Since Netcat is a network socket connection and management utility, it can easily be transformed into a TCP port scanning utility. This specific recipe demonstrates how we can use Netcat to perform a TCP connect scan.
To use Netcat to perform a full connect scan, you will need to have a remote system that is running network services over TCP. In the examples provided, an instance of Metasploitable2 is used to perform this task. For more information on how to set up Metasploitable2, refer to Chapter 1, Getting Started.
Netcat is an extremely useful, multipurpose networking utility that can be used for a plethora of purposes. One effective use of Netcat is to perform port scans. To identify the usage options, nc
(Netcat) should be called with the -h
option, as follows:
root@KaliLinux:~# nc -h [v1.10-40] connect to somewhere: nc [-options] hostname port[s] [ports] ... listen for inbound: nc -l -p port [-options] [hostname] [port] options...