What are the alternatives for checking open ports, besides telnet?
up vote
22
down vote
favorite
We can use the following in order to test telnet VIA port; in the following example we test port 6667:
[root@kafka03 ~]# telnet kafka02 6667
Trying 103.64.35.86...
Connected to kafka02.
Escape character is '^]'.
^CConnection closed by foreign host
Since on some machines we can't use telnet (for internal reasons) what are the alternatives to check ports, as telnet?
linux networking curl telnet
edited Nov 4 at 15:01
Jeff Schaller
37.1k1052121
asked Nov 4 at 10:25
yael
2,3301956
add a comment |
up vote
22
down vote
favorite
We can use the following in order to test telnet VIA port; in the following example we test port 6667:
[root@kafka03 ~]# telnet kafka02 6667
Trying 103.64.35.86...
Connected to kafka02.
Escape character is '^]'.
^CConnection closed by foreign host
Since on some machines we can't use telnet (for internal reasons) what are the alternatives to check ports, as telnet?
linux networking curl telnet
edited Nov 4 at 15:01
Jeff Schaller
37.1k1052121
asked Nov 4 at 10:25
yael
2,3301956
Is perl an option?
– Jeff Schaller
Nov 4 at 15:01
5
Those "internal reasons" might bar you from using other port-scanning software. I knew a guy that worked at a bank and had his contract terminated because he had a copy of nmap on his PC. He was using it for work-related purposes, but it was on the proscribed list, so he was escorted out of the building.
– Roger Lipscombe
Nov 4 at 15:39
2
Is perl an option? – YES
– yael
Nov 4 at 17:47
2
Note that telnet is a sophisticated protocol. Thetelnetutility turns off the protocol behaviour if a port is given at command line. Then it behaves much likenetcat, just with line ending detection.
– rexkogitans
Nov 5 at 8:29
add a comment |
up vote
22
down vote
favorite
up vote
22
down vote
favorite
We can use the following in order to test telnet VIA port; in the following example we test port 6667:
[root@kafka03 ~]# telnet kafka02 6667
Trying 103.64.35.86...
Connected to kafka02.
Escape character is '^]'.
^CConnection closed by foreign host
Since on some machines we can't use telnet (for internal reasons) what are the alternatives to check ports, as telnet?
linux networking curl telnet
edited Nov 4 at 15:01
Jeff Schaller
37.1k1052121
asked Nov 4 at 10:25
yael
2,3301956
We can use the following in order to test telnet VIA port; in the following example we test port 6667:
[root@kafka03 ~]# telnet kafka02 6667
Trying 103.64.35.86...
Connected to kafka02.
Escape character is '^]'.
^CConnection closed by foreign host
Since on some machines we can't use telnet (for internal reasons) what are the alternatives to check ports, as telnet?
linux networking curl telnet
linux networking curl telnet
edited Nov 4 at 15:01
Jeff Schaller
37.1k1052121
asked Nov 4 at 10:25
yael
2,3301956
edited Nov 4 at 15:01
Jeff Schaller
37.1k1052121
asked Nov 4 at 10:25
yael
2,3301956
edited Nov 4 at 15:01
Jeff Schaller
37.1k1052121
edited Nov 4 at 15:01
Jeff Schaller
37.1k1052121
edited Nov 4 at 15:01
Jeff Schaller
37.1k1052121
37.1k1052121
asked Nov 4 at 10:25
yael
2,3301956
asked Nov 4 at 10:25
yael
2,3301956
asked Nov 4 at 10:25
yael
2,3301956
2,3301956
Is perl an option?
– Jeff Schaller
Nov 4 at 15:01
5
Those "internal reasons" might bar you from using other port-scanning software. I knew a guy that worked at a bank and had his contract terminated because he had a copy of nmap on his PC. He was using it for work-related purposes, but it was on the proscribed list, so he was escorted out of the building.
– Roger Lipscombe
Nov 4 at 15:39
2
Is perl an option? – YES
– yael
Nov 4 at 17:47
2
Note that telnet is a sophisticated protocol. Thetelnetutility turns off the protocol behaviour if a port is given at command line. Then it behaves much likenetcat, just with line ending detection.
– rexkogitans
Nov 5 at 8:29
add a comment |
Is perl an option?
– Jeff Schaller
Nov 4 at 15:01
5
Those "internal reasons" might bar you from using other port-scanning software. I knew a guy that worked at a bank and had his contract terminated because he had a copy of nmap on his PC. He was using it for work-related purposes, but it was on the proscribed list, so he was escorted out of the building.
– Roger Lipscombe
Nov 4 at 15:39
2
Is perl an option? – YES
– yael
Nov 4 at 17:47
2
Note that telnet is a sophisticated protocol. Thetelnetutility turns off the protocol behaviour if a port is given at command line. Then it behaves much likenetcat, just with line ending detection.
– rexkogitans
Nov 5 at 8:29
Is perl an option?
– Jeff Schaller
Nov 4 at 15:01
Is perl an option?
– Jeff Schaller
Nov 4 at 15:01
5
5
Those "internal reasons" might bar you from using other port-scanning software. I knew a guy that worked at a bank and had his contract terminated because he had a copy of nmap on his PC. He was using it for work-related purposes, but it was on the proscribed list, so he was escorted out of the building.
