Baran Topal

Baran Topal

May 2024
M T W T F S S
« Feb    
 12345
6789101112
13141516171819
20212223242526
2728293031  

Categories

Copyright © Baran Topal. 2024 • All rights reserved.

Cedar WordPress Theme by EckoThemes. Published with WordPress.

netstat and nslookup

baranbaran 
I am tired of googling netstat and nslookup commands to probe a IP, port or a domain. So, I put the following example to remind myself. :)

Microsoft Windows [Version 6.1.7601]
Copyright (c) 2009 Microsoft Corporation.  All rights reserved.

C:\Users\baran>netstat -an | findstr /c:":21"

C:\Users\baran>netstat -an | findstr /c:":80"
  TCP    0.0.0.0:80             0.0.0.0:0              LISTENING
  TCP    192.168.0.13:49702     23.13.247.90:80        ESTABLISHED
  TCP    192.168.0.13:53878     216.58.209.130:80      ESTABLISHED
  TCP    192.168.0.13:54420     195.142.105.13:80      TIME_WAIT
  TCP    192.168.0.13:54421     195.142.105.13:80      TIME_WAIT
  TCP    192.168.0.13:54422     195.142.105.13:80      TIME_WAIT
  TCP    192.168.0.13:54423     195.142.105.13:80      TIME_WAIT
  TCP    192.168.0.13:54424     172.217.22.162:80      ESTABLISHED
  TCP    192.168.0.13:54425     23.46.112.94:80        TIME_WAIT
  TCP    192.168.0.13:54426     23.46.112.94:80        TIME_WAIT
  TCP    192.168.0.13:54427     216.58.209.98:80       TIME_WAIT
  TCP    192.168.0.13:54462     52.17.249.178:80       CLOSE_WAIT
  TCP    192.168.0.13:61271     67.227.172.122:80      CLOSE_WAIT
  TCP    192.168.0.13:64062     85.111.27.88:80        ESTABLISHED
  TCP    192.168.0.13:64144     104.84.152.81:80       ESTABLISHED
  TCP    192.168.0.13:64399     38.90.226.28:80        CLOSE_WAIT
  TCP    [::]:80                [::]:0                 LISTENING

C:\Users\baran>nslookup 216.58.209.130
Server:  anyresolver2.comhem.se
Address:  83.255.255.2

Name:    arn09s05-in-f2.1e100.net
Address:  216.58.209.130

C:\Users\baran>nslookup arn09s05-in-f2.1e100.net
Server:  anyresolver2.comhem.se
Address:  83.255.255.2

Non-authoritative answer:
Name:    arn09s05-in-f2.1e100.net
Address:  216.58.209.130

C:\Users\baran>

Another cmd snippet to start and stop the FTP service:



C:\Users\baran>netstat -an | findstr /c:":21"

C:\Users\baran>net stop "Microsoft FTP Service"
The Microsoft FTP Service service is stopping..
The Microsoft FTP Service service was stopped successfully.

C:\Users\baran>netstat -an | findstr /c:":21"

C:\Users\baran>net start "Microsoft FTP Service"
The Microsoft FTP Service service is starting.
The Microsoft FTP Service service was started successfully.

C:\Users\baran>netstat -an | findstr /c:":21"

Another neat trick is the following:


C:\Users\baran.topal>netstat -aon | findstr 0.0:8080
  TCP    0.0.0.0:8080           0.0.0.0:0              LISTENING       2876

With this, you can trace the process id (2876) from task manager that runs the port 8080.

Technology