RHEL 7 – Check if Remote Host/Port is Open Without Netcat or NMap

netcatnmaprhel7

At work, the infrastructure team is rolling out new VMs with RHEL7 installed as the base OS. This particular image comes with the nmap-ncat version of Netcat and does not have NMap installed. We are precluded from installing anything on the machines.

Previously, we were using the GNU Netcat which have the -z option to scan a remote host/port to check if it was open. Something like this:

nc -z -v -w 3 remote.host.name 1234

How can I achieve the same check with the new ncat which does not have the -z option on a system where I cannot install nmap?

Best Answer

Bash allows you to connect to TCP and/or UDP ports by redirecting to special files:

/dev/tcp/host/port If host is a valid hostname or Internet address, and port is an integer port number or service name, Bash attempts to open the corresponding TCP socket.

/dev/udp/host/port If host is a valid hostname or Internet address, and port is an integer port number or service name, Bash attempts to open the corresponding UDP socket.

A failure to open or create a file causes the redirection to fail.

So to test if you can connect to port 80 on www.example.com the following should work:

echo -n > /dev/tcp/www.example.com/80

If the port is blocked you either get a "connection refused" message or a timeout.

Related Topic