– Roger Lipscombe
Nov 4 at 15:39
Those "internal reasons" might bar you from using other port-scanning software. I knew a guy that worked at a bank and had his contract terminated because he had a copy of nmap on his PC. He was using it for work-related purposes, but it was on the proscribed list, so he was escorted out of the building.
– Roger Lipscombe
Nov 4 at 15:39
2
2
Is perl an option? – YES
– yael
Nov 4 at 17:47
Is perl an option? – YES
– yael
Nov 4 at 17:47
2
2
Note that telnet is a sophisticated protocol. The
telnet utility turns off the protocol behaviour if a port is given at command line. Then it behaves much like netcat, just with line ending detection.– rexkogitans
Nov 5 at 8:29
Note that telnet is a sophisticated protocol. The
telnet utility turns off the protocol behaviour if a port is given at command line. Then it behaves much like netcat, just with line ending detection.– rexkogitans
Nov 5 at 8:29
add a comment |
6 Answers
6
active
oldest
votes
up vote
17
down vote
accepted
If using Bash Shell, then you can use its feature to check if a port is open or closed:
(timeout 1 bash -c '</dev/tcp/127.0.0.1/17500 && echo PORT OPEN || echo PORT CLOSED') 2>/dev/null
PORT OPEN
(timeout 1 bash -c '</dev/tcp/127.0.0.1/7500 && echo PORT OPEN || echo PORT CLOSED') 2>/dev/null
PORT CLOSED
Note that if the server does not respond after 1 second the timeout is reached, the commands between ' interrupted, and thus nothing is printed.
edited Nov 7 at 10:17
thecarpy
2,255824
answered Nov 4 at 18:27
in2nix4life
1962
4
Perhaps you should use the hostname from the question (kafka02) instead of127.0.0.1, which makes it look like it only works with the loopback.
– Dmitry Grigoryev
Nov 5 at 9:52
1
(timeout 1 bash -c '</dev/tcp/www.google.com/444 && echo PORT OPEN || echo PORT CLOSED') 2>/dev/nullprints nothing for me.(timeout 1 bash -c '</dev/tcp/www.google.com/444' && echo PORT OPEN || echo PORT CLOSED) 2>/dev/nullworked as expected (prints PORT CLOSED). Note the location of the'.
– thecarpy
Nov 7 at 9:21
what you get on bash -c '</dev/tcp/kafka01/6667'
– yael
Nov 7 at 10:45
then echo $? ( if 0 then port is open ,)
– yael
Nov 7 at 10:46
IIRC this bash feature used to be disabled in Debian some time ago. It's a neat trick but doesn't always work.
– AnonymousLurker
Nov 27 at 9:50
add a comment |
up vote
27
down vote
netcat is one option.
nc -zv kafka02 6667
-z= sets nc to simply scan for listening daemons, without actually sending any data to them
-v= enables verbose mode
answered Nov 4 at 10:28
steve
13.8k22452
is it possible to get standard output from the nc ? because I want to write in in my bash script
– yael
Nov 4 at 10:36
2
Read the documentation! Without optionsncbehaves a lot liketelnet.
– Henrik
Nov 4 at 11:03
yes I read the docs but -w flag not works as timeout
– yael
Nov 4 at 11:09
example - c -v -w 1 kafka01 6667 ( we not get timeout )
– yael
Nov 4 at 11:09
nc -v -w 3 kafka01 6667 Ncat: Version 6.40 ( nmap.org/ncat ) Ncat: Connected to 10.164.235.85:6667. ( this still hang )
– yael
Nov 4 at 11:10
|
show 1 more comment
up vote
23
down vote
The gold standard is undoubtedly nmap (nmap.org), but it typically requires root for “best results”. However, standalone binaries are available and it is possible to run it as an unprivileged user, just with degraded capabilities. For example, instead of a stealth syn scan (-sS), it falls back to a standard TCP connect scan (-sT). This is functionally equivalent to netcat, but with the nice multi-host, sped-up capabilities that it has.
An example:
not-root$ nmap -sT google.com
Starting Nmap 7.70 ( https://nmap.org ) at 2018-11-04 21:01 GMT
Nmap scan report for google.com (172.217.23.14)
Host is up (0.12s latency).
rDNS record for 172.217.23.14: lhr35s01-in-f14.1e100.net
Not shown: 998 filtered ports
PORT STATE SERVICE
80/tcp open http
443/tcp open https
edited Nov 5 at 12:23
crater2150
2,53021521
answered Nov 4 at 21:04
Landak
25318
1
in most organizations nmap is considered as a scaning tool and one can not use nmap without proper authorization. Also if it is an EC2 instance, authorization required from AWS as well.
– al mamun
Nov 6 at 20:52
add a comment |
up vote
4
down vote
If Perl is an option, you can use its IO::Socket module to test a connection to a particular host and port; the script below hard-codes TCP as the protocol (which is what telnet would use):
#!/usr/bin/perl -w
# tries to connect to the given IP and port (tcp)
use strict;
use IO::Socket;
my $desthost = shift or die "Usage: $0 host portn";
my $destport = shift or die "Usage: $0 host portn";
gethostbyname($desthost) || die "Invalid host givenn";
my $handle = IO::Socket::INET->new(
PeerAddr => $desthost,
PeerPort => $destport,
Proto => 'tcp')
or die "can't connect to $desthost:$destport: $!n";
close $handle;
print "Success!n"
Sample output from a closed port:
$ ./above-script kafka02 6667
can't connect to kafka02:6667: Connection refused
Sample output from an open port:
$ ./above-script kafka02 4200
Success!
edited Nov 6 at 20:14
chicks
8121721
answered Nov 6 at 13:32
Jeff Schaller
37.1k1052121
add a comment |
up vote
0
down vote
Device file /dev/tcp and /dev/udp can be used instead of telnet.
