netcat command that installed on Ubuntu 20.04.01 by default has -X option, but netcat 0.7.1 compiled from source code does not have -X option. What is the difference?
netcat that installed on Ubuntu 20.04.01:
foo#foo:~/data/tmp$ netcat --help
netcat: invalid option -- '-'
usage: nc [-46CDdFhklNnrStUuvZz] [-I length] [-i interval] [-M ttl]
[-m minttl] [-O length] [-P proxy_username] [-p source_port]
[-q seconds] [-s source] [-T keyword] [-V rtable] [-W recvlimit] [-w timeout]
[-X proxy_protocol] [-x proxy_address[:port]] [destination] [port]
netcat 0.7.1 compiled from the source code:
foo#foo:~/data/tmp$ ./netcat/bin/netcat --help
GNU netcat 0.7.1, a rewrite of the famous networking tool.
Basic usages:
connect to somewhere: ./netcat/bin/netcat [options] hostname port [port] ...
listen for inbound: ./netcat/bin/netcat -l -p port [options] [hostname] [port] ...
tunnel to somewhere: ./netcat/bin/netcat -L hostname:port -p port [options]
Mandatory arguments to long options are mandatory for short options too.
Options:
-c, --close close connection on EOF from stdin
-e, --exec=PROGRAM program to exec after connect
-g, --gateway=LIST source-routing hop point[s], up to 8
-G, --pointer=NUM source-routing pointer: 4, 8, 12, ...
-h, --help display this help and exit
-i, --interval=SECS delay interval for lines sent, ports scanned
-l, --listen listen mode, for inbound connects
-L, --tunnel=ADDRESS:PORT forward local port to remote address
-n, --dont-resolve numeric-only IP addresses, no DNS
-o, --output=FILE output hexdump traffic to FILE (implies -x)
-p, --local-port=NUM local port number
-r, --randomize randomize local and remote ports
-s, --source=ADDRESS local source address (ip or hostname)
-t, --tcp TCP mode (default)
-T, --telnet answer using TELNET negotiation
-u, --udp UDP mode
-v, --verbose verbose (use twice to be more verbose)
-V, --version output version information and exit
-x, --hexdump hexdump incoming and outgoing traffic
-w, --wait=SECS timeout for connects and final net reads
-z, --zero zero-I/O mode (used for scanning)
Remote port number can also be specified as range. Example: '1-1024'
The netcat from Ubuntu is Open BSD one :
$ netcat -help
OpenBSD netcat (Debian patchlevel 1.206-1ubuntu1)
And you compiled the GNU version:
$ ./netcat/bin/netcat --help
GNU netcat 0.7.1, a rewrite of the famous networking tool.
This post discusses the differences between both.
Related
I am trying to connect a client machine to my java server which is running on
139.78.141.234 on port 8080. The ip address for client is 172.168.100.248. I am using this command:
telnet 192.168.100.248 23456 http://139.78.141.234:8080/my.html
but I don't understand where am I possibly going wrong, because it doesn't display the error message rather displays:
Usage: telnet [-8] [-E] [-L] [-S tos] [-a] [-c] [-d] [-e char] [-l user]
[-n tracefile] [-b hostalias ] [-r]
[host-name [port]]
When I use it with curl it works
curl -s http://139.78.141.234:9090/my.html
The correct usage would be
telnet 139.78.141.234 8080
Note that you simply put the port after the hostname/IP address and ommit the protocol description, like http, as this is only needed for your browser.
And also ommit the path to website so /mysite.html . To retrieve some html file via telnet you need to speak http with the webserver. This means after being connected you can send GET requests to retrieve the website you want.
I am trying to follow a number of recipes which use netcat or ideally knc (kerberos netcat) to create a proxy; either to look at what is being piped through the proxy for debugging or to create an kerberos authenticated link over which I can tunnel some java based tcp server-to-server traffic.
Taking this example http://notes.tweakblogs.net/blog/7955/using-netcat-to-build-a-simple-tcp-proxy-in-linux.html the pattern seems to be something like:
mkfifo fifo
nc -l -p 8080 <fifo | nc tweakers.net 80 >fifo
Yet that gives the error:
usage: nc [-46DdhklnrStUuvzC] [-i interval] [-p source_port]
[-s source_ip_address] [-T ToS] [-w timeout] [-X proxy_version]
[-x proxy_address[:port]] [hostname] [port[s]]
Yet if I run ether side of the pipe alone I get no error:
nc -l -p 8080 <fifo
nc tweakers.net 80 >fifo
What am I missing to get this to work?
I am running Red Hat Enterprise Linux Server release 6.2 (Santiago) either bash or ksh.
Annoyingly it was the -p option which was tripping things up. The following command runs fine:
nc -l 8080 <fifo | nc somehost.com 80 >fifo
Then in another shell doing
telnet localhost 8080
get /
works fine.
I am using netcat utility on linux to receive outputs from a program on a windows machine. My problem being that the program on the windows machine does not always give an output.
How can i check that either a connection has been made to netcat ?
