Scribd Logo
Unggah

Selamat datang di Scribd!

  • Cara Menggunakan Netstat Di LINUX

    Diunggah oleh

    Nurun Nisa
    584 tayangan8 halaman
    Netstat adalah perintah yang digunakan untuk menampilkan informasi lalu lintas jaringan dan statistik protokol. Ia dapat menunjukkan port yang terbuka, koneksi aktif, dan statistik penerimaan/pengiriman paket TCP/IP dan protokol lainnya. Netstat memungkinkan pengguna untuk memonitor dan men-debug lalu lintas jaringan.

    Deskripsi Asli:

    Hak Cipta

    © Attribution Non-Commercial (BY-NC)

    Format Tersedia

    PDF, TXT atau baca online dari Scribd

    Apakah menurut Anda dokumen ini bermanfaat?

    Apakah konten ini tidak pantas?

    Laporkan Dokumen Ini
    Netstat adalah perintah yang digunakan untuk menampilkan informasi lalu lintas jaringan dan statistik protokol. Ia dapat menunjukkan port yang terbuka, koneksi aktif, dan statistik penerimaan/pengiriman paket TCP/IP dan protokol lainnya. Netstat memungkinkan pengguna untuk memonitor dan men-debug lalu lintas jaringan.

    Hak Cipta:

    Attribution Non-Commercial (BY-NC)
    Unduh sebagai PDF, TXT atau baca online dari Scribd
    Tandai sebagai konten tidak pantas
    584 tayangan8 halaman

    Cara Menggunakan Netstat Di LINUX

    Diunggah oleh

    Nurun Nisa
    Netstat adalah perintah yang digunakan untuk menampilkan informasi lalu lintas jaringan dan statistik protokol. Ia dapat menunjukkan port yang terbuka, koneksi aktif, dan statistik penerimaan/pengiriman paket TCP/IP dan protokol lainnya. Netstat memungkinkan pengguna untuk memonitor dan men-debug lalu lintas jaringan.

    Hak Cipta:

    Attribution Non-Commercial (BY-NC)
    Unduh sebagai PDF, TXT atau baca online dari Scribd
    Tandai sebagai konten tidak pantas
    dari 8

    Netstat kependekan dari Network Statistik, adalah sebuah tool yang berfungsi untuk menampilkan informasi lalu lintas

    transfer data dalam sebuah jaringan komputer. Baik itu transfer data yang keluar masuk di dalam jaringan maupun informasi routing table dan informasi interface jaringan bisa di tampilkan menggunakan command netstat ini. Pada kesempatan ini saya akan berbagi beberapa command netstat yang bisa anda gunakan dan anda coba. 1. Menampilkan semua port yang sedang terbuka, baik itu both listening dan non listening ports menampilkan semua port yang terbuka dengan netstat -a
    root@smasa:~# netstat -a Active Internet connections (servers and established) Proto Recv-Q Send-Q Local Address Foreign Address State tcp 0 0 *:3128 *:* LISTEN tcp 0 0 localhost:953 *:* LISTEN tcp 0 0 *:221 *:* LISTEN tcp 0 0 localhost:mysql *:* LISTEN tcp 0 0 *:http-alt *:* LISTEN tcp 0 0 smasa:domain *:* LISTEN tcp 0 0 192.168.1.2:domain *:* LISTEN tcp 0 0 localhost:domain *:* LISTEN tcp 0 0 smasa:3128 192.168.0.121:2719 ESTABLISHED Active UNIX domain sockets (servers and established) Proto RefCnt Flags Type State I-Node Path unix 2 [ ACC ] STREAM LISTENING 5634 /var/run/clamav/clamd.ctl unix 2 [ ACC ] STREAM LISTENING 4868 /var/run/mysqld/mysqld.sock unix 2 [ ACC ] STREAM LISTENING 3114 @/com/ubuntu/upstart unix 2 [ ] DGRAM 3172 @/org/kernel/udev/ude

