702 192.168.1.220:53 TIME_WAIT 0
TCP 192.168.1.223:49703 192.168.1.220:53 TIME_WAIT 0
TCP 192.168.1.223:49704 192.168.1.220:53 TIME_WAIT 0
TCP 192.168.1.223:49705 192.168.1.220:53 TIME_WAIT 0
TCP 192.168.1.223:49706 192.168.1.220:53 TIME_WAIT 0
TCP 192.168.1.223:49710 192.168.1.220:53 TIME_WAIT 0
TCP 192.168.1.223:49711 192.168.1.220:53 TIME_WAIT 0
TCP 192.168.1.223:49712 162.250.75.145:443 ESTABLISHED 23260
TCP 192.168.1.223:49713 192.168.1.220:53 TIME_WAIT 0
TCP 192.168.1.223:49715 192.168.1.220:53 TIME_WAIT 0
TCP 192.168.1.223:49716 192.168.1.220:53 TIME_WAIT 0
TCP 192.168.1.223:49718 192.168.1.220:53 TIME_WAIT 0
TCP 192.168.1.223:49720 13.107.21.239:443 ESTABLISHED 23260
TCP 192.168.1.223:49721 192.168.1.220:53 TIME_WAIT 0
TCP 192.168.1.223:49722 192.168.1.220:53 TIME_WAIT 0
TCP 192.168.1.223:49723 13.107.5.80:443 ESTABLISHED 23260
TCP 192.168.1.223:49724 192.168.1.220:53 TIME_WAIT 0
TCP 192.168.1.223:49725 192.168.1.220:53 TIME_WAIT 0
TCP 192.168.1.223:49727 162.250.75.145:443 ESTABLISHED 23260
TCP 192.168.1.223:49728 192.168.1.220:53 TIME_WAIT 0
TCP 192.168.1.223:49729 192.168.1.220:53 TIME_WAIT 0
TCP 192.168.1.223:49731 192.168.1.220:53 TIME_WAIT 0
TCP 192.168.1.223:49732 192.168.1.220:53 TIME_WAIT 0
TCP 192.168.1.223:49734 192.168.1.220:53 TIME_WAIT 0
TCP 192.168.1.223:49735 192.168.1.220:53 TIME_WAIT 0
TCP 192.168.1.223:49737 192.168.1.220:53 TIME_WAIT 0
TCP 192.168.1.223:49738 192.168.1.220:53 TIME_WAIT 0
TCP 192.168.1.223:49739 204.79.197.200:443 ESTABLISHED 23260
TCP 192.168.1.223:49740 192.168.1.220:53 TIME_WAIT 0
TCP 192.168.1.223:49741 192.168.1.220:53 TIME_WAIT 0
TCP 192.168.1.223:49746 192.168.1.220:53 TIME_WAIT 0
TCP 192.168.1.223:49747 192.168.1.220:53 TIME_WAIT 0
TCP 192.168.1.223:49752 192.168.1.220:53 TIME_WAIT 0
TCP 192.168.1.223:49753 192.168.1.220:53 TIME_WAIT 0
TCP 192.168.1.223:49754 192.168.1.220:53 TIME_WAIT 0
TCP 192.168.1.223:49760 192.168.1.220:53 TIME_WAIT 0
TCP 192.168.1.223:49761 192.168.1.220:53 TIME_WAIT 0
TCP 192.168.1.223:49766 192.168.1.220:53 TIME_WAIT 0
TCP 192.168.1.223:49767 192.168.1.220:53 TIME_WAIT 0
TCP 192.168.1.223:49771 192.168.1.220:53 TIME_WAIT 0
TCP 192.168.1.223:49772 192.168.1.220:53 TIME_WAIT 0
TCP 192.168.1.223:49777 192.168.1.220:53 TIME_WAIT 0
