netcat

How to install netcat in Centos 7/8

Netcat is a Linux tool which can be used for variety of purposes like checking remote ports, listening on certain ports for incoming connections etc. Today there are many open source network tools available in systems on Linux to diagnose the network, netcat is one of them.

This tool is cross-platform, and it is available for Linux, macOS, Windows, and BSD.

In this article we will only see how to install Netcat on CentOS 7/8. This tool is not installed by default so we will install it manually.

Install netcat on CentOS7/8 :

You must first update your system with the command below ( yum or with dnf for centos 8) :

[root@server ~]# yum update -y
.
.
.
Total download size: 91 M
Downloading packages:
No Presto metadata available for updates
(1/29): device-mapper-event-libs-1.02.170-6.el7_9.5.x86_64.rpm                                                                         | 192 kB  00:00:00
(2/29): device-mapper-event-1.02.170-6.el7_9.5.x86_64.rpm                                                                              | 192 kB  00:00:02
(3/29): dhclient-4.2.5-83.el7.centos.1.x86_64.rpm                                                                                      | 286 kB  00:00:03
(4/29): device-mapper-libs-1.02.170-6.el7_9.5.x86_64.rpm                                                                               | 325 kB  00:00:04
(5/29): device-mapper-1.02.170-6.el7_9.5.x86_64.rpm                                                                                    | 297 kB  00:00:04
(6/29): dhcp-common-4.2.5-83.el7.centos.1.x86_64.rpm                                                                                   | 177 kB  00:00:01
(7/29): firewalld-filesystem-0.6.3-13.el7_9.noarch.rpm                                                                                 |  51 kB  00:00:00
(8/29): dhcp-libs-4.2.5-83.el7.centos.1.x86_64.rpm                                                                                     | 133 kB  00:00:01
(9/29): bind-export-libs-9.11.4-26.P2.el7_9.7.x86_64.rpm                                                                               | 1.1 MB  00:00:05
(10/29): firewalld-0.6.3-13.el7_9.noarch.rpm                                                                                           | 449 kB  00:00:07
(11/29): kexec-tools-2.0.15-51.el7_9.3.x86_64.rpm                                                                                      | 351 kB  00:00:05
(12/29): kpartx-0.4.9-135.el7_9.x86_64.rpm                                                                                             |  81 kB  00:00:01
(13/29): glib2-2.56.1-9.el7_9.x86_64.rpm                                                                                               | 2.5 MB  00:00:24
(14/29): lvm2-2.02.187-6.el7_9.5.x86_64.rpm                                                                                            | 1.3 MB  00:00:14
(15/29): kernel-tools-3.10.0-1160.42.2.el7.x86_64.rpm                                                                                  | 8.1 MB  00:00:45
(16/29): nss-3.53.1-7.el7_9.x86_64.rpm                                                                                                 | 869 kB  00:00:04
(17/29): nss-sysinit-3.53.1-7.el7_9.x86_64.rpm                                                                                         |  66 kB  00:00:02
(18/29): nss-tools-3.53.1-7.el7_9.x86_64.rpm          

Install ncat package :

Once your system is updated, we can install netcat, « nmap-ncat » is the package’s name :

You can make sure the name with the command below :

[root@server ~]# yum search nmap-ncat
Loaded plugins: fastestmirror
Loading mirror speeds from cached hostfile
 * base: mirror.marwan.ma
 * extras: mirror.marwan.ma
 * updates: mirror.marwan.ma
=================================================================== N/S matched: nmap-ncat ===================================================================
nmap-ncat.x86_64 : Nmap's Netcat replacement

  Name and summary matches only, use "search all" for everything.

