Netcat is a classic Unix tool that allows you to check open TCP and UDP ports on a remote computer. The netcat tool can be used on both Linux and Windows.
Installing netcat:
- On CentOS/RHEL:
sudo yum install nc
- On Debian/Ubuntu:
sudo apt update sudo apt install netcat
- On Windows: a ported version of netcat for Windows can be downloaded here (https://eternallybored.org/misc/netcat/)
Below are some examples of using netcat to test network connectivity and open ports.
Checking TCP port 53 on a remote computer:
nc -zv 192.168.13.10 53
[192.168.13.10] 53 (domain) open
In this example, TCP port 53 (DNS) is open.
–z – to scan the remote service port without actually sending data;
-v – enables verbose mode;
-n – allows you to skip DNS lookups (port scanning will be faster).
You can scan multiple ports using a single command:
nc -nzv 192.168.13.10 445 3389 25
Or run a port range scan:
nc -nzv 192.168.13.10 20-30
The command will return a list of open ports in the specified range.
You can also check UDP ports. For example, let’s check if UDP port 139 (NETBIOS Session Service) is open:
nc -uv 192.168.13.10 139
In both cases, the command returned that the specified port is open.
If the port is closed, netcat will return:
[192.168.13.12] 25 (smtp) : Connection refused.
Note that netcat returns the name of the remote service if one of the standard TCP/UDP port numbers is used.
The netcat tool also allows you to start listening on a specific port on your computer. The command used is:
nc -l 5000
In this mode, everything that comes to this port is output to the console.