forum.vdsworld.com Forum Index forum.vdsworld.com
Visit VDSWORLD.com
 
 FAQFAQ   SearchSearch   MemberlistMemberlist   UsergroupsUsergroups   RegisterRegister 
 ProfileProfile   Log in to check your private messagesLog in to check your private messages   Log inLog in 


Catching games with "netstat"

 
Post new topic   Reply to topic    forum.vdsworld.com Forum Index -> General Help
View previous topic :: View next topic  
Author Message
Skit3000
Admin Team


Joined: 11 May 2002
Posts: 2166
Location: The Netherlands
PostPosted: Thu Oct 21, 2004 10:42 am    Post subject: Catching games with "netstat" Reply with quote
Hello, I want to make a little tool which uses the "netstat" command to see if specific ports are opened by multiplayer games. I now use "netstat -a -n", but it seems that only the external address of TCP ports are shown, not the ones with UDP. Now the problem is that most (if not, all) games use the UDP protocol to connect to a server. Does anybody knows how to get a list of all outgoing UDP connections, including their IP addresses and ports?
_________________
[ Add autocomplete functionality to your VDS IDE windows! ]
Voor Nederlandse beginners met VDS: bekijk ook eens deze tutorial!
Back to top
View user's profile Send private message
Skit3000
Admin Team


Joined: 11 May 2002
Posts: 2166
Location: The Netherlands
PostPosted: Thu Oct 21, 2004 10:45 am    Post subject: Reply with quote
Here is a little "netstat" capture, so you can see what I mean:

Code:
C:\Documents and Settings\Sjoerd>netstat -a -n

Actieve verbindingen

  Proto  Lokaal adres           Extern adres           Status
  TCP    0.0.0.0:135            0.0.0.0:0              Bezig met luisteren
  TCP    0.0.0.0:445            0.0.0.0:0              Bezig met luisteren
  TCP    0.0.0.0:1025           0.0.0.0:0              Bezig met luisteren
  TCP    0.0.0.0:1043           0.0.0.0:0              Bezig met luisteren
  TCP    0.0.0.0:1047           0.0.0.0:0              Bezig met luisteren
  TCP    0.0.0.0:1068           0.0.0.0:0              Bezig met luisteren
  TCP    0.0.0.0:1082           0.0.0.0:0              Bezig met luisteren
  TCP    0.0.0.0:1087           0.0.0.0:0              Bezig met luisteren
  TCP    0.0.0.0:1088           0.0.0.0:0              Bezig met luisteren
  TCP    0.0.0.0:1089           0.0.0.0:0              Bezig met luisteren
  TCP    0.0.0.0:1092           0.0.0.0:0              Bezig met luisteren
  TCP    0.0.0.0:1093           0.0.0.0:0              Bezig met luisteren
  TCP    0.0.0.0:1094           0.0.0.0:0              Bezig met luisteren
  TCP    0.0.0.0:1095           0.0.0.0:0              Bezig met luisteren
  TCP    0.0.0.0:1099           0.0.0.0:0              Bezig met luisteren
  TCP    0.0.0.0:1113           0.0.0.0:0              Bezig met luisteren
  TCP    0.0.0.0:1270           0.0.0.0:0              Bezig met luisteren
  TCP    0.0.0.0:1284           0.0.0.0:0              Bezig met luisteren
  TCP    0.0.0.0:1292           0.0.0.0:0              Bezig met luisteren
  TCP    0.0.0.0:1305           0.0.0.0:0              Bezig met luisteren
  TCP    0.0.0.0:1353           0.0.0.0:0              Bezig met luisteren
  TCP    0.0.0.0:1392           0.0.0.0:0              Bezig met luisteren
  TCP    0.0.0.0:1405           0.0.0.0:0              Bezig met luisteren
  TCP    0.0.0.0:1412           0.0.0.0:0              Bezig met luisteren
  TCP    0.0.0.0:1465           0.0.0.0:0              Bezig met luisteren
  TCP    0.0.0.0:1480           0.0.0.0:0              Bezig met luisteren
  TCP    0.0.0.0:1481           0.0.0.0:0              Bezig met luisteren
  TCP    0.0.0.0:1482           0.0.0.0:0              Bezig met luisteren
  TCP    0.0.0.0:1483           0.0.0.0:0              Bezig met luisteren
  TCP    0.0.0.0:1484           0.0.0.0:0              Bezig met luisteren
  TCP    0.0.0.0:5000           0.0.0.0:0              Bezig met luisteren
  TCP    0.0.0.0:5800           0.0.0.0:0              Bezig met luisteren
  TCP    0.0.0.0:5900           0.0.0.0:0              Bezig met luisteren
  TCP    192.168.0.170:139      0.0.0.0:0              Bezig met luisteren
  TCP    192.168.0.170:1043     192.168.0.1:2869       ESTABLISHED
  TCP    192.168.0.170:1068     207.46.106.28:1863     ESTABLISHED
  TCP    192.168.0.170:1087     208.173.208.153:80     CLOSE_WAIT
  TCP    192.168.0.170:1092     208.173.208.153:80     CLOSE_WAIT
  TCP    192.168.0.170:1093     207.46.108.37:1863     CLOSE_WAIT
  TCP    192.168.0.170:1094     207.46.108.22:1863     CLOSE_WAIT
  TCP    192.168.0.170:1095     213.239.164.114:80     ESTABLISHED
  TCP    192.168.0.170:1099     207.46.108.31:1863     CLOSE_WAIT
  TCP    192.168.0.170:1113     207.46.108.82:1863     CLOSE_WAIT
  TCP    192.168.0.170:1270     207.46.108.96:1863     CLOSE_WAIT
  TCP    192.168.0.170:1284     207.46.108.85:1863     CLOSE_WAIT
  TCP    192.168.0.170:1292     207.46.108.12:1863     CLOSE_WAIT
  TCP    192.168.0.170:1305     207.46.108.46:1863     CLOSE_WAIT
  TCP    192.168.0.170:1353     207.46.108.61:1863     CLOSE_WAIT
  TCP    192.168.0.170:1392     207.46.108.100:1863    CLOSE_WAIT
  TCP    192.168.0.170:1405     207.46.108.98:1863     CLOSE_WAIT
  TCP    192.168.0.170:1412     207.46.108.33:1863     CLOSE_WAIT
  TCP    192.168.0.170:1465     66.102.9.99:80         ESTABLISHED
  TCP    192.168.0.170:1470     212.79.243.136:80      TIME_WAIT
  TCP    192.168.0.170:1471     217.170.3.42:80        TIME_WAIT
  TCP    192.168.0.170:1472     64.246.38.140:80       TIME_WAIT
  TCP    192.168.0.170:1477     212.79.243.136:80      TIME_WAIT
  TCP    192.168.0.170:1478     217.170.3.42:80        TIME_WAIT
  TCP    192.168.0.170:1479     64.246.38.140:80       TIME_WAIT
  TCP    192.168.0.170:1480     212.78.206.150:80      CLOSE_WAIT
  TCP    192.168.0.170:1481     66.102.9.104:80        ESTABLISHED
  TCP    192.168.0.170:1482     66.102.9.104:80        ESTABLISHED
  TCP    192.168.0.170:1483     66.102.9.104:80        ESTABLISHED
  TCP    192.168.0.170:1484     66.102.9.104:80        ESTABLISHED
  TCP    192.168.0.170:5000     192.168.0.1:4609       ESTABLISHED
  TCP    192.168.0.170:5000     192.168.0.1:4610       ESTABLISHED
  TCP    192.168.0.170:13714    0.0.0.0:0              Bezig met luisteren
  UDP    0.0.0.0:135            *:*
  UDP    0.0.0.0:445            *:*
  UDP    0.0.0.0:500            *:*
  UDP    0.0.0.0:1028           *:*
  UDP    0.0.0.0:1033           *:*
  UDP    0.0.0.0:1048           *:*
  UDP    0.0.0.0:1081           *:*
  UDP    0.0.0.0:1086           *:*
  UDP    127.0.0.1:123          *:*
  UDP    127.0.0.1:1042         *:*
  UDP    127.0.0.1:1073         *:*
  UDP    127.0.0.1:1076         *:*
  UDP    127.0.0.1:1127         *:*
  UDP    127.0.0.1:1900         *:*
  UDP    192.168.0.170:9        *:*
  UDP    192.168.0.170:123      *:*
  UDP    192.168.0.170:137      *:*
  UDP    192.168.0.170:138      *:*
  UDP    192.168.0.170:1900     *:*
  UDP    192.168.0.170:11498    *:*
  UDP    192.168.0.170:12802    *:*
  UDP    192.168.0.170:31620    *:*

