Several tools are discussed in other modules for troubleshooting network
problems, such as ping, ipconfig, and
winipcfg. Some additional tools useful for gathering TCP
and NetBIOS information are:
netstat is a command line utility that displays
information on protocol statistics and current TCP/IP network connections.
netstat supports IP, IPv6, ICMP, ICMPv6, TCP, TCPv6, UDP,
and UDPv6, and can be used to display information for:
- All connections and listening ports running on the host
- Ethernet (Layer 2) statistics for the host, such as numbers of bytes,
packets, and errors received and sent for the host.
- Port and address information for connections to and from the host
- Which connections the host initiated
- Per-protocol connection information
- Per-protocol statistics
- Routing table entries
netstat can also be configured to re-query and
re-display information at a configured interval. By configuring
netstat to re-query at intervals and directing this output
to a text file, netstat can be used to build a profile of
the behavior of the host TCP/IP transport layer operations over time.

nbtstat is a command line utility that displays
information on protocol statistics and current NetBIOS connections running over
TCP/IP. Unlike netstat, nbtstat is also able to interrogate
remote machines for connection information.
Recall that NetBIOS uses a
flat namespace, and that accurate NetBIOS name-to-IP address mapping is
important for correct operation of a NetBIOS-based network. The functions of
nbtstat are centered around reporting on and resetting the
information in name tables on local machines, remote machines, and central
NetBIOS name servers.