    Menampilkan semua TCP port yang terbuka dengan netstat at


    root@smasa:~# netstat -at Active Internet connections (servers and established) Proto Recv-Q Send-Q Local Address tcp tcp tcp tcp tcp tcp tcp tcp tcp tcp tcp 0 0 0 0 0 0 0 0 0 0 0 0 *:3128 0 localhost:953 0 *:221 0 localhost:mysql 0 *:http-alt 0 smasa:domain 0 192.168.1.2:domain 0 localhost:domain 0 localhost:41033 0 smasa:3128 0 smasa:3128 Foreign Address *:* *:* *:* *:* *:* *:* *:* *:* localhost:http-alt 192.168.0.121:2719 192.168.0.121:2722 State LISTEN LISTEN LISTEN LISTEN LISTEN LISTEN LISTEN LISTEN ESTABLISHED ESTABLISHED ESTABLISHED

    tcp tcp tcp tcp tcp tcp tcp tcp tcp tcp tcp tcp tcp tcp tcp tcp tcp tcp tcp tcp tcp tcp tcp tcp tcp tcp tcp tcp tcp tcp tcp tcp

    0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0

    0 smasa:3128 0 localhost:http-alt 0 smasa:3128 0 smasa:3128 0 192.168.1.2:54349 0 192.168.1.2:52098 0 smasa:3128 0 192.168.1.2:40230 0 smasa:3128 0 smasa:3128 0 192.168.1.2:36686 0 localhost:http-alt 0 192.168.1.2:54348 0 192.168.1.2:47032 0 smasa:3128 0 192.168.1.2:54351 0 192.168.1.2:49172 0 smasa:3128 0 smasa:221 0 192.168.1.2:54353 0 smasa:3128 0 smasa:3128 0 localhost:http-alt 0 smasa:3128 0 smasa:3128 0 smasa:3128 0 smasa:3128 0 smasa:3128 0 smasa:3128 0 smasa:3128 0 192.168.1.2:54983 0 localhost:http-alt

    192.168.0.138:1600 localhost:45605 192.168.0.138:1621 192.168.0.138:1609

    TIME_WAIT TIME_WAIT TIME_WAIT TIME_WAIT

    www-12-02.snc5.face:www TIME_WAIT 58.27.22.64:www 192.168.0.138:1605 TIME_WAIT TIME_WAIT

    upload-03-07-snc1.f:www TIME_WAIT 192.168.0.121:2730 192.168.0.138:1602 ESTABLISHED TIME_WAIT

    www-11-03-ash2.face:www TIME_WAIT localhost:34051 TIME_WAIT

    www-12-02.snc5.face:www TIME_WAIT upload-01-01-snc4.f:www ESTABLISHED 192.168.0.121:2716 ESTABLISHED

    www-12-02.snc5.face:www TIME_WAIT www-11-03-ash2.face:www ESTABLISHED 192.168.0.121:2709 192.168.0.138:1624 ESTABLISHED ESTABLISHED

    www-12-02.snc5.face:www TIME_WAIT 192.168.0.138:1620 192.168.0.121:2737 localhost:56517 192.168.0.121:2711 192.168.0.121:2728 192.168.0.138:1592 192.168.0.121:2718 192.168.0.121:2723 192.168.0.121:2731 192.168.0.121:2732 58.27.22.90:www localhost:47076 TIME_WAIT ESTABLISHED TIME_WAIT ESTABLISHED ESTABLISHED TIME_WAIT ESTABLISHED ESTABLISHED ESTABLISHED ESTABLISHED TIME_WAIT TIME_WAIT

    tcp tcp tcp tcp tcp tcp tcp tcp tcp tcp tcp tcp tcp tcp tcp tcp tcp tcp tcp6 tcp6 tcp6 tcp6

    0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0

    0 smasa:3128 0 192.168.1.2:47471 0 192.168.1.2:53474 0 smasa:3128 0 192.168.1.2:54357 0 localhost:http-alt 0 localhost:http-alt 0 smasa:3128 0 smasa:3128 0 smasa:3128 0 192.168.1.2:54352 0 192.168.1.2:32774 0 smasa:3128 0 smasa:3128 0 smasa:3128 0 192.168.1.2:54354 0 smasa:3128 0 smasa:3128 0 localhost:953 0 [::]:221 0 [::]:www 0 [::]:domain

