Check Port details by nc command in Linux: Port Scanning, Talking to servers, Data Transfer, Client server Model

How to recover deleted files in Linux                              How to Run Unix commands on Windows     

Nc command is different as compared to netstat command. It comes under the netcat utility. It is helpful to open TCP connections, send UDP packets, listen on arbitrary TCP and UDP ports, scanning of ports and it deals with IPv4 and IPv6 as well.

Common uses of this command includes as :

·         To check simple TCP proxies

·         Use it in shell-script based HTTP clients and servers

·         For network daemon testing

·         For a SOCKETS or HTTP ProxyCommand

Practical Uses

There are different practical usages of this command as follows.

1.       Open a TCP connection to port 42 of my.home.org, using port 31447 as the source port, with a timeout of 5 seconds:

$ nc -p 31447 -w 5 my.home.org 42

2.       Open a UDP connection to port 53 of my.home.org

                                        $ nc -u my.home.org 53

3.       Open a TCP Connection to port 42 of my.home.org using 10.1.2.3 as the IP for local end of the connection:

$nc –s   10.1.2.3 my.home.org 42

4.       Connect to port 42 of my.home.org via an HTTP proxy at 10.2.3.4 port 8080.

$ nc -x10.2.3.4:8080 -Xconnectmy.home.org 42

5.       The same example again, this time enabling proxy authentication with username user1

                                        $ nc -x10.2.3.4:8080 -Xconnect –Puser1my.home.org 42

 Other uses of nc command as follows:

PORT SCANNING

     It is useful to check which ports are open and which services are running on a target machine.  The -z flag can be used to tell nccommand to report open ports, rather than initiate a connection.  For example:

           $ nc -z host.example.com 20-30

Connection to host.example.com 22 port [tcp/ssh] succeeded!

Connection to host.example.com 25 port [tcp/smtp] succeeded!

In case of Ubuntu machine you need to specify protocol like for TCS use –t option, for UDP use –u option as follows:

root@hello:~# nc -t my.home.org 20-30

SSH-2.0-OpenSSH_5.1p1 Debian-5ubuntu1

Click here to know more about : How to install windows softwares on Linux

20-30 means port range which we wanted to scan. It might be useful to know which server software is running and which versions. This information is often contained in greeting banners. In order to retrieve these, it is necessary to first make connection, and then break the connection when the banner has been retrieved. This can be accomplished by specifying a small timeout with –w flag or by issuing a “QUIT” command to the server.

TALKING TO SERVER

It is useful to talk to servers for what data a server is sending in response to commands issued by the client.  For example, to retrieve the home page of a web site:

   $ echo -n "GET / HTTP/1.0\r\n\r\n" | nc host.example.com 80

Note that this also displays the headers sent by the web server.  They can be filtered. More complicated examples can be built up when the user knows the format of requests required by the server.  As another example, an email may be submitted to

 A SMTP server using:

           $ nc [-C] localhost 25 << EOF

           HELO host.example.com

           MAIL FROM:<user@host.example.com>

           RCPT TO:<user2@host.example.com>

           DATA

Body of email.

           .

           QUIT

           EOF

DATA TRANSFER

The example in the previous section can be expanded to build a basic data transfer model.  Any information input into one end of the connection will be output to the other end. Input and output can be easily captured in order to emulate file transfer.

We can use nc command to listen on a specific port and capture output into a file :

$ nc –l 1234 >nccommand.out

Now, use second machine and try to connect to listening nc process feeding it the file which is to be transferred.

$nc my.home.org 1234 < nccommand.in

After the command execution complete i.e. file transfer process completes, connection will close automatically.

CLIENT/SERVR MODEL

It is very easy to create client/server model using nc command. There are some steps as follows:

Step 1: On one console, start nc command to listen on a specific port for a connection. e.g.

$ nc –l 1235

Nc command is now listening on port 1235 for a connection.

Step 2: On a second console (or second machine) connect to the machine and port being listened on :

$ nc 127.0.0.1 1235                                           (Here we used second Console)

Now, there is connection is present between the ports. Anything typed at the second console will be concatenated to the first and vice versa. We can terminate this connection using an EOF character. After the connection establishment, nc command doesn’t take care of which machine is working as server or which machine is working as client.

vmstat command To check CPU performance                    Commands to check CPU usage