Netstat is a wonderful Linux command to peak into networking processes on your server. Combined with other commands such as sort netstat can become extremely useful for understanding who’s connected to what processes and what they’re doing.
Number of Port 80 Connections
netstat -n | grep :80 |wc -l
259
Number of Connections by IP Address in Descending Order
netstat -anp |grep 'tcp\|udp' | awk '{print $5}' | cut -d: -f1 | sort | uniq -c | sort -nr
64 23.253.56.21 11 107.23.76.201 6 74.83.8.214 5 13.107.5.80 4 66.87.125.49 4 24.49.184.15 4 184.254.156.18 3 70.208.205.56 3 174.101.206.113 2 96.242.146.70 2 76.202.133.28 2 75.105.186.57 2 68.132.30.195 2 66.87.138.197 2 50.31.164.145 2 209.105.151.84 2 173.44.71.67 2 107.77.109.123 2 107.5.130.2 2 100.37.15.79 2 0.0.0.0 1 96.43.72.218 1 76.218.241.93 1 76.174.156.190 1 73.49.142.75 1 73.253.205.65 1 72.198.35.92 1 71.85.157.198 1 71.0.17.172 1 70.195.205.98 1 70.191.181.246 1 70.181.60.102 1 69.136.244.252 1 68.73.96.36 1 68.3.221.231 1 67.216.137.209 1 67.177.70.19 1 67.0.111.170 1 66.87.80.46 1 66.87.76.141 1 66.87.124.249 1 66.87.114.158 1 66.87.100.21 1 66.67.50.70 1 66.102.7.4 1 54.251.34.67 1 50.31.164.148 1 50.25.201.148 1 50.167.176.117 1 50.112.95.211 1 47.18.197.240 1 47.152.148.35 1 45.18.199.57 1 40.132.250.62 1 24.97.36.2 1 24.146.131.179 1 216.0.200.148 1 200.107.237.206 1 184.4.188.231 1 174.204.1.26 1 174.193.2.15 1 174.193.153.161 1 174.192.4.232 1 172.58.225.199 1 172.56.4.5 1 172.56.34.241 1 172.56.29.17 1 172.12.114.192 1 166.182.81.2 1 166.182.80.171 1 166.137.90.50 1 166.137.246.62 1 166.137.246.112 1 166.137.240.23 1 166.137.118.108 1 146.135.30.62 1 108.6.241.42 1 108.198.121.92 1 107.77.70.18 1 107.77.70.113 1 107.72.164.81 1 107.202.29.116 1 107.141.66.118 1 104.3.6.78