What i am doing till now is "nc -l -v 9103 > output" then i check the size of output, the problem this poses is that netcat only write to a file after a certain buffer size has been reached or a new line char is encountered, so some cases evne though a connection has been made the file size is detected as zero.
How can i check if someone has made a connection with netcat.
I tried using
nc -l -v -e someprog.exe 9103 > output
but my netcat doesnt seem to support this
below are the options i have
$ nc -h
usage: nc [-46DdhklnrStUuvzC] [-i interval] [-p source_port]
[-s source_ip_address] [-T ToS] [-w timeout] [-X proxy_version]
[-x proxy_address[:port]] [hostname] [port[s]]
Command Summary:
-4 Use IPv4
-6 Use IPv6
-D Enable the debug socket option
-d Detach from stdin
-h This help text
-i secs Delay interval for lines sent, ports scanned
-k Keep inbound sockets open for multiple connects
-l Listen mode, for inbound connects
-n Suppress name/port resolutions
-p port Specify local port for remote connects
-r Randomize remote ports
-s addr Local source address
-T ToS Set IP Type of Service
-C Send CRLF as line-ending
-t Answer TELNET negotiation
-U Use UNIX domain socket
-u UDP mode
-v Verbose
-w secs Timeout for connects and final net reads
-X proto Proxy protocol: "4", "5" (SOCKS) or "connect"
-x addr[:port] Specify proxy address and port
-z Zero-I/O mode [used for scanning]
Port numbers can be individual or ranges: lo-hi [inclusive]
verbose mode will write connectivity to stderr, and you can redirect stderr to a file, the verbose log has something like
connect to [xxx] from [xxxx]
try
nc -l -v -p 9103 -k 1> output 2>connect.log
and monitor connect.log for connectivity
if you don't use -k , netcat quits after 1st connection.
If you can upgrade your copy of netcat: the modern versions (1.10, for one) have an option to execute a program (or a shell command) upon connect. Otherwise, you can make the netcat think it runs in a terminal (to disable buffering of stdout), by using for example script (it just saves everything on stdin/stdout/stderr in the given file). Or use logging features of screen and tmux.
I need to collect tcpdump from different interfaces from a remote host.
Currently I do it in the following way:
ssh remotehost "tcpdump -i iface1 -w - " > iface1_dump.pcap &
ssh remotehost "tcpdump -i iface2 -w - " > iface2_dump.pcap
I wonder if there a way to realize it in single ssh connect (maybe some complex shell redirect is a cure) to minimize packets loss while second ssh command is on its way
2 conditions:
remote host has really limited disk space, so I can't tcpdump locally on that host
tcpdump -i any affects Ethernet headers, so I can't use it
You create a file "SEND_DATA" on the target machine, in which you put these 2 lines:
tcpdump -i iface1 -w - | nc <IP> <PORT1>
tcpdump -i iface2 -w - | nc <IP> <PORT2>
Every machine has netcat, so it works. You mark SEND_DATA executable
Next, you open a listening port on your PC, and run the script on remote machine:
> OUT1 nc -l -p PORT1
> OUT2 nc -l -p PORT1
ssh remotehost SEND_DATA
In this moment, the files OUT1 & OUT2 will start receiving data.
You also need to consult the manuals from 2 versions of nc, because I saw that the parameters differ sometimes.
The two ssh's is probably the nicest method, but you could also sed 's/^/one /' on the first one, in the background, and sed 's/&/two /' on the second, and then pull them apart on the local host with "egrep '^one ' | sed 's/one //'" for example.
You could also save the output in a pair of files, and scp them back when "done".
ssh remotehost "tcpdump -iiface1 -w- &
tcpdump -iiface2 -w- >&2 2>/dev/null" >iface1_dump.pcap 2>iface2_dump.pcap
I have a webserver WWW1 and a front-facing proxy PRX. I use SSH ProxyCommand to connect to WWW1's internal IP (private IP) via PRX (private+public IP). For some connections (not all) I see a network connection left open after I'm finished. These add up!
~/.ssh/config
Host *
ServerAliveInterval 5
ControlMaster auto
ControlPath ~/.ssh/master-%r#%h:%p
Host WWW1 WWW2 WWW3
User foo
ProxyCommand ssh -q -a -x PRX nc %h 22
IdentityFile ~/.ssh/id_foo_WWWx
On PRX, lsof | grep WWW1:ssh shows 124 open connections at the moment. On WWW1, the same command shows 243 open connections. There are similar open connections for WWW2, WWW3 etc.
WWW1 and PRX are Debian. Client connections are coming from a mix of Debian, Ubuntu and OSX10.6. I use Emacs Tramp but this has no special configuration (AFAIK) outside of my ~/.ssh/config.
I'm concerned about running out of internal ports, and ideally I want these connections to clean themselves up without intervention. Ideally by configuring them to kill themselves off; failing that a command I can kill old processes with is fine!
A better way would be to use the -W option of SSH, so you could put
ProxyCommand ssh -q -a -x PRX -W %h:22
instead of
ProxyCommand ssh -q -a -x PRX nc %h 22
This way you get rid of dependence on nc too.
Don't know whether it matters but I use nc -w 1 %h %p