Profile Log out

Netcat port scan range

Netcat port scan range. and more. Note that flags starting with -s* requires sudo. To solve it, you would add the desired port range, as in 'netcat -z -v localhost 20-80', which scans ports 20 to 80 on localhost. Description. Installing ncat in RHEL Based Linux. -v is for verbose output, without this flag nc will not tell you if the port is closed. I have to read line by line of each file and use netcat to see if the ports are enabled, disabled or invalid and, finally, send this information into a file called scan_report. May 25, 2020 · With netcat you can scan a single port or a port range. I am using ParrotSec at the moment. In the example, Netcat will try to connect to 65,535 TCP ports and report the results to the terminal window. org. You can perform this task by utilizing a command like # nc -zv <hostname> <start_port-end_port> to scan a range of ports. This option checks the ports in range if there is a deamon listening without sending data. The following example uses parallel to iterate over the cross product, so you don't need to write any nested loops. Here is how to scan an IP range with Zenmap: As shown above, at the “Target” field just enter the IP address range separated with dash: For example 192. Nov 1, 2021 · The -z option is the scan-only flag, so here we are checking to see if the HTTP port is open. The following command is used to do a TCP port scan: nc -v -z target port-range. -u Use UDP instead of the default option of TCP. The -v option is for verbose output, the -n option tells nc to use IP addresses Study with Quizlet and memorize flashcards containing terms like T/F Netcat was designed to be a reliable front-end tool that can be used directly or easily driven by other programs and scripts. 1. txt Aug 13, 2020 · Firstly, We should know that what is netcat, which is also known as TCP/IP swiss army knife a feature-rich network utility. Be careful with shell expansions and quote the argument to -p if unsure. For example, to scan a particular port i. 1-443 = The port range we want to scan. They are used by system processes that provide widely used types of network services. TCP full connect. To scan a target IP for the 1000 most common ports using the default TCP connect scan: nmap 192. com 20 (tcp) failed: Connection refused Connection to Feb 25, 2016 · Netcat can also be used as a port scanner by using the -z option and specifying a host and port range instead of a single port. 1 6 8. nc -l -p [port] -e cmd. Quick Navigation General Help Top. - top 100 ports: This option is not explicitly men Jul 13, 2023 · In this guide, we will show you how to determine if ports on a remote Linux host are reachable/open using simple netcat (in short nc) command. The command consists of the following elements: On Ubuntu, the commands nc and netcat both work as symbolic links for the OpenBSD version of Netcat. Apr 12, 2023 · The netcat tool also allows you to listen on a specific port. On Unix-like operating systems, a process must execute with superuser privileges to be able to bind a network socket to an IP address using one of the well Dec 18, 2023 · netcat -u host port. : nc -v -n -z -w 1 192. where. 8 is the host that we are performing port scan on. 132, you can use the command: nc -zvn 192. How To Use Netcat for Port Scanning. The following command instructs netcat to scan which port range? n c - w | - z 1 9 2. Backdoor shell com Netcat. You can choose to scan a specific port or a set of ports. 69 80. Enterprise Networking -- Routers, switches, wireless, and firewalls. Sep 20, 2013 · 2. 103 = the IP of your target. This is generally used with some additional flags. com 80 – scan a single port. If you are looking to scan your destination through multiple local ports, you can use the -p <PORT> option [1]. If you wanted to check to see if your web server was operating correctly, you would check the status of port 80 on that server Netcat, kurz nc, ist ein universelles Kommandozeilenwerkzeug. g. On the target machine: nc -l -p [port] -e /bin/bash. With Netcat’s versatility and powerful features, you can accomplish a wide range of network management tasks. Der Scan prüft den Status aller Ports unter der angegebenen Domäne oder IP-Adresse, so dass Sie feststellen können, ob eine Firewall oder ein anderer For example, the following will scan all ports in nmap-services equal to or below 1024: -p [-1024]. -z stands for scanning mode. Often referred to as the “Swiss Army Knife of Networking,” Netcat is a command-line tool used for various networking tasks, such as port scanning, file transfer, executing remote scripts, chat applications, and even banner grabbing. In the following example, the computer has the IP address 192. 1 1-30. 1, using a range of port numbers from 1 to 30 ( 1-30 ): netcat -z -vv -n 127. 