Example: echo 0 > /dev/tcp/103.64.35.86/6667 . Then check the exit status using #echo $? . If exit status is 0 then the port is open. If exit status is non-zero then the port is closed. For checking udp packets, use echo 0 > /dev/udp/103.64.35.86/6667 .
answered Nov 6 at 20:47
al mamun
61110
in my redhat 7 under /dev/ , we not have tcp
– yael
Nov 7 at 10:47
ls /dev/tcp/ ls: cannot access /dev/tcp/: No such file or directory
– yael
Nov 7 at 10:48
on which OS you test it?
– yael
Nov 7 at 10:49
@yael, you will not get /dev/tcp or /dev/udp while ls. try the exact same command on your shell and you will get the result. by the way, I frequently use it on RHEL6,7
– al mamun
Nov 7 at 15:29
add a comment |
up vote
0
down vote
ss -lt
this is another command you can use.
answered Nov 27 at 9:31
Dileep Jayasundara
11
add a comment |
6 Answers
6
active
oldest
votes
6 Answers
6
active
oldest
votes
active
oldest
votes
active
oldest
votes
up vote
17
down vote
accepted
If using Bash Shell, then you can use its feature to check if a port is open or closed:
(timeout 1 bash -c '</dev/tcp/127.0.0.1/17500 && echo PORT OPEN || echo PORT CLOSED') 2>/dev/null
PORT OPEN
(timeout 1 bash -c '</dev/tcp/127.0.0.1/7500 && echo PORT OPEN || echo PORT CLOSED') 2>/dev/null
PORT CLOSED
Note that if the server does not respond after 1 second the timeout is reached, the commands between ' interrupted, and thus nothing is printed.
edited Nov 7 at 10:17
thecarpy
2,255824
answered Nov 4 at 18:27
in2nix4life
1962
4
Perhaps you should use the hostname from the question (kafka02) instead of127.0.0.1, which makes it look like it only works with the loopback.
– Dmitry Grigoryev
Nov 5 at 9:52
1
(timeout 1 bash -c '</dev/tcp/www.google.com/444 && echo PORT OPEN || echo PORT CLOSED') 2>/dev/nullprints nothing for me.(timeout 1 bash -c '</dev/tcp/www.google.com/444' && echo PORT OPEN || echo PORT CLOSED) 2>/dev/nullworked as expected (prints PORT CLOSED). Note the location of the'.
– thecarpy
Nov 7 at 9:21
what you get on bash -c '</dev/tcp/kafka01/6667'
– yael
Nov 7 at 10:45
then echo $? ( if 0 then port is open ,)
– yael
Nov 7 at 10:46
IIRC this bash feature used to be disabled in Debian some time ago. It's a neat trick but doesn't always work.
– AnonymousLurker
Nov 27 at 9:50
add a comment |
up vote
17
down vote
accepted
If using Bash Shell, then you can use its feature to check if a port is open or closed:
(timeout 1 bash -c '</dev/tcp/127.0.0.1/17500 && echo PORT OPEN || echo PORT CLOSED') 2>/dev/null
PORT OPEN
(timeout 1 bash -c '</dev/tcp/127.0.0.1/7500 && echo PORT OPEN || echo PORT CLOSED') 2>/dev/null
PORT CLOSED
Note that if the server does not respond after 1 second the timeout is reached, the commands between ' interrupted, and thus nothing is printed.
edited Nov 7 at 10:17
thecarpy
2,255824
answered Nov 4 at 18:27
in2nix4life
1962
4
Perhaps you should use the hostname from the question (kafka02) instead of127.0.0.1, which makes it look like it only works with the loopback.
– Dmitry Grigoryev
Nov 5 at 9:52
1
(timeout 1 bash -c '</dev/tcp/www.google.com/444 && echo PORT OPEN || echo PORT CLOSED') 2>/dev/nullprints nothing for me.(timeout 1 bash -c '</dev/tcp/www.google.com/444' && echo PORT OPEN || echo PORT CLOSED) 2>/dev/nullworked as expected (prints PORT CLOSED). Note the location of the'.
– thecarpy
Nov 7 at 9:21
what you get on bash -c '</dev/tcp/kafka01/6667'
– yael
Nov 7 at 10:45
then echo $? ( if 0 then port is open ,)
– yael
Nov 7 at 10:46
IIRC this bash feature used to be disabled in Debian some time ago. It's a neat trick but doesn't always work.
