rafaelldi/Monitoring TCP & UDP connections.md

Last active July 2, 2024 23:11

Star () You must be signed in to star a gist
Fork () You must be signed in to fork a gist

Learn more about clone URLs
Clone this repository at <script src="https://gist.github.com/rafaelldi/5da0d03ba098c715c6fa59aff5ea7eeb.js"></script>
Save rafaelldi/5da0d03ba098c715c6fa59aff5ea7eeb to your computer and use it in GitHub Desktop.

Download ZIP

Monitoring TCP & UDP connections

Raw

Monitoring TCP & UDP connections.md

Checking Windows network configuration

Command	Alternative	Description
`Get-NetIPConfiguration`	`ipconfig -all`	displays the IP network configuration
`Get-NetAdapter`		shows various network adapter properties
`Get-NetRoute`	`netstat -r`	prints the IP routing table
`Get-NetTCPSetting`		gets system TCP settings
`Get-NetUDPSetting`		gets system UDP settings
`Get-NetFirewallRule`		lists firewall rulles

Checking Linux network configuration

Command	Alternative	Description
`ip address`	`ifconfig [-a]`	displays the IP network configuration
`ip link`		shows network device configuration
`ip route`	`route`	prints the IP routing table
`sysctl -a -r 'net.ipv[46]'`		gets systems network (IP, TCP, UDP) settings
`iptables -L`		lists rewall rules

Monitoring TCP & UDP connections on Windows

Command	Description
`netstat -ano`	lists TCP connections and listening TCP & UDP ports with their owning processes ( `-o` )
`Get-NetTCPConnection`	lists TCP connections
`Get-NetUDPEndpoint \| Select @("LocalAddress", "LocalPort", "OwningProcess")`	lists UDP endpoints
`Get-NetAdapterStatistics`	shows network adapters statistics
`netstat -s`	shows network statistics per protocol

Monitoring TCP & UDP connections on Linux

Command	Description
`ss -tunap`	lists all ( `-a` ) TCP ( `-t` ) & UDP ( `-u` ) connections with owning process information ( `-p` )
`ip -s link`	shows network devices statistics
`nicstat [-a] 2`	shows network statistics and updates them in intervals
`perf list 'tcp:' 'sock:' 'udp:*'`	there are many interesting tracepoints for monitoring TCP & UDP connections

Checking peer connectivity

Command	Description
`telnet {target} {port}`	opens a TCP connection with a target host
`psping [-w {warmup-count}] {target}:{port}`	repeatedly creates and drops TCP connections, performing a "TCP ping"
`psping -h [buckets] {target}:{port}`	shows a histogram for collected values
`nc {target} {port}`	opens a TCP connection and transfers data from the standard input (use the `-u` option to send data using UDP)
`nc -vz {target} {port}`	performs a test TCP connection
`nmap -sS -p 8080-9000 {target}`	performs a TCP SYN scan testing ports from 8080 to 9000
`nmap -sT -p 8080-9000 {target}`	performs a TCP CONNECT scan testing ports from 8080 to 9000
`nmap -sU -p 8080-9000 {target}`	performs a UDP scan testing ports from 8080 to 9000

Testing bandwidth

Command	Description
`psping -b`	tests TCP bandwidth (-u for UDP). We may also use the -l option for testing latency
`iperf`	tests TCP bandwidth (-u for testing UDP)

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment