Explore information related to netstat

Show dropped packets per interface on Linux - Methiods to check it

This article covers how to Show dropped packets per interface on Linux. 

There can be various reasons for packet loss. It can be that the network transport is unreliable and packet loss is natural, the network link could be congested, applications cannot handle the offered load.

Sometimes there are too many packets, they are saved to a buffer, but they are saved faster than processed, so eventually the buffer runs out of space, so the kernel drops all further packets until there is some free space in the buffer.


You will learn the different Linux commands to see packet loss on Linux per-interface, including excellent tools such as dropwatch. 

We can also use Linux profiling with performance counters utility called perf.


To display show dropped packets per interface on Linux using the netstat:

The netstat command is mostly obsolete. Replacement for netstat is ss and ip command. 

However, netstat still available on older Linux distros, which are in productions. 

Hence, I will start with netstat but if possible, use the ip/ss tools. 

The command in Linux is:

$ netstat -i

$ netstat --interfaces


To display summary statistics for each protocol, run:

$ netstat -s

$ netstat --statistics


To show dropped packets statistics per network interface on Linux using the ip:

Let us see how to see link device stats using the ip command. 

The syntax is:

$ ip -s link

$ ip -s link show {interface}

$ ip -s link show eth0

Read More


Use Nmap to Scan Open Ports - How to

This article covers how to use Nmap to Scan Open Ports. Nmap is the world's leading port security network scanner. The Nmap hosted security tool can help you determine how well your firewall and security configuration is working.

How would you tell Nmap to scan all ports?
By default, Nmap scans the 1,000 most popular ports of each protocol it is asked to scan.
Alternatively, you can specify the -F (fast) option to scan only the 100 most common ports in each protocol or --top-ports to specify an arbitrary number of ports to scan.

The OS and Service scanning options are helpful for scanning a particular port or service to get more information.
If a service is running on a non-default port, it might be by design – or it might suggest there is a security breach.
Ports often have a default usage. Most ports under 1000 are dedicated and assigned to a specific service.

What file does Nmap use to determine which ports to scan?
Nmap needs an nmap-services file with frequency information in order to know which ports are the most common.

Malicious ("black hat") hackers (or crackers) commonly use port scanning software to find which ports are "open" (unfiltered) in a given computer, and whether or not an actual service is listening on that port. They can then attempt to exploit potential vulnerabilities in any services they find.

Read More