Chapter 3Twenty-First-Century Netcat

One of the first Linux packages that caused me to marvel at its capabilities was the powerful netcat (https://nmap.org/ncat). There have been a few versions over the years, each with a subtly different feature set. If you haven't used it, then you're in for a treat. It's been described as the only tool that a sysadmin will ever need, which may be a little optimistic, but netcat is genuinely exceptional.

For a start, it's incredibly lightweight, and its filesystem footprint is miniscule. In addition, a version of netcat is included in many distributions by default. After you've explored some of its background, you'll look at how you can use it to your benefit.

History

Over the years there have been a number of implementations of netcat. The original Unix/Linux version was written in 1995, and in 1998 a Windows version appeared due to its popularity. I once read that a poll conducted by the Nmap Project (https://nmap.org) discovered that after their own security tool, Nmap, their users opted for netcat as their second tool of choice.

Netcat's functionality also helped boost its popularity in nefarious circles. It's therefore commonly used in attack reconnaissance (and attacks themselves) in addition to well-intentioned white hat activities. As a result, you may not find full-fledged (modern) versions of netcat on enterprise infrastructure, due to security fears and its packages being blacklisted as a threat.

I'll try to succinctly explain ...

Get Linux Server Security now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.