Connections_information

Mihai Varzaru

Connections are a communication link between 2 endpoints on the internet/network. Each endpoint is on a computer that is connected to the internet/network. One of the computers is your own computer, the other is the server you are connecting to. The endpoint is uniquely defined by the protocol, IP address and port. The connection is uniquely defined by the protocol, local IP address, local port, remote IP address and remote port. On each port there is an application/service that listens in order to receive data. See sockets for more details.

Netactview is mainly concerned to show you the relevant connections information. So you have a list of connections with specific networking information columns. The columns are:

  • Protocol: shows the internet protocol used by the connection. The possible values are tcp (IPv4 TCP), udp (IPv4 UDP), tcp6 (IPv6 TCP), udp6 (IPv6 UDP).
  • Local Host: shows the name of the computer you are connecting from. Your computer may have an internet visible name. See DNS for details.
  • Local Address: shows the IP address of the computer you are connecting from. If you have more than one network card/interface you will have an IP address for each network card/interface you have.
  • Local Port: shows the port number the connecting application listens on/sends from the current computer.
  • State: shows the TCP state of the connection. Active TCP connections are usually in the ESTABLISHED state.
  • Remote Address: shows the IP address of the computer/server you are connecting to. Many web sites have multiple IP addresses.
  • Remote Port: shows the port number the connecting application is connecting to on the server. On specific ports usually there are standard applications/services. Websites you navigate usually respond on port 80 (http). Bank websites use the secure port 443 (https). You can look at a complete list of standard ports on wikipedia.
  • Remote Host: shows the internet name of the computer/server you are connecting to. See DNS for details. This name is related with the name of the websites you are navigating on but usually not exactly the same. Sometimes the remote host name does not have anything in common with the name of the website you are visiting. Whois can be used to get details on a specific host.
  • Pid: shows the process ID for the application that is using that connection on your computer. This is used to uniquely identify instances of applications you start. If you start an application multiple times you may have more processes for that application.
  • Program: shows the name of the process/application as known by the operating system. This is usually the public application name. There are exceptions like 'Net Activity Viewer' has the program name 'netactview'.
  • Command: shows the command used to start the application that started the connection.

Related

Wiki: Main_Page