TCP 192.168.1.223:49778 192.168.1.220:53 TIME_WAIT 0
TCP 192.168.1.223:49783 192.168.1.220:53 TIME_WAIT 0
TCP 192.168.1.223:49784 192.168.1.220:53 TIME_WAIT 0
TCP 192.168.1.223:49786 192.168.1.220:53 TIME_WAIT 0
TCP 192.168.1.223:49787 192.168.1.220:53 TIME_WAIT 0
TCP 192.168.1.223:49791 192.168.1.220:53 TIME_WAIT 0
TCP 192.168.1.223:49792 192.168.1.220:53 TIME_WAIT 0
TCP 192.168.1.223:49797 192.168.1.220:53 TIME_WAIT 0
TCP 192.168.1.223:49798 192.168.1.220:53 TIME_WAIT 0
TCP 192.168.1.223:49802 192.168.1.220:53 TIME_WAIT 0
TCP 192.168.1.223:49803 192.168.1.220:53 TIME_WAIT 0
TCP 192.168.1.223:49808 20.190.154.161:443 ESTABLISHED 5084
TCP 192.168.1.223:49809 13.107.21.200:443 ESTABLISHED 11464
TCP 192.168.1.223:50864 172.64.147.52:443 ESTABLISHED 23260
TCP 192.168.1.223:55289 20.42.144.52:443 ESTABLISHED 23260
TCP 192.168.1.223:55389 52.239.175.4:443 ESTABLISHED 5084
TCP 192.168.1.223:58077 40.83.247.108:443 ESTABLISHED 5084
TCP 192.168.1.223:58463 192.168.1.28:22 ESTABLISHED 48864
TCP 192.168.1.223:61073 192.168.1.24:445 ESTABLISHED 4
TCP 192.168.1.223:65075 52.111.246.15:443 ESTABLISHED 45764
TCP 192.168.1.223:65156 204.79.197.239:443 ESTABLISHED 23260
TCP 192.168.1.223:65162 51.132.193.104:443 ESTABLISHED 23260
TCP 127.0.0.1:2015 0.0.0.0:0 LISTENING 55184
TCP 127.0.0.1:6742 127.0.0.1:61109 ESTABLISHED 17544
TCP 127.0.0.1:9993 0.0.0.0:0 LISTENING 46656
TCP 127.0.0.1:15150 127.0.0.1:61204 ESTABLISHED 46656
TCP 127.0.0.1:15152 0.0.0.0:0 LISTENING 8428
TCP 127.0.0.1:46933 0.0.0.0:0 LISTENING 7160
TCP 127.0.0.1:46933 127.0.0.1:61202 ESTABLISHED 7160
TCP 127.0.0.1:49674 127.0.0.1:49675 ESTABLISHED 7160
TCP 127.0.0.1:49675 127.0.0.1:49674 ESTABLISHED 7160
TCP 127.0.0.1:61057 127.0.0.1:65001 ESTABLISHED 6924
TCP 127.0.0.1:61109 127.0.0.1:6742 ESTABLISHED 6792
TCP 127.0.0.1:61113 0.0.0.0:0 LISTENING 11236
TCP 127.0.0.1:61113 127.0.0.1:61165 ESTABLISHED 11236
TCP 127.0.0.1:61165 127.0.0.1:61113 ESTABLISHED 25760
TCP 127.0.0.1:61202 127.0.0.1:46933 ESTABLISHED 46656
TCP 127.0.0.1:61204 127.0.0.1:15150 ESTABLISHED 46656
TCP 127.0.0.1:65001 0.0.0.0:0 LISTENING 6924
TCP 127.0.0.1:65001 127.0.0.1:61057 ESTABLISHED 6924
TCP 192.168.56.1:139 0.0.0.0:0 LISTENING 4
TCP [::]:80 [::]:0 LISTENING 4
TCP [::]:135 [::]:0 LISTENING 1572
TCP [::]:445 [::]:0 LISTENING 4
