Imizekelo, ukutshintsha, kunye nokunye
Umyalelo we-netst umyalelo we- Command Prompt umiselwe ukubonisa ulwazi olunzulu malunga nendlela ikhomputha yakho inxibelelana ngayo nezinye iikhomputha okanye izixhobo zonxibelelwano.
Ngokukodwa, umyalelo we-netstat ungabonisa iinkcukacha malunga nokuxhunywa komnatha ngamnye, iinkcukacha ngokubanzi kunye nokulandelelana kwee-protocol, kunye nokunye okuninzi, okukunceda ukujongana neengxaki ezithile.
Ukufumaneka kwe-Netstat Command
Umyalelo we-netst iyatholakala kwi- Command Prompt kwiinguqu ezininzi ze-Windows kuquka i- Windows 10 , i- Windows 8 , i- Windows 7 , i- Windows Vista , i- Windows XP , i-Windows Server inkqubo kunye nezinye iinguqulelo ze-Windows.
Qaphela: Ukufumaneka kwamashishini athile okulawulwa kwe-netstat kunye nezinye i- syntax yomyalelo we-netstat ingahluka kwinkqubo yokusebenza kwinkqubo yokusebenza.
Netstat Command Syntax
net- [ -a ] [ -b ] [ -e ] [ -f ] [ -n ] [ -o ] [ -p protocol ] [ -r ] [ -s ] [ -t ] [ -x ] [ -y ] [ ixesha_evaji ] [ /? ]
Icebiso: Bona indlela yokufunda i-Syntax yokulawula ukuba awuqinisekanga ukuba ungafunda njani i-syntax yomyalelo we-netstu njengoko kuboniswe ngasentla.
Ukufeza umyalelo we-netstu wedwa ukubonisa uluhlu olunzima lwazo zonke i-TCP ezinxulumene nazo eziza kubonisa idilesi ye-IP yangaphakathi (iikhompyutheni yakho), idilesi yangaphandle ye-IP (enye enye icomputer okanye i-device) kunye kunye iinombolo zeenkutha, kunye ne-TCP.
-a = Olu tshintshi lubonakalisa uxhulumano olusebenzayo lwe-TCP, ukudibanisa kwe-TCP kunye nelizwe lokuphulaphula, kunye neenxweme ze-UDP eziphulaphulwayo.
-b = Olu tshintsho lwe-netstat lufana kakhulu ne -o yitshintshi ibhalwe apha ngezantsi, kodwa endaweni yokubonisa i-PID, iya kubonisa igama lenene le fayile. Ukusebenzisa -b phezu -o kunokubonakala ngathi kukulondoloza isinyathelo okanye amabini kodwa ukusebenzisa ngamanye amaxesha kunokwandisa ixesha elithatha i-netstat ukuba liphumelele ngokupheleleyo.
-e = Sebenzisa olu tshintshi ngomyalelo we-netstat ukubonisa amanani malunga noxhumo lwenethiwekhi. Le datha ibandakanya iibhithi, iipakethi ezingabonakaliyo, iipakethi ezingekhoyo, iilahla, iimpazamo, kunye neeprotokholi ezingaziwa ezifunyenwe kwaye zithunyelwe ukususela ekuqaliseni uxhumano.
-f = I-- f inkcazo iya kunyanzelisa umyalelo we-netst ukubonisa iGama eliLungelekileyo leSiza (FQDN) kwiidilesi ze-IP zangaphandle xa kunokwenzeka.
-n = Se benzisa -nkuthintela ukukhusela i-netstat ekuzameni ukufumana amagama amamkeli kwii-IP zamakheli angaphandle. Ngokuxhomekeke kwiinkcukacha zakho zokunxibelelana kweekhnoloji, ukusebenzisa olu tshintsho kunokunciphisa kakhulu ixesha elithathayo ukuze i-netstat isebenze ngokupheleleyo.
