Tag Archives: tool

Linux – ss command .

The TSocket Statistics (ss) command is similar to netstat, and it is used to display useful network socket information.
The ss command syntax come with specify optional flags and filters:

Let’s see some examples with this linux command:

1. List Established Connections
The default run with the ss command display a list of open non-listening sockets that have established connections (for example: TCP, UDP or UNIX sockets)

2. Show Listening Sockets
Than listing all sockets, we can use the -l option to specifically list the sockets that are currently listening for a connection.

3. Show Processes
We can print out the process or PID number that owns a socket with the -p option.

4. Don’t Resolve Service Names
The -n option will not take place and we will instead see the port number rather than the service name.

5. Resolve Numeric Address/Ports
This and resolve both the IP address and port number with the -r option.

6. IPv4 Sockets
We can use the -4 option to only display information corresponding to IPv4 sockets.

7. IPv6 Sockets
We can use the -6 option to only display information related to IPv6 sockets.

8. TCP Only
The -t option can be used to display only TCP sockets and using the -l option print out listening sockets we can see everything listening on TCP.

9. UDP Only
The -u option can be used to display only UDP sockets. As UDP is a connection-less protocol, simply running with only the -u option will display no output. We can instead combine this with the -a or -l option to see all listening UDP sockets, as shown below.

10. Unix Sockets
The -x option can be used to display unix domain sockets only.

11. Show Socket Memory Usage
The -m option can be used to display the amount of memory that each socket is using.

12. Show Internal TCP Information
We can request additional internal TCP information with the -i info option.

13. Show Summary
We can see a quick overview of the statistics with the -s option.

14. Filter Based On State
That specify states including established, syn-sent, syn-recv, fin-wait-1, fin-wait-2, time-wait, closed, closed-wait, last-ack, listen and closing.

15. Show SELinux Context
The -Z and -z options can be used to show the SELinux security context of a socket. In the example below we also use the -t and -l options to only list listening TCP sockets, with the -Z option we can also see the SELinux contexts.

Filtering to list all ports that are less than (lt), greater than (gt), equal to (eq), not equal to (ne), less than or equal to (le), or greater than or equal to (ge).

Posted in All, Commands, Linux. Tagged with , , , , .

Windows 10 – Can you delete the $WINDOWS.~BT folder ?

First the $WINDOWS.~BT folder are associated with the Windows 10 and Windows 8 upgrade process.
The advice is: Do not delete it.
The folder may using gigabytes of disk space.
If you really want to delete it then you can try to use Disk Cleanup tool.
This included with whatever version of Windows you’re using bu click right on C:\ then select Properties.
On Disk Cleanup tool and click Clean Up System Files.
Select this:

  • Previous Windows installation(s) on Windows 10;
  • Temporary Windows installation files on Windows 7 and 8;

Press the OK button to remove the files.
If don’t see one of this selection then don’t try to remove it.

Posted in All, Windows 10, Windows 7, Windows 8. Tagged with , , , , , .

Windows 10 – Microsoft Network Monitor tool .

This tool from Microsoft come with this information :
Microsoft Network Monitor is a tool for viewing the contents of network packets that are being sent and received over a live network connection or from a previously captured data file. It provides for complex analysis of network data through filtering options.
Is a tool for expert user into network issues, not for common user.
This will help you to recognize the signs that something on your network is compromised.
This will not help with Monitoring and Maintaining IP Multicast issues (is a more complex subject and I will not present it in this tutorial).
This tutorial is just about this tool.
Download the tool, I select the NM34_x64.exe – because I have a x64 CPU.
Install the tool , select Capture1 and press Start button.
If the tool need to install something with log out and log in, just do it.
The you can capture the network traffic and parse all infos.
The development team come also with this feature:
Network Monitor 3.3 introduces the Experts menu. This feature allows you to run external analysis tools on an open capture file.
Take a look at this screenshot :

Posted in All, Windows 10, Windows 8. Tagged with , , , .

News: New release of Spyder IDE .

As you well know, this IDE comes with many features, see wikipedia page:
Spyder (formerly Pydee[3]) is an open source cross-platform integrated development environment (IDE) for scientific programming in the Python language. Spyder integrates NumPy, SciPy, Matplotlib and IPython, as well as other open source software.[4][5] It is released under the MIT license.[6]
Six days ago, a release of this IDE with version 3.2.7 was announced.
More details on github page.

Posted in news. Tagged with , , , , .

Windows 10 – list all updates from your computer .

This can be useful to check the integrity of upgrade process for your Windows OS ( all versions with wmic tool ) .

Same issue with PowerShell tool, see:

Posted in All, Windows 10, Windows 8. Tagged with , , , , , , .