Scribd
Upload
35 views2 pages

Network Commands & Firewall Rules

The document provides a series of commands and scripts for monitoring and managing network connections using tools like netstat and PowerShell. It includes commands for checking TCP connections, firewall rules, and process information related to network activities. Additionally, it offers methods to filter and display specific details about listening ports and associated processes.

Uploaded by

0ba35dac91
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as TXT, PDF, TXT or read online on Scribd
35 views2 pages

Network Commands & Firewall Rules

The document provides a series of commands and scripts for monitoring and managing network connections using tools like netstat and PowerShell. It includes commands for checking TCP connections, firewall rules, and process information related to network activities. Additionally, it offers methods to filter and display specific details about listening ports and associated processes.

Uploaded by

0ba35dac91
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as TXT, PDF, TXT or read online on Scribd

www.findip-address.

com
whatismyipaddress.com

netstat -a
netstat -an
netstat -ano

netstat -aon | findstr "9076"


taskkill /pid 102
###########################################
power shell
get-nettcpconnection
get-nettcpconnection | select-object -property *
get-nettcpconnection -state listen | ft -a
get-nettcpconnection -state listen,established

netsh advfirewall firewall add rule name="hhh" protocol=TCP dir=in remoteport=993


action=block
netsh advfirewall firewall delete rule name="Rule name"

get-nettcpconnection | select local*,remote*,state,


@{Name="Process";Expression={(Get-Process -Id $_.OwningProcess).ProcessName}}

$nets = netstat -bano|select-string 'LISTENING|UDP'; foreach ($n in $nets)


{ $p = $n -replace ' +',' '; $nar = $p.Split(' '); $pname = $(Get-Process
-id $nar[-1]).ProcessName; $n -replace "$($nar[-1])","$($ppath) $
($pname)"; }

netstat -bano|select-string ' Established|UDP and tcp'

(Get-WmiObject Win32_Process -filter "ProcessId = '14376'").commandline ‫مهم لضهار‬


‫اسم العمليه‬

Get-NetTCPConnection | Select-Object
OwningProcess,@{Name="cmdline";Expression={(Get-WmiObject Win32_Process -filter
"ProcessId = $_.OwningProcess").commandline}} | Format-Table | select -first 7

Test-NetConnection localhost -Port 3000

filter timestamp {"$(Get-Date -Format G): $_"};netstat -abno 1 | Select-String -


Context 0,1 -Pattern LISTENING|timestamp

Get-NetTCPConnection |
Select-Object OwningProcess,
@{Name="cmdline";Expression={(Get-WmiObject Win32_Process -filter
"ProcessId = $($_.OwningProcess)").commandline}}

Get-NetTCPSetting | more ‫ الظهار اعدادات‬tcp

‫ عرض االتصاالت بحسب الحالة‬:Get-NetTCPSetting -state CloseWait

Get-NetTCPConnection -LocalPort 443

Get-NetTCPConnection |Select-Object
LocalPort,OwningProcess,CreationTime,@{name='ProcessName';expression={(Get-Process
-Id $_.OwningProcess).Path}} ‫الأن إلى المثال الأخير الذي سيطبع لك مسار البرنامج و‬
‫معرف العملية و تاريخ الإنشاء مع المنفذ‬

‫ ( الأن إلى الأمر الذي سيعرض لنا تاريخ الإنشاء ومعرف العملية للبرنامج‬PID ) :

Get-NetUDPEndpoint | select local*,CreationTime,OwningProcess

‫( لمعرفة اسماء العمليات‬PID) ‫ سنستخدم هذا الأمر‬:

Get-Process -id (Get-NetUDPEndpoint).OwningProcess

Get-NetUDPEndpoint |Select-Object
LocalPort,OwningProcess,CreationTime,@{name='ProcessName';expression={(Get-Process
-Id $_.OwningProcess).Path}}

You might also like