netcat, usually abbreviated in
nc, is a network tool able to reads and writes data across network connections using TCP or UDP protocol. It’s a feature-rich tool, that every admin should know.
Check TCP port
nc -zv 192.168.0.10 80 Connection to 192.168.0.10 80 port [tcp/http] succeeded!
Check UDP port
nc -zuv 192.168.0.10 123 Connection to 192.168.0.10 123 port [udp/ntp] succeeded!
Not that contrary to
UDP is a connectionless protocol. In theory if an
UDP port is formally “closed” (for example via an iptables
REJECT rule) the destination host should respond with an ICMP
Port unreachable packet. But a lot of firewall simply silently drop the message, resulting in a wrong ‘succeed’ result.
Scan a range of ports
To find all the open ports in a given range:
nc -zv 192.168.0.10 1-500 2>&1 | grep succeeded Connection to 192.168.0.10 21 port [tcp/ftp] succeeded! Connection to 192.168.0.10 22 port [tcp/ssh] succeeded! Connection to 192.168.0.10 80 port [tcp/http] succeeded!
To run a pseudo-server on a given port
nc -l -p 3873