Any longtime computer user might be familiarity with the (ab)use of the telnet command to check connections and open ports. It is certainly still the first program that pops in to my mind when I want to check a network adres or port. But telnet was removed from Windows a long time ago and should not be installed on any *nix system. Luckily there is a much older and beter program available.

Enter netcat

netcat is an old school Unix util that (just like whiskey) gets better with the years. It’s a great way to check open ports and troubleshoot connections

Netcat syntax

The netcat syntax is pretty straight forward:

nc OPTIONS TARGET PORT_RANGE 

Example:

$ nc -v google.com 80 
Connection to google.com port 80 [tcp/http] succeeded!

Netcat options

netcat has some options that are quite handy:

• -v & -vv give you a verbose and more verbose output. Hint, without a -v flag you will not see the succeeded message
• -u toggles from TCP to UDP
• -w n changes the wait time to n. So -w 1 will set a 1 second timeout
• -n gives you the option to scan a IP

How to use

Here a some examples of how to use nc:

Scanning a port on a host

$ nc -vv google.nl 80
Connection to google.com port 80 [tcp/http] succeeded!

Scanning a port range on a local host

$ nc -vv -n -z -w 1 10.1.1.1 50-60
nc: connectx to 10.1.1.1 port 50 (tcp) failed: Connection refused
nc: connectx to 10.1.1.1 port 51 (tcp) failed: Connection refused
nc: connectx to 10.1.1.1 port 52 (tcp) failed: Connection refused
Connection to 10.1.1.1 port 53 [tcp/*] succeeded!
nc: connectx to 10.1.1.1 port 54 (tcp) failed: Connection refused
nc: connectx to 10.1.1.1 port 55 (tcp) failed: Connection refused
nc: connectx to 10.1.1.1 port 56 (tcp) failed: Connection refused
nc: connectx to 10.1.1.1 port 57 (tcp) failed: Connection refused
nc: connectx to 10.1.1.1 port 58 (tcp) failed: Connection refused
nc: connectx to 10.1.1.1 port 59 (tcp) failed: Connection refused
nc: connectx to 10.1.1.1 port 60 (tcp) failed: Connection refused