– AnonymousLurker
Nov 27 at 9:50
add a comment |
up vote
17
down vote
accepted
up vote
17
down vote
accepted
If using Bash Shell, then you can use its feature to check if a port is open or closed:
(timeout 1 bash -c '</dev/tcp/127.0.0.1/17500 && echo PORT OPEN || echo PORT CLOSED') 2>/dev/null
PORT OPEN
(timeout 1 bash -c '</dev/tcp/127.0.0.1/7500 && echo PORT OPEN || echo PORT CLOSED') 2>/dev/null
PORT CLOSED
Note that if the server does not respond after 1 second the timeout is reached, the commands between ' interrupted, and thus nothing is printed.
edited Nov 7 at 10:17
thecarpy
2,255824
answered Nov 4 at 18:27
in2nix4life
1962
If using Bash Shell, then you can use its feature to check if a port is open or closed:
(timeout 1 bash -c '</dev/tcp/127.0.0.1/17500 && echo PORT OPEN || echo PORT CLOSED') 2>/dev/null
PORT OPEN
(timeout 1 bash -c '</dev/tcp/127.0.0.1/7500 && echo PORT OPEN || echo PORT CLOSED') 2>/dev/null
PORT CLOSED
Note that if the server does not respond after 1 second the timeout is reached, the commands between ' interrupted, and thus nothing is printed.
edited Nov 7 at 10:17
thecarpy
2,255824
answered Nov 4 at 18:27
in2nix4life
1962
edited Nov 7 at 10:17
thecarpy
2,255824
edited Nov 7 at 10:17
thecarpy
2,255824
edited Nov 7 at 10:17
thecarpy
2,255824
2,255824
answered Nov 4 at 18:27
in2nix4life
1962
answered Nov 4 at 18:27
in2nix4life
1962
answered Nov 4 at 18:27
in2nix4life
1962
1962
4
Perhaps you should use the hostname from the question (kafka02) instead of127.0.0.1, which makes it look like it only works with the loopback.
– Dmitry Grigoryev
Nov 5 at 9:52
1
(timeout 1 bash -c '</dev/tcp/www.google.com/444 && echo PORT OPEN || echo PORT CLOSED') 2>/dev/nullprints nothing for me.(timeout 1 bash -c '</dev/tcp/www.google.com/444' && echo PORT OPEN || echo PORT CLOSED) 2>/dev/nullworked as expected (prints PORT CLOSED). Note the location of the'.
– thecarpy
Nov 7 at 9:21
what you get on bash -c '</dev/tcp/kafka01/6667'
– yael
Nov 7 at 10:45
then echo $? ( if 0 then port is open ,)
– yael
Nov 7 at 10:46
IIRC this bash feature used to be disabled in Debian some time ago. It's a neat trick but doesn't always work.
– AnonymousLurker
Nov 27 at 9:50
add a comment |
4
Perhaps you should use the hostname from the question (kafka02) instead of127.0.0.1, which makes it look like it only works with the loopback.
– Dmitry Grigoryev
Nov 5 at 9:52
1
(timeout 1 bash -c '</dev/tcp/www.google.com/444 && echo PORT OPEN || echo PORT CLOSED') 2>/dev/nullprints nothing for me.(timeout 1 bash -c '</dev/tcp/www.google.com/444' && echo PORT OPEN || echo PORT CLOSED) 2>/dev/nullworked as expected (prints PORT CLOSED). Note the location of the'.
– thecarpy
Nov 7 at 9:21
what you get on bash -c '</dev/tcp/kafka01/6667'
– yael
Nov 7 at 10:45
then echo $? ( if 0 then port is open ,)
– yael
Nov 7 at 10:46
IIRC this bash feature used to be disabled in Debian some time ago. It's a neat trick but doesn't always work.
– AnonymousLurker
Nov 27 at 9:50
4
4
Perhaps you should use the hostname from the question (kafka02) instead of
127.0.0.1, which makes it look like it only works with the loopback.– Dmitry Grigoryev
Nov 5 at 9:52
Perhaps you should use the hostname from the question (kafka02) instead of
127.0.0.1, which makes it look like it only works with the loopback.– Dmitry Grigoryev
Nov 5 at 9:52
1
1
(timeout 1 bash -c '</dev/tcp/www.google.com/444 && echo PORT OPEN || echo PORT CLOSED') 2>/dev/null prints nothing for me. (timeout 1 bash -c '</dev/tcp/www.google.com/444' && echo PORT OPEN || echo PORT CLOSED) 2>/dev/null worked as expected (prints PORT CLOSED). Note the location of the '.– thecarpy
Nov 7 at 9:21
(timeout 1 bash -c '</dev/tcp/www.google.com/444 && echo PORT OPEN || echo PORT CLOSED') 2>/dev/null prints nothing for me. (timeout 1 bash -c '</dev/tcp/www.google.com/444' && echo PORT OPEN || echo PORT CLOSED) 2>/dev/null worked as expected (prints PORT CLOSED). Note the location of the '.– thecarpy
Nov 7 at 9:21
what you get on bash -c '</dev/tcp/kafka01/6667'
– yael
Nov 7 at 10:45
what you get on bash -c '</dev/tcp/kafka01/6667'
– yael
Nov 7 at 10:45
then echo $? ( if 0 then port is open ,)
– yael
Nov 7 at 10:46
then echo $? ( if 0 then port is open ,)
– yael
Nov 7 at 10:46
IIRC this bash feature used to be disabled in Debian some time ago. It's a neat trick but doesn't always work.
– AnonymousLurker
Nov 27 at 9:50
IIRC this bash feature used to be disabled in Debian some time ago. It's a neat trick but doesn't always work.
– AnonymousLurker
Nov 27 at 9:50
add a comment |
up vote
27
down vote
netcat is one option.
nc -zv kafka02 6667
-z= sets nc to simply scan for listening daemons, without actually sending any data to them
-v= enables verbose mode
answered Nov 4 at 10:28
steve
13.8k22452
is it possible to get standard output from the nc ? because I want to write in in my bash script
– yael
Nov 4 at 10:36
2
Read the documentation! Without optionsncbehaves a lot liketelnet.