6. ) or a whole range (1-1024) can be entered for the scan: Mar 1, 2022 · The basic command format is the program name, domain / server IP / server hostname (temporary URL excluding the username), and port number. sh and paste the code into it and then save it. Then select the scan Profile (e. 1 22 3306 8080 Mar 18, 2024 · Installing netcat in Debian Based Linux. 0. 8 20-80. You can specify a range of ports by placing a dash between the first and last: We do this by specifying a range of ports to scan, as we did above, along with the -z option Apr 11, 2024 · If you ever need to exclude certain IPs from the IP range scan, you can use the “–exclude” option, as you see below: nmap -p 8. Although netcat is probably not the most sophisticated tool for the job (nmap is a better choice in most cases), it can perform simple port scans to identify open ports easily. example. ComputerName : 8. e. ; once all nc commands are successful, the exit status of the subshell is true, this is Feb 28, 2022 · Perform Port Scanning through Netcat. If you already have a specific port in mind, you can skip ahead to the next step. Here are some practical examples you can follow to learn how the netcat command is used in Linux. According to the Linux manpage for netcat: Oct 31, 2022 · testing. That tells netcat to look through that local port, much similar to when telling it to setup a backdoor listener on said port. A useful command line flag is -z. May 24, 2022 · The basic syntax for the nc command is: nc [<options>] <host> <port>. This cheat sheet provides various for using Netcat on both Linux and Unix. The <port ranges> are specified similar to -p. Step 2: Make sure to give the executable permission to your script. 143. 2. On the remote machine: nc [target IP] [port] These are just a few examples of the advanced uses of Netcat commands. For examlpe you can use “nmap -O -A 192. Port Scanning: It can be used to check if a specific port is open on the target system. . It is designed to be a reliable "back-end" tool that can be used directly or easily driven by other programs and scripts. nc -zv hostname. com 80-84 – scan a range of ports. The netcat utility program supports a wide range of commands to manage networks and monitor the flow of traffic data between syste Jan 1, 2008 · A port-scanning example is shown in Figure 2. TCP: Scan for open ports: To scan the open ports in the range of 30-60 using Netcat, run the command mentioned below: Banners do Netcat. While I personally prefer tools like Nmap for intensive port scanning, Netcat can certainly do the job for quick scans. On most systems, we can use either netcat or nc interchangeably. Oct 4, 2021 · In order to detect any errors and security issues, you can run a scan and identify open ports. Dec 20, 2023 · NetScanTools. After scan is done, go to “Topology Nov 16, 2022 · Netcat may be used to transmit data, scan for open ports, debug connectivity, evaluate connectivity, scan for open ports, and function as a proxy. Jun 8, 2023 · Here we have used `-z` option, to scan for open ports. -v = verbose mode. Jan 11, 2020 · netcat is basically a swiss army knife to perform all kind of ops with TCP/UDP. Feb 21, 2022 · Step 1: Scan a Port Range. After the IP address, individual ports (e. 168. 77 10-30. For a quick ping test, run tnc with just the target host as an argument: PS L:\> tnc 8. com 80 20 22 nc: connect to host. The command below will help us see if the port 22 is open on the host 192. This command can be understood in below segments: -v outputs more information to help debugging. Netcat can be used for port scanning as a naive version of nmap with the -z option. When it is used, netcat does not initiate a connection to the server, but just informs about the open port it has found. Jan 6, 2021 · Steps to Use this Port Scanner: Step 1: Copy the source code and create a file port. #nmap -e eth2 scanme. TCP SYN half-open. 0+). com 20-25. 0/24" command. Add –r to randomize destination ports within the range Add –p [port] to specify a source port for the scan TCP Banner Grabber Netcat Relays on Linux To start, create a FIFO (named pipe) called backpipe: $ cd /tmp $ mknod backpipe p Listener-to-Client Relay: $ nc –l –p [LocalPort] 0<backpipe | nc [TargetIPaddr] [port] | tee backpipe Jan 27, 2022 · To force Nmap to scan using a different network interface, use the -e argument: #nmap -e <interface> <target>. In this example, I scan an instance of Metasploitable 2 for open ports in the range between 1 and 2222. 10 and list the open ones: nc -z 192. sh [followed by the target’s IP address] ) Apr 25, 2019 · How to filter the success message when using nc port scan (1 answer) Closed 5 years ago. nmap. You need to run nc separately for each port: do sleep 0. You can also specify a list of ports to scan, for example: $ nc -zv host. The service can also detect uptime of a host if the host is running one of the known Operating Ncat: Your General-Purpose Network Connector. Site Areas; Settings; Sep 1, 2022 · Tour Start here for a quick overview of the site Help Center Detailed answers to any questions you might have Nov 6, 2006 · Works as a Port Scanner too. UDP ICMP. Examples of netcat usage: Connecting (TCP): Enterprise Networking Design, Support, and Discussion. 