    192.168.0.138:1603

    TIME_WAIT

    www-12-02.snc5.face:www TIME_WAIT www-11-03-ash2.face:www ESTABLISHED 192.168.0.121:2715 ESTABLISHED

    www-12-02.snc5.face:www TIME_WAIT localhost:54496 localhost:41033 192.168.0.121:2727 192.168.0.121:2729 192.168.0.138:1604 TIME_WAIT ESTABLISHED ESTABLISHED ESTABLISHED TIME_WAIT

    www-12-02.snc5.face:www TIME_WAIT 58.27.22.51:www 192.168.0.121:2734 192.168.0.121:2720 192.168.0.121:2717 TIME_WAIT ESTABLISHED ESTABLISHED ESTABLISHED

    www-12-02.snc5.face:www TIME_WAIT 192.168.0.121:2736 192.168.0.121:2735 [::]:* [::]:* [::]:* [::]:* ESTABLISHED ESTABLISHED LISTEN LISTEN LISTEN LISTEN

    Menampilkan semua UDP port yang terbuka dengan netstat au


    root@smasa:~# netstat -au Active Internet connections (servers and established) Proto Recv-Q Send-Q Local Address udp udp udp udp udp udp 0 0 0 0 0 0 0 *:37259 0 smasa:domain 0 192.168.1.2:domain 0 localhost:domain 0 *:icpv2 0 *:bootps Foreign Address *:* *:* *:* *:* *:* *:* State

    udp udp6

    0 0

    0 *:3401 0 [::]:domain

    *:* [::]:*

    2.Menampilkan

    socket

    yang

    terbuka

    dan

    sedang

    aktif

    Menampilkan port yang aktif atau listening saja dengan netstat l


    root@smasa:~# netstat -l Active Internet connections (only servers) Proto Recv-Q Send-Q Local Address tcp tcp tcp tcp tcp tcp tcp tcp tcp6 tcp6 tcp6 tcp6 udp udp udp udp udp udp udp udp6 raw 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 *:3128 0 localhost:953 0 *:221 0 localhost:mysql 0 *:http-alt 0 smasa:domain 0 192.168.1.2:domain 0 localhost:domain 0 localhost:953 0 [::]:221 0 [::]:www 0 [::]:domain 0 *:37259 0 smasa:domain 0 192.168.1.2:domain 0 localhost:domain 0 *:icpv2 0 *:bootps 0 *:3401 0 [::]:domain 0 *:icmp Foreign Address *:* *:* *:* *:* *:* *:* *:* *:* [::]:* [::]:* [::]:* [::]:* *:* *:* *:* *:* *:* *:* *:* [::]:* *:* 7 State LISTEN LISTEN LISTEN LISTEN LISTEN LISTEN LISTEN LISTEN LISTEN LISTEN LISTEN LISTEN

    Active UNIX domain sockets (only servers) Proto RefCnt Flags unix unix 2 2 [ ACC ] [ ACC ] Type STREAM STREAM State LISTENING LISTENING I-Node 5634 4868 Path /var/run/clamav/clamd.ctl /var/run/mysqld/mysqld.sock

    unix

    [ ACC ]

    STREAM

    LISTENING

    3114

    @/com/ubuntu/upstart

    Jika hanya ingin menampilkan port TCP yang aktif gunakan perintah netstat lt
    root@smasa:~# netstat -lt Active Internet connections (only servers) Proto Recv-Q Send-Q Local Address tcp 0 0 *:3128 tcp 0 0 localhost:953 tcp 0 0 *:221 tcp 0 0 localhost:mysql tcp 0 0 *:http-alt tcp 0 0 smasa:domain tcp 0 0 192.168.1.2:domain tcp 0 0 localhost:domain tcp6 0 0 localhost:953 tcp6 0 0 [::]:221 tcp6 0 0 [::]:www tcp6 0 0 [::]:domain

