Category Archives: Commands

Linux – ss command .

The TSocket Statistics (ss) command is similar to netstat, and it is used to display useful network socket information.
The ss command syntax come with specify optional flags and filters:

Let’s see some examples with this linux command:

1. List Established Connections
The default run with the ss command display a list of open non-listening sockets that have established connections (for example: TCP, UDP or UNIX sockets)

2. Show Listening Sockets
Than listing all sockets, we can use the -l option to specifically list the sockets that are currently listening for a connection.

3. Show Processes
We can print out the process or PID number that owns a socket with the -p option.

4. Don’t Resolve Service Names
The -n option will not take place and we will instead see the port number rather than the service name.

5. Resolve Numeric Address/Ports
This and resolve both the IP address and port number with the -r option.

6. IPv4 Sockets
We can use the -4 option to only display information corresponding to IPv4 sockets.

7. IPv6 Sockets
We can use the -6 option to only display information related to IPv6 sockets.

8. TCP Only
The -t option can be used to display only TCP sockets and using the -l option print out listening sockets we can see everything listening on TCP.

9. UDP Only
The -u option can be used to display only UDP sockets. As UDP is a connection-less protocol, simply running with only the -u option will display no output. We can instead combine this with the -a or -l option to see all listening UDP sockets, as shown below.

10. Unix Sockets
The -x option can be used to display unix domain sockets only.

11. Show Socket Memory Usage
The -m option can be used to display the amount of memory that each socket is using.

12. Show Internal TCP Information
We can request additional internal TCP information with the -i info option.

13. Show Summary
We can see a quick overview of the statistics with the -s option.

14. Filter Based On State
That specify states including established, syn-sent, syn-recv, fin-wait-1, fin-wait-2, time-wait, closed, closed-wait, last-ack, listen and closing.

15. Show SELinux Context
The -Z and -z options can be used to show the SELinux security context of a socket. In the example below we also use the -t and -l options to only list listening TCP sockets, with the -Z option we can also see the SELinux contexts.

Filtering to list all ports that are less than (lt), greater than (gt), equal to (eq), not equal to (ne), less than or equal to (le), or greater than or equal to (ge).

Posted in All, Commands, Linux. Tagged with , , , , .

Using wevtutil command under Windows – part 002.

In this tutorial I make a script for clean all events.
The script is very simple and is just a run of wevtutil command and some printing messages.
Open your editor and save the script with the extensions bat or cmd.
Also you need to have Administrator rights to run the script.
The script run FOR ,IF and GOTO selections to run well with the admin.
First and second lines of code is for to run the batch file and throw up admin rights.
Lets see the source code.

Posted in All, Commands, Windows 10, Windows 7, Windows 8. Tagged with , , , , , .

PowerShell tips – part 008.

This tutorial is about PowerShell and running script to disable some Services in Windows.
The Windows PowerShell execution policy is allow your scripts to run on your computer.
If you want to see the Windows PowerShell execution policy, use the Get-ExecutionPolicy command.
To change the Windows PowerShell execution policy on your computer, use the Set-ExecutionPolicy command.
You can see all of the execution policies that affect the current session by using Get-ExecutionPolicy -List command.
To run my script is need to have a command shell administrator rights and select a policy that allov to run the script ( example: Unrestricted) .

After running the script the output is this:

Posted in All, Commands, PowerShell, Windows 10, Windows 8. Tagged with , , , , , , .

Windows 10 – Clear all event logs in Event Viewer with PowerShell .

Run cmd command shell into administrator mode.
Type Powershell command to start the Powershell shell.
Run the next Powershell command to clear all event logs in Event Viewer:

Posted in All, Commands, PowerShell, Windows 10, Windows 8. Tagged with , , , , , .

Error: No Internet access from IPv6 .

If you see the IPv6 No network access from Ethernet Status dialog then you can try this tutorial.
Use Start menu then type cmd to start the Command Prompt shell and use right click choose Run as administrator.
Use this commands into shell:

You can also use the ipconfig command-line tool

Posted in All, Commands, Windows 10. Tagged with , , , .