Netcat is a Linux tool which can be used for variety of purposes like checking remote ports, listening on certain ports for incoming connections etc. Today there are many open source network tools available in systems on Linux to diagnose the network, netcat is one of them.
This tool is cross-platform, and it is available for Linux, macOS, Windows, and BSD.
In this article we will only see how to install Netcat on CentOS 7/8. This tool is not installed by default so we will install it manually.
Install netcat on CentOS7/8 :
You must first update your system with the command below ( yum or with dnf for centos 8) :
[root@server ~]# yum update -y . . . Total download size: 91 M Downloading packages: No Presto metadata available for updates (1/29): device-mapper-event-libs-1.02.170-6.el7_9.5.x86_64.rpm | 192 kB 00:00:00 (2/29): device-mapper-event-1.02.170-6.el7_9.5.x86_64.rpm | 192 kB 00:00:02 (3/29): dhclient-4.2.5-83.el7.centos.1.x86_64.rpm | 286 kB 00:00:03 (4/29): device-mapper-libs-1.02.170-6.el7_9.5.x86_64.rpm | 325 kB 00:00:04 (5/29): device-mapper-1.02.170-6.el7_9.5.x86_64.rpm | 297 kB 00:00:04 (6/29): dhcp-common-4.2.5-83.el7.centos.1.x86_64.rpm | 177 kB 00:00:01 (7/29): firewalld-filesystem-0.6.3-13.el7_9.noarch.rpm | 51 kB 00:00:00 (8/29): dhcp-libs-4.2.5-83.el7.centos.1.x86_64.rpm | 133 kB 00:00:01 (9/29): bind-export-libs-9.11.4-26.P2.el7_9.7.x86_64.rpm | 1.1 MB 00:00:05 (10/29): firewalld-0.6.3-13.el7_9.noarch.rpm | 449 kB 00:00:07 (11/29): kexec-tools-2.0.15-51.el7_9.3.x86_64.rpm | 351 kB 00:00:05 (12/29): kpartx-0.4.9-135.el7_9.x86_64.rpm | 81 kB 00:00:01 (13/29): glib2-2.56.1-9.el7_9.x86_64.rpm | 2.5 MB 00:00:24 (14/29): lvm2-2.02.187-6.el7_9.5.x86_64.rpm | 1.3 MB 00:00:14 (15/29): kernel-tools-3.10.0-1160.42.2.el7.x86_64.rpm | 8.1 MB 00:00:45 (16/29): nss-3.53.1-7.el7_9.x86_64.rpm | 869 kB 00:00:04 (17/29): nss-sysinit-3.53.1-7.el7_9.x86_64.rpm | 66 kB 00:00:02 (18/29): nss-tools-3.53.1-7.el7_9.x86_64.rpm
Install ncat package :
Once your system is updated, we can install netcat, « nmap-ncat » is the package’s name :
You can make sure the name with the command below :
[root@server ~]# yum search nmap-ncat Loaded plugins: fastestmirror Loading mirror speeds from cached hostfile * base: mirror.marwan.ma * extras: mirror.marwan.ma * updates: mirror.marwan.ma =================================================================== N/S matched: nmap-ncat =================================================================== nmap-ncat.x86_64 : Nmap's Netcat replacement Name and summary matches only, use "search all" for everything.
Then install the package :
[root@server ~]# yum install nmap-ncat Loaded plugins: fastestmirror Loading mirror speeds from cached hostfile * base: mirror.mwan.ma * extras: mirror.mwan.ma * updates: mirror.mwan.ma Resolving Dependencies --> Running transaction check ---> Package nmap-ncat.x86_64 2:6.40-19.el7 will be installed --> Processing Dependency: libpcap.so.1()(64bit) for package: 2:nmap-ncat-6.40-19.el7.x86_64 --> Running transaction check ---> Package libpcap.x86_64 14:1.5.3-12.el7 will be installed --> Finished Dependency Resolution Dependencies Resolved ============================================================================================================================================================== Package Arch Version Repository Size ============================================================================================================================================================== Installing: nmap-ncat x86_64 2:6.40-19.el7 base 206 k Installing for dependencies: libpcap x86_64 14:1.5.3-12.el7 base 139 k Transaction Summary ============================================================================================================================================================== Install 1 Package (+1 Dependent package) Total download size: 345 k Installed size: 740 k Is this ok [y/d/N]:
You can verify if the package is installed correctly :
[root@server ~]# rpm -qa | grep -i nmap-ncat nmap-ncat-6.40-19.el7.x86_64
Use this command to verify the version’s package installed :
[root@server ~]# nc --version Ncat: Version 7.50 ( https://nmap.org/ncat )
In my case it’s the version 7.5.
Test :
Scanning ports is one of the most common uses for Netcat. You can scan a single port or a port range.
For example, to scan the port 80 for 192.168.139.133 :
[root@server~]# nc -vz 192.168.139.133 80 Ncat: Version 7.50 ( https://nmap.org/ncat ) Ncat: Connected to 192.168.139.133:80. Ncat: 0 bytes sent, 0 bytes received in 0.07 seconds.
[root@server ~]# nc -z -v sysreseau.net 443
Ncat: Version 7.50 ( https://nmap.org/ncat )
Ncat: Connected to 104.219.248.89:443.
Ncat: 0 bytes sent, 0 bytes received in 0.36 seconds.
And check the port 443 of google :
[root@server ~]# nc -z -v sysreseau.net 443
Ncat: Version 7.50 ( https://nmap.org/ncat )
Ncat: Connected to 104.219.248.89:443.
Ncat: 0 bytes sent, 0 bytes received in 0.36 seconds.
You can check other options that can be used with nc using -h option :
[root@server ~]# nc -h
Ncat 7.50 ( https://nmap.org/ncat )
Usage: ncat [options] [hostname] [port]
Options taking a time assume seconds. Append 'ms' for milliseconds,
's' for seconds, 'm' for minutes, or 'h' for hours (e.g. 500ms).
-4 Use IPv4 only
-6 Use IPv6 only
-U, --unixsock Use Unix domain sockets only
-C, --crlf Use CRLF for EOL sequence
-c, --sh-exec <command> Executes the given command via /bin/sh
-e, --exec <command> Executes the given command
--lua-exec <filename> Executes the given Lua script
-g hop1[,hop2,...] Loose source routing hop points (8 max)
-G <n> Loose source routing hop pointer (4, 8, 12, ...)
-m, --max-conns <n> Maximum <n> simultaneous connections
-h, --help Display this help screen
-d, --delay <time> Wait between read/writes
-o, --output <filename> Dump session data to a file
-x, --hex-dump <filename> Dump session data as hex to a file
-i, --idle-timeout <time> Idle read/write timeout
-p, --source-port port Specify source port to use
-s, --source addr Specify source address to use (doesn't affect -l)
-l, --listen Bind and listen for incoming connections
-k, --keep-open Accept multiple connections in listen mode
-n, --nodns Do not resolve hostnames via DNS
-t, --telnet Answer Telnet negotiations
-u, --udp Use UDP instead of default TCP
--sctp Use SCTP instead of default TCP
-v, --verbose Set verbosity level (can be used several times)
-w, --wait <time> Connect timeout
-z Zero-I/O mode, report connection status only
Protocole du routage
nmap : les 12 commandes que vous devez connaître
Netstat : Les 14 commandes les plus utilisées
Le montage sous linux
Fail2Ban : How to protect Linux services