-o = Ukhetho olukhethiweyo lwemisebenzi emininzi yokujongana neengxaki, i--o iqhosha libonisa inkqubo yesazisi (PID) edibene nxu lumano olubonisiweyo. Bona umzekelo apha ngezantsi malunga nokusebenzisa i- netstat -o .
-p = Sebenzisa i-- p switch ukubonisa uqhagamshelwano okanye amanani kuphela kwenkqubo ethile. Awukwazi ukuchaza ngaphezulu kweprotocol enye ngexesha, kwaye awukwazi ukwenza i-netstat -p ngaphandle kokuchaza inkqubo .
protocol = Xa ucacisa iprotocol kunye ne-- p inketho, ungasebenzisa i- tcp , udp , tcpv6 , okanye udpv6 . Ukuba usebenzisa -s -- p ukujonga iifomati ngeprotocol, ungasebenzisa icmp , ip , icmpv6 , okanye ipv6 ngaphezu kokuqala kwezine.
-r = Yenza i-netstat kunye -r ukubonisa i-IP yokubamba itafile. Oku kufana nokusebenzisa umyalelo wendlela yokuqhuba ukushicilelwa kwendlela .
-s = I - ikhetho ingasetyenziswa kunye nomyalelo we-netstat ukubonisa iinkcukacha ezilandelelweyo ngeprotocol. Unako ukukhawulela amanani aboniswe kwiprotocol ethile usebenzisa i - option kunye nokucacisa loo protocol , kodwa qiniseka ukusebenzisa -s ngaphambi kwe- protocol xa usebenzisa i-switches ndawonye.
-t = Sebenzisa i-- t switch ukuze ubonise i-TCP yangoku ityala lokutshabalalisa imeko endaweni ye-TCP.
-x = Sebenzisa u-- x ukhetho lokubonisa bonke abaphulaphuli be-NetworkDirect, ukudibanisa kunye neendawo zokugqibela ezabelwana ngazo.
-y = I-itshintsho ingasetyenziselwa ukubonisa i-template yoxhumano lweTCP kuyo yonke inxibelelwano. Awukwazi ukuyisebenzisa -y nayo nayiphi na enye inketho.
ixesha_interval = Eli lixesha, ngemizuzwana, ukuba ungathanda umyalelo we-netst to re-execute ngokuzenzekelayo, ukuyeka kuphela xa usebenzisa iCtrl-C ukuphelisa i-loop.
/? = Sebenzisa itshintsho loncedo ukuze ubonise iinkcukacha malunga nenketho emininzi ye-netstat.
Iphulo: Yenza yonke loo mininingwane ye-netst in line yomyalelo lula ukusebenza kunye nokukhupha oko ubona kwiskrini kwifayili yombhalo usebenzisa i- redirection operator . Jonga indlela yokubuyisela kwakhona umyalelo wokuLawula kwiFayili yemiyalelo epheleleyo.
Imizekelo yeNetstat Command
netstat -f
Kulo mzekelo wokuqala, ndenza i-netstat ukuba ndibonise zonke iinkcukacha ezihambelanayo zeTCP. Nangona kunjalo, ndifuna ukubona iikhomputha ezidibeneyo kwifom yeFQDN [ -f ] endaweni yekheli le-IP elilula.