    Foreign Address *:* *:* *:* *:* *:* *:* *:* *:* [::]:* [::]:* [::]:* [::]:*

    State LISTEN LISTEN LISTEN LISTEN LISTEN LISTEN LISTEN LISTEN LISTEN LISTEN LISTEN LISTEN

    Jika hanya ingin menampilkan port UDP yang aktif gunakan perintah netstat lu
    root@smasa:~# netstat -lu Active Internet connections (only servers) Proto Recv-Q Send-Q Local Address udp 0 0 *:37259 udp 0 0 smasa:domain udp 0 0 192.168.1.2:domain udp 0 0 localhost:domain udp 0 0 *:icpv2 udp 0 0 *:bootps udp 0 0 *:3401 udp6 0 0 [::]:domain

    Foreign Address *:* *:* *:* *:* *:* *:* *:* [::]:*

    State

    Jika hanya ingin menampilkan UNIX port yang aktif gunakan perintah netstat lx
    root@smasa:~# netstat -lx Active UNIX domain sockets (only servers) Proto RefCnt Flags Type State unix 2 [ ACC ] STREAM LISTENING unix 2 [ ACC ] STREAM LISTENING unix 2 [ ACC ] STREAM LISTENING

    I-Node 5634 4868 3114

    Path /var/run/clamav/clamd.ctl /var/run/mysqld/mysqld.sock @/com/ubuntu/upstart

    3.Menampilkan

    Statistik

    Protokol

    yang

    digunakan

    Gunakan netstat -s untuk menampilkan statistik protokol yang digunakan


    root@smasa:~# netstat -s Ip: 1889032 total packets received 48069 forwarded 0 incoming packets discarded 1840963 incoming packets delivered 2102145 requests sent out Icmp: 742 ICMP messages received 0 input ICMP message failed. ICMP input histogram: destination unreachable: 734 echo requests: 7 echo replies: 1 2331 ICMP messages sent 0 ICMP messages failed ICMP output histogram: destination unreachable: 2301 echo request: 23 echo replies: 7 IcmpMsg: InType0: 1 InType3: 734 InType8: 7 OutType0: 7 OutType3: 2301 OutType8: 23 Tcp: 69140 active connections openings 41775 passive connection openings 8 failed connection attempts 9199 connection resets received 1 connections estalished 1736445 segments received 1897301 segments send out 59257 segments retransmited 10 bad segments received. 10055 resets sent Udp: 94756 packets received 2207 packets to unknown port received. 0 packet receive errors 95187 packets sent UdpLite: TcpExt: 2 invalid SYN cookies received 6 resets received for embryonic SYN_RECV sockets 59014 TCP sockets finished time wait in fast timer 740 time wait sockets recycled by time stamp 44 packets rejects in established connections because of timestamp 40769 delayed acks sent 2 delayed acks further delayed because of locked socket Quick ack mode was activated 12326 times 798 times the listen queue of a socket overflowed 798 SYNs to LISTEN sockets dropped 5 packets directly queued to recvmsg prequeue. 11143 bytes directly in process context from backlog 9 bytes directly received in process context from prequeue 377195 packet headers predicted 9 packets header predicted and directly queued to user

    345661 acknowledgments not containing data payload received 332325 predicted acknowledgments 17 times recovered from packet loss due to fast retransmit 12 times recovered from packet loss by selective acknowledgements 1 congestion windows recovered without slow start by DSACK 3932 congestion windows recovered without slow start after partial ack 116 TCP data loss events TCPLostRetransmit: 7 2 timeouts after reno fast retransmit 24 timeouts after SACK recovery 76 timeouts in loss state 59 fast retransmits 4 forward retransmits 1210 retransmits in slow start 16596 other TCP timeouts 3 classic Reno fast retransmits failed 12147 DSACKs sent for old packets 419 DSACKs sent for out of order packets 278 DSACKs received 329 connections reset due to unexpected data 24 connections reset due to early user close 7137 connections aborted due to timeout TCPDSACKIgnoredOld: 136 TCPDSACKIgnoredNoUndo: 20 TCPSackShiftFallback: 919 IpExt: InBcastPkts: 6921 InOctets: 1299402395 OutOctets: 1443173077 InBcastOctets: 640866

