A security analyst is reviewing network connectivity on a Linux workstation and examining the active TCP connections using the command line.
Which of the following commands would be the BEST to run to view only active Internet connections?
Click on the arrows to vote for the correct answer
A. B. C. D. E.B.
https://www.codegrepper.com/code-examples/shell/netstat+find+portThe command to use in this scenario would be Option E: sudo netstat -pnut | grep -P ^tcp
.
Here's a detailed explanation of each command and why Option E is the best choice:
Option A: sudo netstat -antu | grep LISTEN | awk {print$5}
This command displays all active TCP and UDP connections, filters for only those that are listening, and then prints the fifth column (which is the IP address and port number of the connected system). However, the question asks for active Internet connections, so this command would display all active connections, not just those to the Internet.
Option B: sudo netstat -nlt -p | grep ESTABLISHED
This command displays all active TCP connections, filters for only those that are in the ESTABLISHED state, and then prints the listening ports and associated processes. However, the question asks for active Internet connections, not just those in the ESTABLISHED state.
Option C: sudo netstat -plntu | grep -v Foreign Address
This command displays all active TCP and UDP connections, filters for only those that are not connected to a foreign address, and then prints the associated processes. However, the question asks for active Internet connections, not just those that are not connected to a foreign address.
Option D: sudo netstat -pnut -w | column -t -s $
\w This command displays all active TCP and UDP connections, prints the associated processes and ports, and then formats the output using the
column' command. However, the question asks for active Internet connections, not just all active connections.
Option E: sudo netstat -pnut | grep -P ^tcp
This command displays all active TCP connections, prints the associated processes and ports, and then filters for only those that are connected to the Internet (i.e., not to a local network address). This is the best option because it provides exactly what the question asks for: only active Internet connections.