Nasi umzekelo wento ongayibona:
I-Connections esebenzayo Iproto yaseKhaya Idilesi yangaphandle Idilesi yeSizwe I-TCP 127.0.0.1:5357 I-VM-Windows-7: 49229 I-TIME_WAIT TCP 127.0.0.1:49225 I-VM-Windows-7: 12080 I-TIME_WAIT TCP 192.168.1.14:49194 75.125.212.75:http CLOSE_WAIT TCP 192.168 .1.14: 49196 a795sm.avast.com:http CLOSE_WAIT TCP 192.168.1.14:49197 a795sm.avast.com:http CLOSE_WAIT TCP 192.168.1.14.8929230 I-TIM-PC: iWS_WAIT TCP 192.168.1.14:49231 I-TIM-PC: I-TIM-PC TCP 192.168.1.14:49232 TIM-PC: netbios-ssn TIME_WAIT TCP 192.168.1.14:49233 I-TIM-PC: netbios-ssn I-TIME_WAIT TCP [:: 1]: 2869 VM-Windows-7: 49226 I-TCP [:: 1] : 49226 i-VM-Windows-7: icslap EFANELEKILEYONjengoko ubona, ndandineminyaka eyi-11 edibeneyo ye-TCP xa ndenza i-netstat. Umgaqo-nkqubo kuphela (kwikholam ye Proto ) iboniswe yi-TCP, ekulindelwe kuba andisisebenzisi -a .
Ungabona kwakhona iiseti ezintathu zee-IP kwiikholomu yeNdawo yaseKhaya-idilesi yam ye-IP yangempela ye- 192.168.1.14 kunye neenguqu ze IPv4 kunye ne-IPv6 zamakheli zam loopback , kunye nefowuni nganye inxibelelwano isebenzisa. Ikholomu yeeNdawo zangaphandle i dwelisa i-FQDN ( 75.125.212.75 ayizange isombulule ngesizathu esithile) kunye naloo port.
Ekugqibeleni, ikholomu kaRhulumente ibonisa uluhlu lweTCP lwaloo nxu lumano.
netstat -o
Kulo mzekelo, ndifuna ukuqhuba i-netstat ngokuqhelekileyo ngoko kubonisa kuphela ukusebenzisana kwe-TCP esebenzayo, kodwa ndifuna nokubona inkqubo ehambelana nayo [ -o ] kwisixhamli ngasinye ukuze ndikwazi ukuba yiyiphi inkqubo ekhompyutheni yam.
Nantsi oko ikhompyutha yam ibonakalisiweyo:
I-Connections esebenzayo i-Proto Idilesi yaseKhaya Idilesi yangaphandle I-State PID TCP 192.168.1.14:49194 75.125.212.75:http CLOSE_WAIT 2948 TCP 192.168.1.1449196 a795sm: http CLOSE_WAIT 2948 TCP 192.168.1.14:49197 a795sm: http CLOSE_WAIT 2948Mhlawumbi uqaphele ikholamu entsha yePID . Kule meko, i-PID iyafana enye, nto leyo ithetha ukuba inkqubo efanayo kwikhompyutheni yam yavula le ntengiso.
Ukuchonga ukuba yeyiphi inkqubo emele i-PID ye- 2948 kwikhompyutheni yam, konke okufuneka ndiyenze nguMlawuli oSebenzayo , cofa kwiTebhu zeTebhu, kwaye uqaphele igama lezithombe ezidweliswe ngasemva kwe-PID endiyifunayo kwikholamu ye- PID . 1
Ukusebenzisa umyalelo we-netst nge -o khetho inokuba luncedo kakhulu xa ulandela phantsi inkqubo leyo usebenzisa isabelo esikhulu somda we- bandwidth . Inokukunceda ekufumaneni indawo ekuya kuyo indawo ethile apho i- malware , okanye enye ingqungquthela yesofthiwe, ingathumela ulwazi ngaphandle kwemvume yakho.
Qaphela: Nangona lo mzekelo kunye nomzekelo wangaphambili bobabili basebenza kwikhompyutyana efanayo, kwaye kungengomzuzu nje omnye, unokubona ukuba uluhlu lwe-TCP olusebenzayo ludibanisa kakhulu. Oku kungenxa yokuba ikhomputha yakho ihlala ixhuma, kwaye inqanyulwa ukusuka kwezinye iindixhobo ezahlukeneyo kwinethiwekhi yakho kunye ne-intanethi.
netstat -s -p tcp -fKulo mzekelo wesithathu, ndifuna ukubona iifomati ezithile ezithile --s ] kodwa akuzona zonke, izibalo zeTCP nje [ -p tcp ]. Ndifuna kwakhona iidilesi zangaphandle ziboniswe kwifomathi yeFQDN [ -f ].
