Ipaddress does not show up on netstat

0

Why would a ipaddress not show up in foreign address when I do netstat -atp tcp?

Here is a list of my foreign address that are not showing up. How can I find out where they are going to?

  Proto  Local Address          Foreign Address        State           Offload State

  TCP    192.168.0.184:58137    server3005:5938        ESTABLISHED     InHost
  TCP    192.168.0.184:58142    bn3sch020010558:https  ESTABLISHED     InHost
  TCP    192.168.0.184:58204    HPD89D67DFAC36:8080    ESTABLISHED     InHost
  TCP    192.168.0.184:58245    ou-in-f188:5228        ESTABLISHED     InHost
  TCP    192.168.0.184:58398    HPD89D67DFAC36:8080    ESTABLISHED     InHost
  TCP    192.168.0.184:58542    cache:https            ESTABLISHED     InHost
  TCP    192.168.0.184:58544    234-255-73-208:http    TIME_WAIT       InHost
  TCP    192.168.0.184:58545    a23-78-241-168:http    TIME_WAIT       InHost
  TCP    192.168.0.184:58547    yts2:https             ESTABLISHED     InHost
  TCP    192.168.0.184:58548    234-255-73-208:http    ESTABLISHED     InHost

Whitecat

Posted 2015-12-14T18:11:52.233

Reputation: 529

What do you mean the address is not showing up? Are you looking for the results that the -n switch will give you (netstat -antp tcp)? – heavyd – 2015-12-14T18:16:22.343

Who is 234-255-73-208? or HPD89D67DFAC36? or bn3sch020010558? I want to find out what that connection is. – Whitecat – 2015-12-14T18:17:35.410

Then yes, -n is your friend. – heavyd – 2015-12-14T18:19:15.323

The correct answer is to issue netcat -natp. This will prevent name resolution, and you will instead be shown normal IP addresses. – MariusMatutiae – 2015-12-14T18:19:21.383

The problem then becomes if they do name resolution I loose the strange foreign addresses. – Whitecat – 2015-12-14T18:20:17.317

1well, with netstat you have to pick one or the other: numeric output, or resolved. you can't have both. – Frank Thomas – 2015-12-14T18:22:18.320

When ever I do netstat -antp tcp any connection with port 585** disappears. – Whitecat – 2015-12-14T18:22:53.023

This goes on to another question how do I find out what process is running the connections? I am running this on windows CMD. – Whitecat – 2015-12-14T18:25:00.807

-o displays the owning PID. netstat /? will display all of the switches – heavyd – 2015-12-14T18:25:53.653

If you're looking for a bit more advanced/easier to use monitor take a look at TCPView from SysInternals, which is now Microsoft.

– heavyd – 2015-12-14T18:28:18.493

No answers

Asked: 2015-12-14T18:11:52.233

Viewed: 1 585 times

Active: 2015-12-14T18:11:52.233