netcat, usually abbreviated in nc, is a network tool able to reads and writes data across network connections using TCP or UDP protocol. It’s a feature-rich tool, that every admin should know.
Check TCP port
nc -zv 192.168.0.10 80
Connection to 192.168.0.10 80 port [tcp/http] succeeded!
Check UDP port
nc -zuv 192.168.0.10 123
Connection to 192.168.0.10 123 port [udp/ntp] succeeded!
Not that contrary to TCP, UDP is a connectionless protocol. In theory if an UDP port is formally “closed” (for example via an iptables REJECT rule) the destination host should respond with an ICMP Port unreachable packet. But a lot of firewall simply silently drop the message, resulting in a wrong ‘succeed’ result.
Scan a range of ports
To find all the open ports in a given range:
nc -zv 192.168.0.10 1-500 2>&1 | grep succeeded
Connection to 192.168.0.10 21 port [tcp/ftp] succeeded!
Connection to 192.168.0.10 22 port [tcp/ssh] succeeded!
Connection to 192.168.0.10 80 port [tcp/http] succeeded!
To run a pseudo-server on a given port
nc -l -p 3873