– Henrik
Nov 4 at 11:03
yes I read the docs but -w flag not works as timeout
– yael
Nov 4 at 11:09
example - c -v -w 1 kafka01 6667 ( we not get timeout )
– yael
Nov 4 at 11:09
nc -v -w 3 kafka01 6667 Ncat: Version 6.40 ( nmap.org/ncat ) Ncat: Connected to 10.164.235.85:6667. ( this still hang )
– yael
Nov 4 at 11:10
|
show 1 more comment
up vote
27
down vote
netcat is one option.
nc -zv kafka02 6667
-z= sets nc to simply scan for listening daemons, without actually sending any data to them
-v= enables verbose mode
answered Nov 4 at 10:28
steve
13.8k22452
is it possible to get standard output from the nc ? because I want to write in in my bash script
– yael
Nov 4 at 10:36
2
Read the documentation! Without optionsncbehaves a lot liketelnet.
– Henrik
Nov 4 at 11:03
yes I read the docs but -w flag not works as timeout
– yael
Nov 4 at 11:09
example - c -v -w 1 kafka01 6667 ( we not get timeout )
– yael
Nov 4 at 11:09
nc -v -w 3 kafka01 6667 Ncat: Version 6.40 ( nmap.org/ncat ) Ncat: Connected to 10.164.235.85:6667. ( this still hang )
– yael
Nov 4 at 11:10
|
show 1 more comment
up vote
27
down vote
up vote
27
down vote
netcat is one option.
nc -zv kafka02 6667
-z= sets nc to simply scan for listening daemons, without actually sending any data to them
-v= enables verbose mode
answered Nov 4 at 10:28
steve
13.8k22452
netcat is one option.
nc -zv kafka02 6667
-z= sets nc to simply scan for listening daemons, without actually sending any data to them
-v= enables verbose mode
answered Nov 4 at 10:28
steve
13.8k22452
answered Nov 4 at 10:28
steve
13.8k22452
answered Nov 4 at 10:28
steve
13.8k22452
answered Nov 4 at 10:28
steve
13.8k22452
13.8k22452
is it possible to get standard output from the nc ? because I want to write in in my bash script
– yael
Nov 4 at 10:36
2
Read the documentation! Without optionsncbehaves a lot liketelnet.
– Henrik
Nov 4 at 11:03
yes I read the docs but -w flag not works as timeout
– yael
Nov 4 at 11:09
example - c -v -w 1 kafka01 6667 ( we not get timeout )
– yael
Nov 4 at 11:09
nc -v -w 3 kafka01 6667 Ncat: Version 6.40 ( nmap.org/ncat ) Ncat: Connected to 10.164.235.85:6667. ( this still hang )
– yael
Nov 4 at 11:10
|
show 1 more comment
is it possible to get standard output from the nc ? because I want to write in in my bash script
– yael
Nov 4 at 10:36
2
Read the documentation! Without optionsncbehaves a lot liketelnet.
– Henrik
Nov 4 at 11:03
yes I read the docs but -w flag not works as timeout
– yael
Nov 4 at 11:09
example - c -v -w 1 kafka01 6667 ( we not get timeout )
– yael
Nov 4 at 11:09
nc -v -w 3 kafka01 6667 Ncat: Version 6.40 ( nmap.org/ncat ) Ncat: Connected to 10.164.235.85:6667. ( this still hang )
– yael
Nov 4 at 11:10
is it possible to get standard output from the nc ? because I want to write in in my bash script
– yael
Nov 4 at 10:36
is it possible to get standard output from the nc ? because I want to write in in my bash script
– yael
Nov 4 at 10:36
2
2
Read the documentation! Without options
nc behaves a lot like telnet.– Henrik
Nov 4 at 11:03
Read the documentation! Without options
nc behaves a lot like telnet.– Henrik
Nov 4 at 11:03
yes I read the docs but -w flag not works as timeout
– yael
Nov 4 at 11:09
yes I read the docs but -w flag not works as timeout
– yael
Nov 4 at 11:09
example - c -v -w 1 kafka01 6667 ( we not get timeout )
– yael
Nov 4 at 11:09
example - c -v -w 1 kafka01 6667 ( we not get timeout )
– yael
Nov 4 at 11:09
nc -v -w 3 kafka01 6667 Ncat: Version 6.40 ( nmap.org/ncat ) Ncat: Connected to 10.164.235.85:6667. ( this still hang )
– yael
Nov 4 at 11:10
nc -v -w 3 kafka01 6667 Ncat: Version 6.40 ( nmap.org/ncat ) Ncat: Connected to 10.164.235.85:6667. ( this still hang )
– yael
Nov 4 at 11:10
|
show 1 more comment
up vote
23
down vote
The gold standard is undoubtedly nmap (nmap.org), but it typically requires root for “best results”. However, standalone binaries are available and it is possible to run it as an unprivileged user, just with degraded capabilities. For example, instead of a stealth syn scan (-sS), it falls back to a standard TCP connect scan (-sT). This is functionally equivalent to netcat, but with the nice multi-host, sped-up capabilities that it has.
