Handy Netstat Commands

The Netstat command displays active connections, ports, IP routing table and much more. When running the command you can be overwhelmed by the output, especially on Unix/Linux based systems.

To filter out the noise, you can use certain syntax to provide only the results you want to see. For example I use the following to see only SMTP port 25 connections:

netstat -an -p TCP | find ":25"

To see what connections are coming from a specific IP address say 192.168.1.26

netstat -an -p TCP | find "192.168.1.26"

On a Linux system you can simply use grep e.g.

netstat -an -p TCP | grep "192.168.1.26"
netstat -atve
netstat -tulpn | grep :53

Here is the complete example list from the Windows help file:
The usual windows netstat output:
Displays protocol statistics and current TCP/IP network connections.

NETSTAT [-a] [-b] [-e] [-n] [-o] [-p proto] [-r] [-s] [-t] [-v] [interval]

-a Displays all connections and listening ports.
-b Displays the executable involved in creating each connection or
listening port. In some cases well-known executables host
multiple independent components, and in these cases the
sequence of components involved in creating the connection
or listening port is displayed. In this case the executable
name is in [] at the bottom, on top is the component it called,
and so forth until TCP/IP was reached. Note that this option
can be time-consuming and will fail unless you have sufficient
permissions.
-e Displays Ethernet statistics. This may be combined with the -s
option.
-n Displays addresses and port numbers in numerical form.
-o Displays the owning process ID associated with each connection.
-p proto Shows connections for the protocol specified by proto; proto
may be any of: TCP, UDP, TCPv6, or UDPv6. If used with the -s
option to display per-protocol statistics, proto may be any of:
IP, IPv6, ICMP, ICMPv6, TCP, TCPv6, UDP, or UDPv6.
-r Displays the routing table.
-s Displays per-protocol statistics. By default, statistics are
shown for IP, IPv6, ICMP, ICMPv6, TCP, TCPv6, UDP, and UDPv6;
the -p option may be used to specify a subset of the default.
-t Displays the current connection offload state.
-v When used in conjunction with -b, will display sequence of
components involved in creating the connection or listening
port for all executables.
interval Redisplays selected statistics, pausing interval seconds
between each display. Press CTRL+C to stop redisplaying
statistics. If omitted, netstat will print the current
configuration information once.

Update: 
Powershell is a little different:

 netstat -a -n | find `"443`" 

To prevent PowerShell from stripping the double quotes use the grave accent (`) to escape them. You can also use the –% parameter to perform the escape.

 nestat -a -n | find --% "443" 

Gnome Partition Editor – Live CD

Gnome Partition Editor is an excellent Partition utility that has come in handy lately, I’ve been using the Live CD version to do some advanced partitioning on my laptop and it has saved me from having to redo my laptop build from scratch. Naturally being Linux it’s opensource as well!

From the website here is some info:
The power and simplicity of GParted on a biz-card size LiveCD.

The CD aims to be fast, small in size (~50mb), and use minimal resources to get that disk partitioned the way you want it. GParted LiveCD uses Xorg, the lightweight Fluxbox window manager, and the latest 2.6 Linux Kernel.

Being up to date is important! GParted LiveCD will be updated along side the GParted source releases and have minor releases when bugs are fixed or new filesystem tools become available.

More info and download from:
http://gparted.sourceforge.net/index.php

Network Security Toolkit (NST v1.4.0)

Network Security Toolkit (NST v1.4.0)

This release is based on Fedora Core 4 using the Linux Kernel: 2.6.15-1.1831_FC4 or 2.6.15-1.1831_FC4smp. Many new NST WUI features and capabilities have been included with this distribution:

* Time Management – NTP, hardware clock and system clock management.
* Network Packet Capture – An enhanced NST WUI web-based front-end to the tethereal network protocol anaylzer.
* Network Packet Capture Manager – Provides a means to manage network packet capture files on a NST probe.
* An enhanced NST WUI web-based file system mounting page.
* PDF rendering for most output including network packet capture decoding.
* Enhanced directory and file viewing pages with auto refresh.
* Introduced browser session saving for many NST WUI pages.
* Add a simpilfied front-end to the NST WUI for beginner users.
* Network Monitoring – integrated the Nagios networking tool into the NST WUI.
* Better navigation and flow when using the NST WUI pages.

Most networking and security applications have been updated to their latest version.

Download it from their Website and sourceforge