174. NetScanTools is a premium toolbox which got more than 50 tools for DNS, Ping, SNMP, Discovery, Whois, ARP, Traceroute, etc. Nov 28, 2019 · I have to use netcat to scan hosts and ports. Here the ntpd service is listening on port 123: Code: [Select] root@server:~# hostname -i. exe – executa um shell no Netcat para Windows. // simple scan of TCP ports on web host / IP address $ nmap 192. Since the netcat command lists all scanned ports, you get lots of information and some you don’t need. Sep 25, 2009 · Simple one-liner for scanning a range of hosts, you can also scan a range of ports with Netcat by ex. 201 // scan a Apr 2, 2023 · To scan a specific port or range of ports on a system, you would enter the following command: nc -zvn hostname/ip address portnumber (s). We recommend the following parameters when scanning with Netcat, Nc, or Ncat:-z – See if the port is open without sending data Aug 28, 2019 · Using netcat for Port Scanning. It supports the following five types of port scans. TCP Port Scanning: Scan for open ports: If you are planning Jun 1, 2016 · If netcat is not failing, then most likely netcat is binding to port 0 instead, which tells the listening socket to bind to a random available ephemeral port. Type the below command to do so. Use netstat to verify. com is SSH with the specified version. Leave a Comment Dec 15, 2021 · Netcat, widely known as a net admin’s Swiss Army Knife, is a command line network utility that can read and write data across TCP and UDP network connections. 1 80 port [tcp/http] succeeded! Following is the syntax to check UDP ports: Code: [Select] nc -zuv <domain_name or ip-address> <port>. You can also string a bunch of those ports together if they are split up. Aug 17, 2003 · Port scanning provides useful information, including the banners of otherwise hidden applications that might be listening on your servers. The Portscan finishes almost immediately. You have the option of scanning a single port or a range of ports. All the tables provided in the cheat sheets are Nov 3, 2019 · This is the de facto tool for port scanning right now. 245. " This course offers hands-on experience with Netcat, including creating backdoors, port scanning, and transferring files securely. how can I do this? ~Conradin~ Adv Reply . To use netcat to learn more, you need to pass it the Apr 10, 2023 · Launching Reverse Shells. nc -zv 77. Netcat kann zum Port-Scannen, zur Port-Umleitung und als Port-Listener (für eingehende Verbindungen) verwendet werden. Lets take a look at a udp port 123 in this server. 9 3 2 - 5 0 |. /port. Scan ports 22, 3306 and 8080 $ nc -zvn 192. #Time 20200910. -z = Portscanning mode or zero I/O mode. 10: $ nc -zv 192. Start scanning ports. We can also scan a range of ports in one go. com port ncat domain. This reverse shell allows you to The port numbers in the range from 0 to 1023 (0 to 2 10 − 1) are the well-known ports or system ports. parallel nc -vz ::: host1 host2 host3 ::: 22 80 443 8080. You can use the -z flag to instruct Netcat to perform a more traditional port scan. The following example creates a simple text chat between two computers. Nmap vs. 252. The hosts are in the hostfile and the ports in the portfile. X \"for i in {21. Don't miss out on potential vulnerabilities in your network, get the skills you need now with this comprehensive course on "Hands-on Penetration Testing with Netcat. In order to start the listener on TCP port 5000, run the following command: $ nc -l 5000. Can Netcat be used for network scanning like Nmap? Answer: Yes, Netcat can perform basic network scanning, particularly for checking open ports. // for RHEL/CentOS $ sudo yum install nmap -y // for Ubuntu/Debian $ sudo apt-get update $ sudo apt-get install nmap -y. IF we want to search in between the range of ports that are Open, we can write a small script as follows. At the same time, it is a feature-rich network debugging and exploration tool, since it can create Oct 6, 2023 · A port scanner sends a network request to connect to a specific TCP or UDP port on a computer and records the response. Netstat, Nmap, and Netcat are popular tools with different purposes but similarities. sh. Jan 8, 2024 · Port scanning with nc involves the detection of open ports on a target system. vim port_scan. Netcat Port Scanning . Install NMap. In this post, we will compare Netstat vs. Port scanning is one of the most often used Netcat apps. Often we see folks doing something cludgy with telnet or ftp, but Powershell Test-NetConnection ( tnc for short) does a fine job of spot testing for an open port or to see if an IP is in use. However, it lacks the depth and range Dec 15, 2015 · To identify if a server is running, you only need to determine if the port is open for requests. would report the open ports in the range 10-30. 