An example:
not-root$ nmap -sT google.com
Starting Nmap 7.70 ( https://nmap.org ) at 2018-11-04 21:01 GMT
Nmap scan report for google.com (172.217.23.14)
Host is up (0.12s latency).
rDNS record for 172.217.23.14: lhr35s01-in-f14.1e100.net
Not shown: 998 filtered ports
PORT STATE SERVICE
80/tcp open http
443/tcp open https
edited Nov 5 at 12:23
crater2150
2,53021521
answered Nov 4 at 21:04
Landak
25318
1
in most organizations nmap is considered as a scaning tool and one can not use nmap without proper authorization. Also if it is an EC2 instance, authorization required from AWS as well.
– al mamun
Nov 6 at 20:52
add a comment |
up vote
23
down vote
The gold standard is undoubtedly nmap (nmap.org), but it typically requires root for “best results”. However, standalone binaries are available and it is possible to run it as an unprivileged user, just with degraded capabilities. For example, instead of a stealth syn scan (-sS), it falls back to a standard TCP connect scan (-sT). This is functionally equivalent to netcat, but with the nice multi-host, sped-up capabilities that it has.
An example:
not-root$ nmap -sT google.com
Starting Nmap 7.70 ( https://nmap.org ) at 2018-11-04 21:01 GMT
Nmap scan report for google.com (172.217.23.14)
Host is up (0.12s latency).
rDNS record for 172.217.23.14: lhr35s01-in-f14.1e100.net
Not shown: 998 filtered ports
PORT STATE SERVICE
80/tcp open http
443/tcp open https
edited Nov 5 at 12:23
crater2150
2,53021521
answered Nov 4 at 21:04
Landak
25318
1
in most organizations nmap is considered as a scaning tool and one can not use nmap without proper authorization. Also if it is an EC2 instance, authorization required from AWS as well.
– al mamun
Nov 6 at 20:52
add a comment |
up vote
23
down vote
up vote
23
down vote
The gold standard is undoubtedly nmap (nmap.org), but it typically requires root for “best results”. However, standalone binaries are available and it is possible to run it as an unprivileged user, just with degraded capabilities. For example, instead of a stealth syn scan (-sS), it falls back to a standard TCP connect scan (-sT). This is functionally equivalent to netcat, but with the nice multi-host, sped-up capabilities that it has.
An example:
not-root$ nmap -sT google.com
Starting Nmap 7.70 ( https://nmap.org ) at 2018-11-04 21:01 GMT
Nmap scan report for google.com (172.217.23.14)
Host is up (0.12s latency).
rDNS record for 172.217.23.14: lhr35s01-in-f14.1e100.net
Not shown: 998 filtered ports
PORT STATE SERVICE
80/tcp open http
443/tcp open https
edited Nov 5 at 12:23
crater2150
2,53021521
answered Nov 4 at 21:04
Landak
25318
The gold standard is undoubtedly nmap (nmap.org), but it typically requires root for “best results”. However, standalone binaries are available and it is possible to run it as an unprivileged user, just with degraded capabilities. For example, instead of a stealth syn scan (-sS), it falls back to a standard TCP connect scan (-sT). This is functionally equivalent to netcat, but with the nice multi-host, sped-up capabilities that it has.
An example:
not-root$ nmap -sT google.com
Starting Nmap 7.70 ( https://nmap.org ) at 2018-11-04 21:01 GMT
Nmap scan report for google.com (172.217.23.14)
Host is up (0.12s latency).
rDNS record for 172.217.23.14: lhr35s01-in-f14.1e100.net
Not shown: 998 filtered ports
PORT STATE SERVICE
80/tcp open http
443/tcp open https
edited Nov 5 at 12:23
crater2150
2,53021521
answered Nov 4 at 21:04
Landak
25318
edited Nov 5 at 12:23
crater2150
2,53021521
edited Nov 5 at 12:23
crater2150
2,53021521
edited Nov 5 at 12:23
crater2150
2,53021521
2,53021521
answered Nov 4 at 21:04
Landak
25318
answered Nov 4 at 21:04
Landak
25318
answered Nov 4 at 21:04
Landak
25318
25318
1
in most organizations nmap is considered as a scaning tool and one can not use nmap without proper authorization. Also if it is an EC2 instance, authorization required from AWS as well.
– al mamun
Nov 6 at 20:52
add a comment |
1
in most organizations nmap is considered as a scaning tool and one can not use nmap without proper authorization. Also if it is an EC2 instance, authorization required from AWS as well.
– al mamun
Nov 6 at 20:52
1
1
in most organizations nmap is considered as a scaning tool and one can not use nmap without proper authorization. Also if it is an EC2 instance, authorization required from AWS as well.
– al mamun
Nov 6 at 20:52
in most organizations nmap is considered as a scaning tool and one can not use nmap without proper authorization. Also if it is an EC2 instance, authorization required from AWS as well.
– al mamun
Nov 6 at 20:52
add a comment |
up vote
4
down vote
If Perl is an option, you can use its IO::Socket module to test a connection to a particular host and port; the script below hard-codes TCP as the protocol (which is what telnet would use):
#!/usr/bin/perl -w
# tries to connect to the given IP and port (tcp)
use strict;
use IO::Socket;
my $desthost = shift or die "Usage: $0 host portn";
my $destport = shift or die "Usage: $0 host portn";
gethostbyname($desthost) || die "Invalid host givenn";
my $handle = IO::Socket::INET->new(
PeerAddr => $desthost,
PeerPort => $destport,
Proto => 'tcp')
or die "can't connect to $desthost:$destport: $!n";
close $handle;
print "Success!n"
Sample output from a closed port:
$ ./above-script kafka02 6667
can't connect to kafka02:6667: Connection refused
Sample output from an open port:
$ ./above-script kafka02 4200
Success!
