The nc (netcat) command in Linux: Swiss army knife of networks

Posted on by BlockmyIP | Category: Linux terminal commands

Introduction

In the world of system administration and computer security, having lightweight, multi-purpose tools can make the difference between solving a problem quickly or wasting hours on complex configurations. Netcat, abbreviated as nc, is precisely that Swiss army knife of networking that allows creating TCP and UDP connections, transferring files, scanning ports, and much more, all from the command line.

What is netcat?

Netcat is an open-source utility that works on practically any Linux distribution and also on Unix-like systems. Its minimalist design allows it to read and write data over network connections without needing complex protocols. Although its origins date back to the 1990s, it remains relevant thanks to its flexibility and the wide variety of uses it can have for administrators, developers, and security professionals.

Basic Installation

In most modern distributions, netcat comes pre-installed or is available in the official repositories. For example, on Debian/Ubuntu it can be installed with:

sudo apt-get update && sudo apt-get install netcat-openbsd

On Red Hat/CentOS the package is usually called nc and is installed with:

sudo yum install nc

Verifying the installation is as simple as running nc -h to display the help.

Operating Modes

Netcat can work as a client or as a server, opening up a range of possibilities.

  • Client mode: Used to connect to an existing service. For example, nc example.com 80 opens a TCP connection to port 80 on the specified host.
  • Server mode (listening): With the -l option, netcat listens on a specified port, waiting for incoming connections. This is useful for creating temporary services or debugging applications.

Practical Examples

Below are some use cases that illustrate the power of netcat.

  • File transfer: On the server, run nc -l -p 9000 > archivo_recibido. On the client, nc host_server 9000 < archivo_a_enviar. This sends the file's contents over the connection.
  • Simple port scanning: With a bash loop you can test several ports: for port in {1..1024}; do nc -zv -w1 host $port; done. The -z option indicates scan mode and -v

    This post is also available in ESPAÑOL.

Leave a Reply

Your email address will not be published. Required fields are marked *

Esta obra está bajo una Licencia Creative Commons Atribución 4.0 Internacional para Francesc Roig francesc@vivaldi.net .