C:\Documents and Settings\Sjoerd>


All UDP ports only show "*:*" as the IP address and port, even if you specify the "-p UDP" parameter... Sad
_________________
[ Add autocomplete functionality to your VDS IDE windows! ]
Voor Nederlandse beginners met VDS: bekijk ook eens deze tutorial!
Back to top
View user's profile Send private message
jules
Professional Member
Professional Member


Joined: 14 Sep 2001
Posts: 1043
Location: Cumbria, UK
PostPosted: Thu Oct 21, 2004 3:43 pm    Post subject: Reply with quote
Um, I think this is probably because UDP is a connectionless protocol so all netstat can show is that something is listening for connections. The two things are only in contact for as long as it takes to send or receive the data. Whether or not netstat would show this if it happened to run at the right instant I don't know, but even if it did, chances are you would miss it.

There are utilities that can monitor this sort of thing but they do it by hooking into the TCP/IP stack I think. Take a look at TCPView on the ntinternals or sysinternals site. I think there is a command line version that might be useful to you.
_________________
The Tech Pro
www.tech-pro.net
Back to top
View user's profile Send private message Visit poster's website
Skit3000
Admin Team


Joined: 11 May 2002
Posts: 2166
Location: The Netherlands
PostPosted: Thu Oct 21, 2004 5:23 pm    Post subject: Reply with quote
Julian, I'm afraid that the TCPview program has the same problem as the netstat command. Sad
_________________
[ Add autocomplete functionality to your VDS IDE windows! ]
Voor Nederlandse beginners met VDS: bekijk ook eens deze tutorial!
Back to top
View user's profile Send private message
Display posts from previous:   
Post new topic   Reply to topic    forum.vdsworld.com Forum Index -> General Help All times are GMT
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You can attach files in this forum
You can download files in this forum

Twitter@vdsworld       RSS

Powered by phpBB © 2001, 2005 phpBB Group