One of my best ever troubleshooting tool, sometimes I stuck in many difficult situations that are related to remote access or internal services/daemons healthiness. You can easily figure out what the problem is from this straightforward command.

As you can see, If you have many connections on you PC it will be very difficult to maintain all the result. Fortunately, you can paginate the results using “more” command.

netstat -an | more

In the preceding example, the FTP service runs on a TCP port 21. This means that the service is waiting for a connection request from any remote TCP.

You can also filter the given results using either find or findstr. By the way, findstr is much better than find since you can provide a regular expression for your search.

Checking a certain port number

So, let’s start with a simple scenario. I need to check the MS SQL Server default TCP port (1433):

netstat -an | find “1433″

Find command will filter the results from the netstat command and grabs only the specified string.

PID Concatenation

A serious problem arises from unknown ports, sometimes you modify a port number for a certain service “SSH for example” and after awhile you forgot what that port is, though you can open the *.conf file and snatch the actual values, I really prefer techie and neat solutions. In this case, I usually display the associated process ID with each connection.

Now, you can easily seize that process and figure out where that hidden process is. Simply, by matching the same PID in the Windows Task Manager “taskmgr.exe”. Another good-looking idea is to use the tasklist in the command prompt:

tasklist /svc | find “3306″

This is not all about netstat, there are many other ideas. Grouping the statistics per-protocol, or listing for the new requests.