NETSTAT is command line utility in Windows and Linux Operating systems that provides a way to verify whether TCP/IP parameters are working and connections are being formed.Nestat utility provides TCP and UDP protocol information and it becomes very essential in diagnosing the network and application association issues.Infact it becomes more useful for Resident/Desktop engineers with access to end user devices only like Desktops and laptops.
A scenario for more clarity of NETSTAT based troubleshooting –
“SYN_SENT” signifies that local client has initiated a TCP socket to connect to a server socket. If acknowledged by the server, the client socket state will proceed to ESTABLISHED. “Established” state confirms end to end transport layer between local host and remote server or endpoint is complete. if end host stays in “SYN_SENT” state , it may be due to firewall blocking the communication or network layer issue like destination not reachable etc.Infact malware connections may also be diagnosed like when so many connections are initiated by local windows PC.
Below is the command syntax for NETSTAT –