    Catatan: jika ingin menampilkan statistik protokol TCP saja gunakan netstat -st, jika protokol UDP saja netstat su 4. Menampilkan PID dan nama program. Gunakan perintah netstat pt
    root@smasa:~# netstat -pt Active Internet connections (w/o servers) Proto Recv-Q Send-Q Local Address name tcp 0 0 localhost:35627 tcp 0 0 192.168.1.2:40176 tcp 0 0 smasa:221 tcp 0 0 192.168.1.2:49304 tcp 0 0 localhost:http-alt tcp 0 0 smasa:3128 tcp 0 0 smasa:3128

    Foreign Address localhost:http-alt sin01s04-in-f104.1e:www 192.168.0.138:1624 www-10-01-ash2.face:www localhost:35627 192.168.0.129:2211 192.168.0.129:2210

    State ESTABLISHED TIME_WAIT ESTABLISHED ESTABLISHED ESTABLISHED ESTABLISHED ESTABLISHED

    PID/Program 1688/(squid) 4999/0 27357/havp 27357/havp 1688/(squid) 1688/(squid)

    5. Menampilkan informasi kernel routing pada jaringan kita. Gunakan perintah netstat -r untuk menampilkan informasi kernel routing
    root@smasa:~# netstat -r Kernel IP routing table Destination Gateway 192.168.1.0 * 192.168.0.0 * default 192.168.1.1

    Genmask 255.255.255.0 255.255.255.0 0.0.0.0

    Flags U U UG

    MSS 0 0 0

    Window 0 0 0

    irtt 0 0 0

    Iface eth0 eth1 eth0

    6. Menemukan port yang sedang digunakan oleh program tertentu. Misalkan saya ingin menampilkan port yang sedang digunakan oleh SSH, maka perintahnya adalah
    root@smasa:~# netstat -ap | grep ssh tcp 0 0 *:221 tcp6 0 0 [::]:221 *:* [::]:* LISTEN LISTEN 1034/sshd 1034/sshd

    7. Menampilkan informasi dari interface yang kita gunakan. contoh ;


    root@smasa:~# netstat -i Kernel Interface table Iface MTU Met RX-OK RX-ERR RX-DRP RX-OVR eth0 1500 0 665297 0 0 0 eth1 1500 0 530249 0 0 0 lo 16436 0 707965 0 0 0

    TX-OK TX-ERR TX-DRP TX-OVR Flg 822533 0 0 0 BMRU 808259 0 0 0 BMRU 707965 0 0 0 LRU

    root@smasa:~# netstat -ie Kernel Interface table eth0 Link encap:Ethernet HWaddr 00:27:0e:07:b9:15 inet addr:192.168.1.2 Bcast:192.168.1.255 Mask:255.255.255.0 inet6 addr: fe80::227:eff:fe07:b915/64 Scope:Link UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:665297 errors:0 dropped:0 overruns:0 frame:0 TX packets:822533 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:652127492 (652.1 MB) TX bytes:126842677 (126.8 MB) Interrupt:27 Base address:0xc000 eth1 Link encap:Ethernet HWaddr 00:21:91:17:52:ad inet addr:192.168.0.1 Bcast:192.168.0.255 Mask:255.255.255.0 inet6 addr: fe80::221:91ff:fe17:52ad/64 Scope:Link UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:530255 errors:0 dropped:0 overruns:0 frame:0 TX packets:808265 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:105062029 (105.0 MB) TX bytes:790343199 (790.3 MB) Interrupt:16 Base address:0xd000 lo Link encap:Local Loopback inet addr:127.0.0.1 Mask:255.0.0.0 inet6 addr: ::1/128 Scope:Host UP LOOPBACK RUNNING MTU:16436 Metric:1 RX packets:707995 errors:0 dropped:0 overruns:0 frame:0 TX packets:707995 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:0 RX bytes:561299423 (561.2 MB) TX bytes:561299423 (561.2 MB)

    Anda mungkin juga menyukai