1-1000 is the range of ports to scan. 29}\" is only works with bash 3. echo “” | nc -zv -wl [host] [port range] – obtém banners TCP de um intervalo de portas. Cisco, Juniper, Arista, Fortinet, and more May 25, 2016 · One of the most common uses for netcat is as a port scanner. 3) Finding Open Ports in a range of ports. 15 22. netcat -z [HOST] [PORT RANGE] Example: $ netcat -z example. Netcat, their differences, and use cases to help you understand which is best Apr 26, 2023 · The nc command, also known as Netcat, is a command-line networking tool that has been around for many years. Upon installing netcat, a symlink nc pointing to the netcat command will be created. Other – a combination of SYN, URG, PSH, FIN, ACK, RST. sh with your requirements. nc -l -p [port] -e /bin/bash – run Jul 9, 2021 · You can specify a range of ports by placing a dash between the first and last: netcat host startport-endport. 2. Jun 10, 2022 · How to Use Netcat : Scanning for Open Ports. Netcat Port Scanner. Depending on which OS you are using, the command may be Oct 1, 2019 · Syntax: nc -nv[u]-w 1 -z <target-ip> <port range> Fancy tools such as Nmap aren’t the only way to scan ports, as we can achieve the same thing with Netcat (although it has lower performance Nov 19, 2023 · Netcat, in contrast, is a versatile networking tool used for various tasks like basic port scanning, file transfers, and setting up ad-hoc network connections. When you run this command, nc will attempt to connect to each TCP port in the range 1-1024 on the specified target. This is only necessary if you have problems with broadcast scripts or see the WARNING: Unable to find appropriate interface for system route to message. According to the Linux manpage for netcat: Jan 1, 2008 · By using basic command-line scripting from within Windows, Linux, or UNIX, a cracker can use the Netcat tool to port scan an entire block of IP addresses to find live servers, and vulnerable servers. #create by Sakurai. 132 22. Scan the network with the IP range you want. They are aliases for the same command. 1-100. On CentOS, Debian, and RHEL, the command is ncat. com 80 84 – scan a set of individual ports. Mar 13, 2024 · Command : hping3 –scan known <target>. The -z option tells nc to scan only for open ports, without sending any data and the -v is for more verbose information. (split across multiple lines for readability) This uses a shell subshell with a list of commands with a logical "and" && operator; the second nc command is only run if the first one succeeded, etc. Scan the most popular ports. Apr 16, 2024 · netcat, frequently shortened to nc, is a versatile networking utility that can perform a wide range of tasks, including establishing and managing network connections, transferring files, and conducting network diagnostics. * --exclude 8. 22 on a host with IP address 192. This will tell you if it's listening on port 80, the web port, but it won't tell you anything else about the server. The <host> is either a numeric IP address or a symbolic hostname. nc -l -p [port] -e /bin/bash – executa um shell no Linux. A quick rundown of the options: nc = netcat. In the command above, the flag: -z – sets nc to simply scan for listening daemons, without actually sending any data to them. Port-Scanning mit Netcat-Befehlen Wenn Sie versuchen, ein Netzwerk oder Performanceproblem zu diagnostizieren, bietet sich als erster Schritt an, einen Port-Scan mit Netcat durchzuführen. Jun 3, 2023 · In networking and system administration, various tools help professionals analyze and troubleshoot network connections, scan for vulnerabilities, and perform various other tasks. #sudo apt install netcat-traditional -y. org ) at 2023-02-20 13:42 EST. As such, your two netcat instances would actually be listening on different ports. A TCP Port Scan Dec 7, 2010 · I am trying to use netcat to scan a range of IP on a given port. Uso do Netcat com RedHat; Introdução ao Aug 17, 2003 · Netcat supports multiple verbose modes: When scanning a range of ports, use the -v flag to display only open ports or use the -vv flag to display both open and closed ports. As you can see, this is a nice and quick alternative to run a quick portscan directly Update: With parallel, this generalizes super well to cover an often needed case of multiple hosts x multiple ports. Port scanning. We are simply interested in the port scanning abilities of this for this blog post, so let’s actually see how to use it for the same. nc -z -v 157. May 31, 2023 · Learn how to use Netcat (nc) command line tool with 15 practical examples in Linux for network testing, troubleshooting, and more. Also, instead of a single