Netcat - The TCP/IP Swiss Army Knife


Netcat is a simple and versatile Unix utility which reads and writes data across network connections, using TCP or UDP protocol. It is designed to be a reliable "back-end" tool that can be used directly or easily driven by other programs and scripts. At the same time, it is a feature-rich network debugging and exploration tool, since it can create almost any kind of connection you would need and has several interesting built-in capabilities.

In the simplest usage, "nc host port" creates a TCP connection to the given port on the given target host. Your standard input is then sent to the host, and anything that comes back across the connection is sent to your standard output. This continues indefinitely until the network side of the connection shuts down. Note that this behavior is different from most other applications which shut everything down and exit after an end-of-file on the standard input.

Netcat can also function as a server, by listening for inbound connections on arbitrary ports and then doing the same reading and writing. With minor limitations, Netcat doesn't really care if it runs in "client" or "server" mode -- it still shovels data back and forth until there isn't any more left. In either mode, shutdown can be forced after a configurable time of inactivity on the network side.

And it can do this via UDP too, so Netcat is possibly the "UDP telnet-like" application you always wanted for testing your UDP-mode servers. UDP, as the "U" implies, gives less reliable data transmission than TCP connections and some systems may have trouble sending large amounts of data that way, but it's still a useful capability to have.

Why not just use Telnet to connect to arbitrary ports?

There are many reasons: Telnet has the "standard input EOF" problem, so one must introduce calculated delays in driving scripts to allow network output to finish.  This is the main reason Netcat stays running until the network side closes. 

Telnet also will not transfer arbitrary binary data, because certain characters are interpreted as telnet options and are thus removed from the data stream.  

Telnet also emits some of its diagnostic messages to standard output, where Netcat keeps such things religiously separated from its output and will never modify any of the real data in transit unless you really want it to.

And of course, telnet is incapable of listening for inbound connections or using UDP instead. Netcat doesn't have any of these limitations, is much smaller and faster than telnet, and has many other advantages.

Here are some of Netcat's major features:

  • Outbound or inbound connections, TCP or UDP, to or from any ports
  • Full DNS forward/reverse checking, with appropriate warnings
  • Ability to use any local source port
  • Ability to use any locally-configured network source address
  • Built-in port-scanning capabilities, with randomizer
  • Built-in loose source routing capability
  • Can read command line arguments from standard input
  • Slow-send mode, one line every N seconds
  • Hex dump of transmitted and received data
  • Optional ability to let another program service established connections
  • Optional telnet-options responder

Netcat - The TCP/IP Swiss Army Knife Netcat - The TCP/IP Swiss Army Knife Reviewed by Anonymous on 7:02 AM Rating: 5