edited Nov 6 at 20:14
chicks
8121721
answered Nov 6 at 13:32
Jeff Schaller
37.1k1052121
add a comment |
up vote
4
down vote
If Perl is an option, you can use its IO::Socket module to test a connection to a particular host and port; the script below hard-codes TCP as the protocol (which is what telnet would use):
#!/usr/bin/perl -w
# tries to connect to the given IP and port (tcp)
use strict;
use IO::Socket;
my $desthost = shift or die "Usage: $0 host portn";
my $destport = shift or die "Usage: $0 host portn";
gethostbyname($desthost) || die "Invalid host givenn";
my $handle = IO::Socket::INET->new(
PeerAddr => $desthost,
PeerPort => $destport,
Proto => 'tcp')
or die "can't connect to $desthost:$destport: $!n";
close $handle;
print "Success!n"
Sample output from a closed port:
$ ./above-script kafka02 6667
can't connect to kafka02:6667: Connection refused
Sample output from an open port:
$ ./above-script kafka02 4200
Success!
edited Nov 6 at 20:14
chicks
8121721
answered Nov 6 at 13:32
Jeff Schaller
37.1k1052121
add a comment |
up vote
4
down vote
up vote
4
down vote
If Perl is an option, you can use its IO::Socket module to test a connection to a particular host and port; the script below hard-codes TCP as the protocol (which is what telnet would use):
#!/usr/bin/perl -w
# tries to connect to the given IP and port (tcp)
use strict;
use IO::Socket;
my $desthost = shift or die "Usage: $0 host portn";
my $destport = shift or die "Usage: $0 host portn";
gethostbyname($desthost) || die "Invalid host givenn";
my $handle = IO::Socket::INET->new(
PeerAddr => $desthost,
PeerPort => $destport,
Proto => 'tcp')
or die "can't connect to $desthost:$destport: $!n";
close $handle;
print "Success!n"
Sample output from a closed port:
$ ./above-script kafka02 6667
can't connect to kafka02:6667: Connection refused
Sample output from an open port:
$ ./above-script kafka02 4200
Success!
edited Nov 6 at 20:14
chicks
8121721
answered Nov 6 at 13:32
Jeff Schaller
37.1k1052121
If Perl is an option, you can use its IO::Socket module to test a connection to a particular host and port; the script below hard-codes TCP as the protocol (which is what telnet would use):
#!/usr/bin/perl -w
# tries to connect to the given IP and port (tcp)
use strict;
use IO::Socket;
my $desthost = shift or die "Usage: $0 host portn";
my $destport = shift or die "Usage: $0 host portn";
gethostbyname($desthost) || die "Invalid host givenn";
my $handle = IO::Socket::INET->new(
PeerAddr => $desthost,
PeerPort => $destport,
Proto => 'tcp')
or die "can't connect to $desthost:$destport: $!n";
close $handle;
print "Success!n"
Sample output from a closed port:
$ ./above-script kafka02 6667
can't connect to kafka02:6667: Connection refused
Sample output from an open port:
$ ./above-script kafka02 4200
Success!
edited Nov 6 at 20:14
chicks
8121721
answered Nov 6 at 13:32
Jeff Schaller
37.1k1052121
edited Nov 6 at 20:14
chicks
8121721
edited Nov 6 at 20:14
chicks
8121721
edited Nov 6 at 20:14
chicks
8121721
8121721
answered Nov 6 at 13:32
Jeff Schaller
37.1k1052121
answered Nov 6 at 13:32
Jeff Schaller
37.1k1052121
answered Nov 6 at 13:32
Jeff Schaller
37.1k1052121
37.1k1052121
add a comment |
add a comment |
up vote
0
down vote
Device file /dev/tcp and /dev/udp can be used instead of telnet.
Example: echo 0 > /dev/tcp/103.64.35.86/6667 . Then check the exit status using #echo $? . If exit status is 0 then the port is open. If exit status is non-zero then the port is closed. For checking udp packets, use echo 0 > /dev/udp/103.64.35.86/6667 .
answered Nov 6 at 20:47
al mamun
61110
in my redhat 7 under /dev/ , we not have tcp
– yael
Nov 7 at 10:47
ls /dev/tcp/ ls: cannot access /dev/tcp/: No such file or directory
– yael
Nov 7 at 10:48
on which OS you test it?
– yael
Nov 7 at 10:49
@yael, you will not get /dev/tcp or /dev/udp while ls. try the exact same command on your shell and you will get the result. by the way, I frequently use it on RHEL6,7
– al mamun
Nov 7 at 15:29
add a comment |
up vote
0
down vote
Device file /dev/tcp and /dev/udp can be used instead of telnet.
Example: echo 0 > /dev/tcp/103.64.35.86/6667 . Then check the exit status using #echo $? . If exit status is 0 then the port is open. If exit status is non-zero then the port is closed. For checking udp packets, use echo 0 > /dev/udp/103.64.35.86/6667 .
answered Nov 6 at 20:47
al mamun
61110
in my redhat 7 under /dev/ , we not have tcp
– yael
Nov 7 at 10:47
ls /dev/tcp/ ls: cannot access /dev/tcp/: No such file or directory
– yael
Nov 7 at 10:48
on which OS you test it?
