Solved : Check without telnet if port is open on remote host - Linux

Earlier many system admins were using telnet to check if a port is open on remote machine. But, because of security concerns telnet is now not recommended to be installed on most linux boxes.
But hey we still need to check the remote port. This is part of normal troubleshooting in a linux admin’s life.
So, instead of using telnet you can use  nc.  netcat or nc is a  simple tool which is generally installed by default in linux distributions or you can install it with instructions below.
Ubuntu
$ sudo apt-get update$ sudo apt-get install netcat
Redhat or CentOS
yum install nc.x86_64
Amazon Linux
 sudo yum install nc
Once you are done with installation simply run it as below:-
nc -z 100.4.78.39 22

Connection to 100.4.78.39 22 port [tcp/ldaps] succeeded!

Here we can see that port 22 is open on remote server.
Tip :- If you want to check the same from windows machine, follow this post on How to check remote port status in windows without telnet.
nc is a swiss knife kind of tool. It comes with very useful options.  You can explore the below options also.
TagDescription
4Forces nc to use IPv4 addresses only.
6Forces nc to use IPv6 addresses only.
DEnable debugging on the socket.
dDo not attempt to read from stdin.
hPrints out nc help.
i interval
Specifies a delay time interval between lines of text sent and received. Also causes a delay time between connections to multiple ports.
kForces nc to stay listening for another connection after its current connection is completed. It is an error to use this option without the –l option.
lUsed to specify that nc should listen for an incoming connection rather than initiate a connection to a remote host. It is an error to use this option in conjunction with the –p , –s , or –z options. Additionally, any timeouts specified with the –w option are ignored.
nDo not do any DNS or service lookups on any specified addresses, hostnames or ports.
p source_port
Specifies the source port nc should use, subject to privilege restrictions and availability. It is an error to use this option in conjunction with the –l option.
rSpecifies that source and/or destination ports should be chosen randomly instead of sequentially within a range or in the order that the system assigns them.
SEnables the RFC 2385 TCP MD5 signature option.
s source_ip_address
Specifies the IP of the interface which is used to send the packets. It is an error to use this option in conjunction with the –l option.
T ToS
Specifies IP Type of Service (ToS) for the connection. Valid values are the tokens “lowdelay”, “throughput”, “reliability”, or an 8-bit hexadecimal value preceded by “0x”.
tCauses nc to send RFC 854 DON’T and WON’T responses to RFC 854 DO and WILL requests. This makes it possible to use nc to script telnet sessions.
USpecifies to use Unix Domain Sockets.
uUse UDP instead of the default option of TCP.
vHave nc give more verbose output.
w timeout
If a connection and stdin are idle for more than timeout seconds, then the connection is silently closed. The –w flag has no effect on the –l option, i.e. nc will listen forever for a connection, with or without the –w flag. The default is no timeout.
X proxy_version
Requests that nc should use the specified protocol when talking to the proxy server. Supported protocols are “4” (SOCKS v.4), “5” (SOCKS v.5) and “connect” (HTTPS proxy). If the protocol is not specified, SOCKS version 5 is used.
x proxy_address[: port]
Requests that nc should connect to hostname using a proxy at proxy_address and port. If port is not specified, the well-known port for the proxy protocol is used (1080 for SOCKS, 3128 for HTTPS).
zSpecifies that nc should just scan for listening daemons, without sending any data to them. It is an error to use this option in conjunction with the –l option.

No comments:

Post a Comment