Yilokho umyalelo we-netstat, njengoko uboniswe ngasentla, oveliswe kwikhompyutheni yam:
Izibalo ze-TCP ze-IPv4 ezivulekileyo zivula = 77 I-Passive ivulekile = 21 Ukuhluleka kokuxhumeka = 2 Ukulungelelanisa uxhumano = 25 Ukuxhumeka kwangoku: = Amacandelo ama-5 afunyenwe = 7313 Amacandelo athunyelwe = 4824 Amacandelo aphinde avunyelwe = 5 Ukuxhumeka okusebenzayo Proto Idilesi yasekhaya Idilesi yangaphandle I-TCP 127.0.0.1: 2869 VM-Windows-7: 49235 I-TIME_WAIT TCP 127.0.0.1:2869 i-VM-Windows-7: 49238 I-TCP EFAKILEYO 127.0.0.1:49238 I-VM-Windows-7: icslap EYISEBENZISWE TCP 192.168.1.14:49194 75.125.212.75:http CLOSE_WAIT TCP 192.168.1.14:49196 a795sm.avast.com:http CLOSE_WAIT TCP 192.168.1.14:49197 a795sm.avast.com:http CLOSE_WAITNjengoko uyakubona, iinkalo-manani ezahlukeneyo ze-TCP protocol ziboniswa, njengazo zonke idibaniselwano zeTCP ezisebenzayo ngelo xesha.
netstat -e-t 5Kule mzekelo wokugqibela, ndenza umyalelo we-netstat ukubonisa ezinye iinkcukacha zobunxibelelwano bokunxibelelana kweekhonkco [ -e ] kwaye ndifuna ukuba la manani ahlaziye rhoqo kwiwindow yomyalelo yonke imizuzwana emihlanu [ -t 5 ].
Nantsi oku kuveliswa kwisikrini:
I-Interface Izibalo ezifunyenwe yi-Bytes ezithunyelweyo 22132338 1846834 Iipakethi ze-Unicast 19113 9869 Iipakethi ezingekho kwi-unicast 0 0 Iilaphu 0 0 Iiphutha 0 0 Iziphumo ezingaziwayo 0 I-Interface Izibalo ezifunyenwe yi-Byte ezithunyelweyo 22134630 1846834 Iipakethi ezingabonakaliyo 19128 9869 Iipakethi ezingabonakaliyo 0 0 Ukulahla 0 0 Iiphutha 0 0 Andiyazi iinkqubo 0 ^ CIziqendu ezihlukeneyo zolwazi, oza kuzibona apha kwaye ndizibhale kwi--i i-syntax ngasentla, iboniswa.
Ndivumela kuphela umyalelo we-netst execute ngokukhawuleza ixesha elilodwa, njengoko ubona ngeetafile ezimbini kwisiphumo. Phawula i ^ C ngaphantsi, ebonisa ukuba ndasebenzisa umyalelo we-Ctrl-C ukuyeka ukuyeka ukusebenza komyalelo.
Imithetho ehambelana neNetstat
Umyalelo we-netst often usetyenziswa kunye nezinye i-Command Prompt imiyalelo enxulumene ne-intanethi njenge-nslookup, ping , tracert , ipconfig, nabanye.
[1] Unokufuneka udibanise ngesandla ikholomu ye-PID kuMlawuli weMisebenzi. Unokwenza oku ngokukhetha "I-PID (Inkqubo Yesazisi)" ibhokisi yokukhangela evela kwi-View -> Khetha iikholomu kuMlawuli weSebenzi. Unokwenza kwakhona ucofa "Bonisa iinkqubo kubo bonke abasebenzisi" iqhosha kwiNkqubo yeTebhu ukuba i-PID oyifunayo ayibhalisiwe.