Here’s a quick guide to getting netcat (often called the “Swiss-army knife” of TCP/UDP) up and running on your Linux box, plus some of the most common things you’ll do with it.

Netcat (nc) is a small utility that reads and writes data across network connections using TCP or UDP. You can use it to debug services, transfer files, scan ports, and even create simple chat servers.Netcat (nc) command in Linux is used for various purposes like checking the status of remote ports, initiating chat services between server and client, listening on some ports for incoming connections etc.

Here, we will only look into the steps to install Netcat as the package does not come by default in RedHat Based systems, so we need to install it manually using the below steps.

Install netcat (OpenBSD version):

  1. Debian / Ubuntu / Linux Mint

    This will pull in the OpenBSD version (modern and full-featured).
sudo apt update
sudo apt install netcat

  1. RHEL / CentOS / Fedora

RHEL/CentOS 7 & 8

sudo yum install nmap-ncat

Fedora

sudo dnf install nmap-ncat

  1. Arch Linux

sudo pacman -S gnu-netcat

Install netcat from source code(OpenBSD flavor of netcat):

Download, compile and install the OpenBSD flavor of netcat (often called the most full-featured version) from source on a typical Linux box.

Compiling netcat from source code is not as easy as installing via apt install, but if you follow the steps below you can install it easily.


Download the source code from netcat website with the following command:

1. Install build dependencies

Debian/Ubuntu

sudo apt update
sudo apt install build-essential git autoconf automake libtool

RHEL/CentOS/Fedora

sudo yum groupinstall "Development Tools"
sudo yum install git autoconf automake libtool

2. Clone the OpenBSD netcat source

git clone https://github.com/openbsd/src.git ~/openbsd-src
cd ~/openbsd-src/usr.bin/nc

3. Bootstrap the build system

./autogen.sh

4. Configure for installation

./configure --prefix=/usr/local

If you are getting error message like this - "no acceptable C compiler found in $PATH" when running ./configure command, make sure you have installed gcc compiler correctly or not. To install gcc compiler ,use the following command:

apt-get install build-essential

Running configure takes awhile.

Once configure has been successfully finished move to next step:

5. Compile

make

6. Install

sudo make install

7. Verify

which nc
nc -h

8. (Optional) Replace your distro’s netcat

sudo mv /usr/bin/nc /usr/bin/nc.bak
sudo ln -s /usr/local/bin/nc /usr/bin/nc

You can remove the program binaries and object files from the source code directory by typing make clean. To also remove the files that configure created, run make distclean command.

How to use netcat:

Before starting to explore some netcat commands it's important to know that if you are binding to well-known ports (0-1023) with nc, you need root privilege. Otherwise, you can run nc as a normal user.

1. Test if a particular TCP port of a remote host is open

nc -vn 184.145.20.128 2424

Output if the 2424 port on remote server is closed

nc: connect to 184.145.20.128 port 2424 (tcp) failed: Connection refused

Output if the port on remote server is opened (e.g. 22 port)

Connection to 184.145.20.128 22 port [tcp/*] succeeded!
SSH-2.0-OpenSSH_7.6p1 Ubuntu-4

2. Perform TCP port scanning against a remote host

The command below will check the ports from 20 to 25 on the remote host and print the result.

nc -vnz -w 1 184.145.20.128 20-25

Output will look like this

nc: connect to 184.145.20.128 port 20 (tcp) failed: Connection refused
nc: connect to 184.145.20.128 port 21 (tcp) failed: Connection refused
Connection to 184.145.20.128 22 port [tcp/*] succeeded!
nc: connect to 184.145.20.128 port 23 (tcp) failed: Connection refused
nc: connect to 184.145.20.128 port 24 (tcp) failed: Connection refused
nc: connect to 184.145.20.128 port 25 (tcp) failed: Connection refused

3. Perform UDP port scanning against a remote host

nc -vnzu 184.145.20.128 1-65535

Output will show only the ports which allow udp connections.

Connection to 184.145.20.128 2424 port [udp/*] succeeded!
Connection to 184.145.20.128 12354 port [udp/*] succeeded!

4. Send a test UDP packet to a remote host

echo -n "udp test" | nc -u -w1 184.145.20.128 2424

The command above will send a test UDP packet with 1 second timeout to a remote host at port 2424

5. Copy a file (e.g., test.txt) from one host to another

On the receiver host (184.145.20.128 in my case) run:

nc -lp 2424 > test.txt

On the sender host (184.145.20.126) run the following command:

nc 184.145.20.128 2424 < test.txt

This will copy test.txt file from sender host to receiver host via 2424 port. make sure to allow incoming connections on 2424 port on the receiver host.

6. Transfer a whole directory (including its content) from one host to another

On the receiver host run:

nc -l 2424 | tar xvf -

On the sender host run the following command:

tar cvf - /path/to/dir | nc 184.145.20.128 2424

7. Create a compressed backup of hard drive (e.g., /dev/sdc) on a remote host

On the remote host run:

nc -lp 2424 | sudo dd of=/path/to/image.img.gz

On the local host run the following command:

dd if=/dev/sdc | gzip -c | nc 184.145.20.128 2424

8. Restore a hard drive (e.g. /dev/sdc) from a compressed disk image stored in a remote host

On the local host run:

nc -lp 2424 | gunzip -c | sudo dd of=/dev/sdc

On the remote host run the following command:

cat /path/to/image.img.gz | nc 184.145.20.126 2424

9. Run insecure online chat between two hosts

On one host (e.g. 184.145.20.126) run the command below:

nc -lp 2424

On another host (e.g. 184.145.20.128) run the following command:

nc 184.145.20.126 2424

After running these commands, anything typed in both terminals will be seen on both host machines.

10. Run a web server with a static web page

Run the command below on local host (e.g. 184.145.20.126) to start a web server that serves test.html on port 80. Note that you must run with sudo privileges as 80 is in range of well known ports (1-1023)

while true; do sudo nc -lp 80 < test.html; done

Now open http://184.145.20.126/test.html from another host to access it.

11. Listen on a TCP port using IPv6 address

You can use the following command to allow nc use IPv6 address when listening on a TCP port.

nc -6 -l 2424

Check if it works with the command below

sudo netstat -nap | grep 2424

Output will look like this

tcp6 0 0 :::2424 :::* LISTEN 15665/nc

12. Stream a video file from a server for client to watch the streamed video using video player (e.g., mplayer)

On a video server (184.145.20.126):

cat sample_video.avi | nc -l 2424

On a client host (184.145.20.128):

nc 184.145.20.126 2424 | mplayer -vo x11 -cache 3000 -
*KB Last updated: 06/14/2025 09:00 AM EDT*
?האם התשובה שקיבלתם הייתה מועילה 86 משתמשים שמצאו מאמר זה מועיל (88 הצבעות)

המאמרים הנפוצים ביותר

Disable ModSecurity in cPanel

What is ModSecurity?Mod_security is an apache module that helps to protect your website from...
How to disable directory listing in cpanel?

Disable directory listing in cpanelIndex Manger in cPanelThe Index Manager allows you to...
How to disable the listing in a non-cPanel CentOS server?

How to disable the listing in a non-cPanel CentOS server?1. Locate your httpd.conf file. Normally...
How to Change Exim mail server IP address in cPanel server?

HOW TO CHANGE EXIM MAIL SERVER'S IP ADDRESS, FOR SERVER WITH CPANEL?In cPanel/WHM, Exim uses main...
Enable/Disable HTTP Authentication

What is HTTP Authentication ?HTTP provides a general framework for access control and...