I am constantly having to check firewall rules for sevices I have not yet setup. In this post I will reference the client (Source address) and server (Destination address).
Checking TCP
Server:
Open a tcp port with netcat so for example to open port 80 tcp I would use:
nc -l 80
Client:
Check the tcp port with telnet so to connect to port 80:
telnet destination_ip 80
Checking UDP
To open a udp (destination)listener on port 80 you would use the following command:
nc -lu 80
To Connect to your destination udp on port 80 use the following command from your source:
nc -zu destination_ip 80
Netcat fun
Netcat (nc) can also be used for a lot of other purposes. It can also be used as a very fast basic port scanner:
To scan a range of UDP ports 80-4000
nc -zu destination_ip
80-4000
In order to get more information, you can add v, for more verbose, add another v
nc -vvzu destination_ip 80-4000
To scan a range of TCP ports 80-4000
nc -z destination_ip 80-4000
Hi Joseph,
i’m investigating about how i can test if a port udp is closed or opened up with netcat, and reviewing the man pages of this awesome command can found this line:
UDP port scans will always succeed (i.e. report the port as open), rendering the -uz combination of flags relatively useless.
You can test anyway with “-z” flag but without “u”,
thanks for this post, that make me see the light 😉
regards!
Jose,
Thanks for the update. You are correct. Testing UDP is really a pain honestly. Now testing TCP that’s easy. It’s the nature of the protocols. I need to figure out some tests for multicast 🙂