– yael
Nov 7 at 10:49
@yael, you will not get /dev/tcp or /dev/udp while ls. try the exact same command on your shell and you will get the result. by the way, I frequently use it on RHEL6,7
– al mamun
Nov 7 at 15:29
add a comment |
up vote
0
down vote
up vote
0
down vote
Device file /dev/tcp and /dev/udp can be used instead of telnet.
Example: echo 0 > /dev/tcp/103.64.35.86/6667 . Then check the exit status using #echo $? . If exit status is 0 then the port is open. If exit status is non-zero then the port is closed. For checking udp packets, use echo 0 > /dev/udp/103.64.35.86/6667 .
answered Nov 6 at 20:47
al mamun
61110
Device file /dev/tcp and /dev/udp can be used instead of telnet.
Example: echo 0 > /dev/tcp/103.64.35.86/6667 . Then check the exit status using #echo $? . If exit status is 0 then the port is open. If exit status is non-zero then the port is closed. For checking udp packets, use echo 0 > /dev/udp/103.64.35.86/6667 .
answered Nov 6 at 20:47
al mamun
61110
edited Nov 6 at 20:55
answered Nov 6 at 20:47
al mamun
61110
answered Nov 6 at 20:47
al mamun
61110
answered Nov 6 at 20:47
al mamun
61110
61110
in my redhat 7 under /dev/ , we not have tcp
– yael
Nov 7 at 10:47
ls /dev/tcp/ ls: cannot access /dev/tcp/: No such file or directory
– yael
Nov 7 at 10:48
on which OS you test it?
– yael
Nov 7 at 10:49
@yael, you will not get /dev/tcp or /dev/udp while ls. try the exact same command on your shell and you will get the result. by the way, I frequently use it on RHEL6,7
– al mamun
Nov 7 at 15:29
add a comment |
in my redhat 7 under /dev/ , we not have tcp
– yael
Nov 7 at 10:47
ls /dev/tcp/ ls: cannot access /dev/tcp/: No such file or directory
– yael
Nov 7 at 10:48
on which OS you test it?
– yael
Nov 7 at 10:49
@yael, you will not get /dev/tcp or /dev/udp while ls. try the exact same command on your shell and you will get the result. by the way, I frequently use it on RHEL6,7
– al mamun
Nov 7 at 15:29
in my redhat 7 under /dev/ , we not have tcp
– yael
Nov 7 at 10:47
in my redhat 7 under /dev/ , we not have tcp
– yael
Nov 7 at 10:47
ls /dev/tcp/ ls: cannot access /dev/tcp/: No such file or directory
– yael
Nov 7 at 10:48
ls /dev/tcp/ ls: cannot access /dev/tcp/: No such file or directory
– yael
Nov 7 at 10:48
on which OS you test it?
– yael
Nov 7 at 10:49
on which OS you test it?
– yael
Nov 7 at 10:49
@yael, you will not get /dev/tcp or /dev/udp while ls. try the exact same command on your shell and you will get the result. by the way, I frequently use it on RHEL6,7
– al mamun
Nov 7 at 15:29
@yael, you will not get /dev/tcp or /dev/udp while ls. try the exact same command on your shell and you will get the result. by the way, I frequently use it on RHEL6,7
– al mamun
Nov 7 at 15:29
add a comment |
up vote
0
down vote
ss -lt
this is another command you can use.
answered Nov 27 at 9:31
Dileep Jayasundara
11
add a comment |
up vote
0
down vote
ss -lt
this is another command you can use.
answered Nov 27 at 9:31
Dileep Jayasundara
11
add a comment |
up vote
0
down vote
up vote
0
down vote
ss -lt
this is another command you can use.
answered Nov 27 at 9:31
Dileep Jayasundara
11
ss -lt
this is another command you can use.
answered Nov 27 at 9:31
Dileep Jayasundara
11
answered Nov 27 at 9:31
Dileep Jayasundara
11
answered Nov 27 at 9:31
Dileep Jayasundara
11
answered Nov 27 at 9:31
Dileep Jayasundara
11
11
add a comment |
add a comment |
Thanks for contributing an answer to Unix & Linux Stack Exchange!
- Please be sure to answer the question. Provide details and share your research!
But avoid …
- Asking for help, clarification, or responding to other answers.
- Making statements based on opinion; back them up with references or personal experience.
To learn more, see our tips on writing great answers.
Some of your past answers have not been well-received, and you're in danger of being blocked from answering.
Please pay close attention to the following guidance:
- Please be sure to answer the question. Provide details and share your research!
But avoid …
- Asking for help, clarification, or responding to other answers.
- Making statements based on opinion; back them up with references or personal experience.
To learn more, see our tips on writing great answers.
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2funix.stackexchange.com%2fquestions%2f479710%2fwhat-are-the-alternatives-for-checking-open-ports-besides-telnet%23new-answer', 'question_page');
}
);
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Is perl an option?
– Jeff Schaller
Nov 4 at 15:01
5
Those "internal reasons" might bar you from using other port-scanning software. I knew a guy that worked at a bank and had his contract terminated because he had a copy of nmap on his PC. He was using it for work-related purposes, but it was on the proscribed list, so he was escorted out of the building.
– Roger Lipscombe
Nov 4 at 15:39
2
Is perl an option? – YES
– yael
Nov 4 at 17:47
2
Note that telnet is a sophisticated protocol. The
telnetutility turns off the protocol behaviour if a port is given at command line. Then it behaves much likenetcat, just with line ending detection.– rexkogitans
Nov 5 at 8:29