Solved : Check without telnet if port is open on remote host – Linux

Earlier many system admins were using telnet to check if a port is open on remote machine. But, because of security concerns telnet is now not recommended to be installed on most linux boxes.

But hey we still need to check the remote port. This is part of normal troubleshooting in a linux admin’s life.

So, instead of using telnet you can use  nc.  netcat or nc is a  simple tool which is generally installed by default in linux distributions or you can install it with instructions below.


$ sudo apt-get update

$ sudo apt-get install netcat

Redhat or CentOS

yum install nc.x86_64

Once you are done with installation simply run it as below:-

nc -z 22
Connection to 22 port [tcp/ldaps] succeeded!

Here we can see that port 22 is open on remote server.

Tip :- If you want to check the same from windows machine, follow this post on How to check remote port status in windows without telnet.

nc is a swiss knife kind of tool. It comes with very useful options.  You can explore the below options also.


Tag Description
4 Forces nc to use IPv4 addresses only.
6 Forces nc to use IPv6 addresses only.
D Enable debugging on the socket.
d Do not attempt to read from stdin.
h Prints out nc help.
i interval
Specifies a delay time interval between lines of text sent and received. Also causes a delay time between connections to multiple ports.
k Forces nc to stay listening for another connection after its current connection is completed. It is an error to use this option without the –l option.
l Used to specify that nc should listen for an incoming connection rather than initiate a connection to a remote host. It is an error to use this option in conjunction with the –p , –s , or –z options. Additionally, any timeouts specified with the –w option are ignored.
n Do not do any DNS or service lookups on any specified addresses, hostnames or ports.
p source_port
Specifies the source port nc should use, subject to privilege restrictions and availability. It is an error to use this option in conjunction with the –l option.
r Specifies that source and/or destination ports should be chosen randomly instead of sequentially within a range or in the order that the system assigns them.
S Enables the RFC 2385 TCP MD5 signature option.
s source_ip_address
Specifies the IP of the interface which is used to send the packets. It is an error to use this option in conjunction with the –l option.
Specifies IP Type of Service (ToS) for the connection. Valid values are the tokens “lowdelay”, “throughput”, “reliability”, or an 8-bit hexadecimal value preceded by “0x”.
t Causes nc to send RFC 854 DON’T and WON’T responses to RFC 854 DO and WILL requests. This makes it possible to use nc to script telnet sessions.
U Specifies to use Unix Domain Sockets.
u Use UDP instead of the default option of TCP.
v Have nc give more verbose output.
w timeout
If a connection and stdin are idle for more than timeout seconds, then the connection is silently closed. The –w flag has no effect on the –l option, i.e. nc will listen forever for a connection, with or without the –w flag. The default is no timeout.
X proxy_version
Requests that nc should use the specified protocol when talking to the proxy server. Supported protocols are “4” (SOCKS v.4), “5” (SOCKS v.5) and “connect” (HTTPS proxy). If the protocol is not specified, SOCKS version 5 is used.
x proxy_address[: port]
Requests that nc should connect to hostname using a proxy at proxy_address and port. If port is not specified, the well-known port for the proxy protocol is used (1080 for SOCKS, 3128 for HTTPS).
z Specifies that nc should just scan for listening daemons, without sending any data to them. It is an error to use this option in conjunction with the –l option.



Leave a Reply

Your email address will not be published. Required fields are marked *