Network Activity Tool

I get calls from people all the time about "funny" stuff happening on their computers.

Many times it's due to adware, malware or viruses hiding out.  Heck even stuff down in the systray phoning home (Acrobat, Java, etc.) can load a system temporarily causing things to slow and studder.  So how can you tell what's happening?  Well I use netstat.  It's an old tool both on Windows and Linux that can reveal quite a bit about what's happening.  So let's to this Q & A style....just like I get on the phone. :)

Q:How can I tell who my computers talking to?

A: netstat -a
This will list all listening ports and established connections.

Q: What program is using that port shown as listening?

A: netstat -b   or   netstat -bv (windows)
    netstat -p  (Linux...but you gotta be root)
This will show the windows executable holding the port open or with the -v switch the .dll's used as well.  The linux switch -p shows the process, not necessarily the executable but hey....that's really what you want anyhow right?!??

That covers the basic topic I think.  There are a slew of tools for stuff like this if you look around a little. I'll try and point some out and how they are used as questions arise.