TCP [::]:5357 [::]:0 LISTENING 4
TCP [::]:7680 [::]:0 LISTENING 3292
TCP [::]:15150 [::]:0 LISTENING 46656
TCP [::]:49664 [::]:0 LISTENING 1348
TCP [::]:49665 [::]:0 LISTENING 1244
TCP [::]:49666 [::]:0 LISTENING 2064
TCP [::]:49667 [::]:0 LISTENING 3396
TCP [::]:49668 [::]:0 LISTENING 6320
TCP [::]:49671 [::]:0 LISTENING 1316
TCP [::1]:15150 [::1]:61212 ESTABLISHED 46656
TCP [::1]:61212 [::1]:15150 ESTABLISHED 48184
UDP 0.0.0.0:500 *:* 6868
UDP 0.0.0.0:3702 *:* 4148
UDP 0.0.0.0:3702 *:* 4148
UDP 0.0.0.0:4500 *:* 6868
UDP 0.0.0.0:5050 *:* 6484
UDP 0.0.0.0:5353 *:* 40668
UDP 0.0.0.0:5353 *:* 2712
UDP 0.0.0.0:5353 *:* 23260
UDP 0.0.0.0:5353 *:* 40668
UDP 0.0.0.0:5353 *:* 23260
UDP 0.0.0.0:5353 *:* 23260
UDP 0.0.0.0:5353 *:* 40668
UDP 0.0.0.0:5353 *:* 23260
UDP 0.0.0.0:5353 *:* 40668
UDP 0.0.0.0:5355 *:* 2712
UDP 0.0.0.0:60208 *:* 6924
UDP 0.0.0.0:61197 *:* 2712
UDP 0.0.0.0:61504 *:* 2712
UDP 0.0.0.0:61705 *:* 6320
UDP 0.0.0.0:61811 52.96.119.114:443 55000
UDP 0.0.0.0:65092 *:* 4148
UDP 192.168.1.223:137 *:* 4
UDP 192.168.1.223:138 *:* 4
UDP 192.168.1.223:1900 *:* 14080
UDP 192.168.1.223:2177 *:* 7812
UDP 192.168.1.223:5353 *:* 6924
UDP 192.168.1.223:52882 *:* 14080
UDP 127.0.0.1:1900 *:* 14080
UDP 127.0.0.1:10020 *:* 11236
UDP 127.0.0.1:52883 *:* 14080
UDP 127.0.0.1:54464 *:* 27828
UDP 127.0.0.1:57997 127.0.0.1:57997 3264
UDP 192.168.56.1:137 *:* 4
UDP 192.168.56.1:138 *:* 4
UDP 192.168.56.1:1900 *:* 14080
UDP 192.168.56.1:2177 *:* 7812
UDP 192.168.56.1:5353 *:* 6924
UDP 192.168.56.1:52881 *:* 14080
UDP [::]:500 *:* 6868
UDP [::]:3702 *:* 4148
UDP [::]:3702 *:* 4148
UDP [::]:4500 *:* 6868
UDP [::]:5353 *:* 23260
UDP [::]:5353 *:* 40668
UDP [::]:5353 *:* 40668
UDP [::]:5353 *:* 23260
UDP [::]:5353 *:* 2712
UDP [::]:5355 *:* 2712
UDP [::]:60209 *:* 6924
UDP [::]:61197 *:* 2712
UDP [::]:61504 *:* 2712
UDP [::]:61706 *:* 6320
UDP [::]:65093 *:* 4148
UDP [::1]:1900 *:* 14080
UDP [::1]:5353 *:* 6924
UDP [::1]:52880 *:* 14080
UDP [fe80::af1a:57e2:2e48:a884%17]:1900 *:* 14080
UDP [fe80::af1a:57e2:2e48:a884%17]:2177 *:* 7812
UDP [fe80::af1a:57e2:2e48:a884%17]:52879 *:* 14080
UDP [fe80::dcb6:15f0:4c70:74ae%11]:1900 *:* 14080
UDP [fe80::dcb6:15f0:4c70:74ae%11]:2177 *:* 7812
UDP [fe80::dcb6:15f0:4c70:74ae%11]:52878 *:* 14080