Angelo
I am Angelo. A systems engineer passionate about Linux and all open-source software. Although here I'm just another member of the family.

Ncat Linux command

Hello friends. Knowing the Linux terminal and its commands is a basic task of any sysadmin or DevOps. Therefore it is always good from time to time to know new commands and their utilities. This will allow us to have new functions that can solve a problem at any time. So, in this post, you will learn about the ncat command.

Introducing to the ncat command

According to the man‘s description of ncat we have the following

Ncat is a feature-packed networking utility that reads and writes data across networks from the command line.

Initially, Ncat was written for the Nmap Project and is the culmination of the currently splintered family of Netcat incarnations. It is now a tool that adds many functions and is not necessarily tied to Nmap.

For many Sysadmins, it is such a full-featured network utility that it reads and writes data across networks, i.e. a real Swiss Army Knife.

With Ncat we can among many other things:

  • Chain ncats.
  • TCP, UDP, and SCTP port forwarding to other sites.
  • Proxy connections via SOCKS4 or HTTP proxies.
  • Port scanning.
  • Verification of connection to hosts via ports.

All this, providing SSL support for greater security in the transmitted data.

So, we can use Ncat for many things like network monitoring and some port monitoring. This then allows us to detect some network problems and fix them. It can also be used to audit the security of systems, web servers, mail servers, among others.

So, let’s go for it.

Install the Ncat command

Before using the command, we have to install it on the system.

In the case of Debian, Ubuntu, and some derivatives, it is usually installed by default, but you can make sure of this by running

sudo apt update
sudo apt install ncat

On RHEL 7, CentOS 7 and derivatives

sudo yum install nmap-ncat

If you’re using RHEL 8, CentOS 8, AlmaLinux 8, RockyLinux 8

sudo dnf install nmap-ncat

This way you already have the package installed and can use the command.

Using the Ncat command

The command has many uses so let’s give you some useful examples of how to use it.

Knowing if a port is in use

To find out if a port is in use on the host, we can use the following syntax

ncat -l [host] [port]

Where in the host field we can specify either the IP address of the server or directly the domain name.

This way we can find out which ports are running on the host quickly.

Another way to do this is as follows

ncat -vz [host] [port]

In this case, a test will be done and if the port is active, then the connection to it will be closed. This method is a bit more efficient.

Make a remote connection to a host

Similar to Telnet we can connect remotely to a host by specifying a port. To do this we must follow this syntax

ncat -v [host] [port]

For example

ncat -v example.com 443

In this case, a remote connection will be made to the host on that port. And you will get an output screen similar to this one

Ncat: Connected to x.x.x.x.x:443

This indicates that the command worked correctly.

Making connections with the UDP protocol.

By default, Ncat uses TCP to make test connections. But it is possible to specify another protocol such as UDP. To do so, just use the -u option like this

ncat -l -u 161

Where in this case you will examine if your computer has the 161 port UDP open.

Also, you can specify a host to do the check remotely.

ncat -v -u [host] [port]

Copy files remotely

Although for this case we have more specialized tools like scp or sftp we can also use Ncat for this although it is somewhat less likely.

First, you have to connect to the host and stream the file to it.

ncat -l 80 > file.txt

And now on the machine that will be sending the file run

ncat [host] --send-only < data.txt

The file data.txt refers to the file you want to send. The above command will send it and close the connection to the host.

Port forwarding with Ncat

To forward ports using this tool, you can follow this syntax.

ncat -u -l [port1] -c 'ncat -u -l [port2]'

In this simple way, you can redirect all traffic from [port1] to [port2].

Conclusion

So you can use the Ncat command in a basic way but again there are many different options you can use,

So, you can consult the Ncat website and documentation to learn a lot more.

LEAVE A REPLY

Please enter your comment!
Please enter your name here

Latest articles

x