Then install the package :

[root@server ~]# yum install nmap-ncat
Loaded plugins: fastestmirror
Loading mirror speeds from cached hostfile
 * base: mirror.mwan.ma
 * extras: mirror.mwan.ma
 * updates: mirror.mwan.ma
Resolving Dependencies
--> Running transaction check
---> Package nmap-ncat.x86_64 2:6.40-19.el7 will be installed
--> Processing Dependency: libpcap.so.1()(64bit) for package: 2:nmap-ncat-6.40-19.el7.x86_64
--> Running transaction check
---> Package libpcap.x86_64 14:1.5.3-12.el7 will be installed
--> Finished Dependency Resolution

Dependencies Resolved

==============================================================================================================================================================
 Package                               Arch                               Version                                      Repository                        Size
==============================================================================================================================================================
Installing:
 nmap-ncat                             x86_64                             2:6.40-19.el7                                base                             206 k
Installing for dependencies:
 libpcap                               x86_64                             14:1.5.3-12.el7                              base                             139 k

Transaction Summary
==============================================================================================================================================================
Install  1 Package (+1 Dependent package)

Total download size: 345 k
Installed size: 740 k
Is this ok [y/d/N]:

You can verify if the package is installed correctly :

[root@server ~]# rpm -qa | grep -i nmap-ncat
nmap-ncat-6.40-19.el7.x86_64

Use this command to verify the version’s package installed :

[root@server ~]# nc --version
Ncat: Version 7.50 ( https://nmap.org/ncat )

In my case it’s the version 7.5.

Test :

Scanning ports is one of the most common uses for Netcat. You can scan a single port or a port range.

For example, to scan the port 80 for 192.168.139.133 :

[root@server~]# nc -vz 192.168.139.133 80
Ncat: Version 7.50 ( https://nmap.org/ncat )
Ncat: Connected to 192.168.139.133:80.
Ncat: 0 bytes sent, 0 bytes received in 0.07 seconds.

[root@server ~]# nc -z -v  sysreseau.net 443
Ncat: Version 7.50 ( https://nmap.org/ncat )
Ncat: Connected to 104.219.248.89:443.
Ncat: 0 bytes sent, 0 bytes received in 0.36 seconds.

And check the port 443 of google :

[root@server ~]# nc -z -v  sysreseau.net 443
Ncat: Version 7.50 ( https://nmap.org/ncat )
Ncat: Connected to 104.219.248.89:443.
Ncat: 0 bytes sent, 0 bytes received in 0.36 seconds.

You can check other options that can be used with nc using -h option :

[root@server ~]# nc -h
Ncat 7.50 ( https://nmap.org/ncat )
Usage: ncat [options] [hostname] [port]

Options taking a time assume seconds. Append 'ms' for milliseconds,
's' for seconds, 'm' for minutes, or 'h' for hours (e.g. 500ms).
  -4                         Use IPv4 only
  -6                         Use IPv6 only
  -U, --unixsock             Use Unix domain sockets only
  -C, --crlf                 Use CRLF for EOL sequence
  -c, --sh-exec <command>    Executes the given command via /bin/sh
  -e, --exec <command>       Executes the given command
      --lua-exec <filename>  Executes the given Lua script
  -g hop1[,hop2,...]         Loose source routing hop points (8 max)
  -G <n>                     Loose source routing hop pointer (4, 8, 12, ...)
  -m, --max-conns <n>        Maximum <n> simultaneous connections
  -h, --help                 Display this help screen
  -d, --delay <time>         Wait between read/writes
  -o, --output <filename>    Dump session data to a file
  -x, --hex-dump <filename>  Dump session data as hex to a file
  -i, --idle-timeout <time>  Idle read/write timeout
  -p, --source-port port     Specify source port to use
  -s, --source addr          Specify source address to use (doesn't affect -l)
  -l, --listen               Bind and listen for incoming connections
  -k, --keep-open            Accept multiple connections in listen mode
  -n, --nodns                Do not resolve hostnames via DNS
  -t, --telnet               Answer Telnet negotiations
  -u, --udp                  Use UDP instead of default TCP
      --sctp                 Use SCTP instead of default TCP
  -v, --verbose              Set verbosity level (can be used several times)
  -w, --wait <time>          Connect timeout
  -z                         Zero-I/O mode, report connection status only