Testing TCP Firewall With Netcat

Simplest way to test if a port is open on firewall is through telnet, but problem with that is what if you don’t have anything listening? What if you’re preparing infrastructure for a new app-server deployment — telnet won’t work unless there’s something listening on the server.

With netcat you can create a simple listener that echoes whatever character passed to it. Netcat should be available on standard UNIX system via nc command.

If you want to test if port 1234 has been allowed through on firewall:

  1. On the server, run nc -l -p 1234. Netcat will wait incoming connection to port 1234.
  2. On the client, simply do telnet 11.22.33.44 1234 (assuming the server ip is 11.22.33.44)

If the server is on Windows, there’s even a Windows version of Netcat available.

Advertisements

Leave a Reply

Please log in using one of these methods to post your comment:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s