port, it can accept a port-range to scan. Ncat is suitable for interactive use or as a network-connected back Netcat is a featured networking utility which reads and writes data across network connections, using the TCP/IP protocol. Here You have to replace the “10. To install netcat on Debian-based Linux (such as Ubuntu), we’ll use the apt-get command: $ apt-get install -y netcat. This will find all open ports using a full TCP three-way handshake: Starting Nmap 7. For example: $ nc -z 192. However, on my machine all the closed ports are also reported, so when I use a large range to check if any ports are Oct 2, 2020 · In order to detect any errors and security issues, you can run a scan and identify open ports. A simple port scan command for an IP address using netcat looks like this: nc -v -z 8. We can use it for fulfilling diverse objectives involving TCP, UDP, or UNIX-domain sockets. To use Netcat as a port scanner, you need to run it with the -z option: netcat -z -v -n REMOTE_COMPUTER_IP_ADDRESS 2000-5000. The following example will scan the ports 20 through 25 of 192. g quick scan, intense scan, ping scan etc) and hit the “Scan” button. 10 20-25 Feb 27, 2018 · How to scan ports with Netcat. 92 ( https://nmap. The best command line collection on the internet, submit yours and save your favorites. netcat command simply scans single host which is specified with its IP address and the port range we want to scan. netcat can do port scanning, transfer files, create a listener, or stream media, and many more. Port Scanning with Netcat. Open a terminal window on your favorite Security OS. I see that I'm able to scan one port, but with a ran Nov 1, 2023 · This indicates that the service running on port 22 at example. com 80 (tcp) failed: Connection refused nc: connect to host. 8 1-1000. ME. , The range of ports are administered by what organization?, T/F In order to conduct port scanning you first need a list of what hosts are on the network or the IP addresses. nc -zv site. echo “” | nc -zv -wl [host] [port range] – obtain the TCP banners for a range of ports. 90. Outros recursos do Netcat. 106” with you Nov 18, 2023 · Netcat can be used to transfer files or text data from one computer to another. It aims to be your network Swiss Army knife, handling a wide variety of security testing and administration tasks. #change subnet ip, range IP, range Port with your case Jan 12, 2023 · Step 1 – Scan for Open Ports using Netcat; Step 2 – Check Protocol Versions with Netcat; Step 1 – Scan for Open Ports using Netcat. Here’s the best way to solve it. 77. The service can also detect uptime of a host if the host is running one of the known Operating Jul 24, 2023 · Launch Zenmap GUI you have installed previously. 8. 11. Nov 16, 2022 · Netcat may be used to transmit data, scan for open ports, debug connectivity, evaluate connectivity, scan for open ports, and function as a proxy. Using “–top-ports” parameter along with a specific number lets you scan the top X most common ports for that host, as we can see: Jul 13, 2023 · Using netcat, you can check if a single or multiple or a range of open ports as follows. You can replace file name port_scan. This option specifies which ports you do want Nmap to exclude from scanning. TCP Port Scanning: Scan for open ports: If you are planning Jul 23, 2023 · You can choose multiple destination ports for most Netcat functions on the client side. Port scanner tool can be used to identify available services running on a server, it uses raw IP packets to find out what ports are open on a server or what Operating System is running or to check if a server has firewall enabled etc. One of the most prevalent Netcat applications is port scanning. Mar 5, 2021 · If you are willing to scan all 65535 TCP ports, take your time, it takes around 1 second per port as specified with -w 1 flag: Port scanning with netcat More tricks in the Enumeration penetration testing post: Jun 7, 2018 · 0. We do this by specifying a range of ports to scan, as we did above, along with the -z option to perform a Netcat (oder kurz nc) ist ein einfaches, aber leistungsstarkes Netzwerk-Befehlszeilentool, das zum Ausführen aller Vorgänge unter Linux im Zusammenhang mit TCP, < verwendet wirdUDP- oder UNIX -Domänen-Sockets. 105. It is a simple yet powerful tool that can be used for a wide range of tasks such as network communication, port scanning, file transfer, and network testing. In that case, run the below command, piping the grep command. It can be used as a powerful port scanner, port listener, port re-director and a backdoor to anyone who gets familiar with the commands. com 80. Sau đó chạy file thực thi scan port. 1), multiple ports (1, 2, 3 etc. Ncat is a general-purpose command-line tool for reading, writing, redirecting, and encrypting data across a network. But as you expect netcat do not provides similar experience to the nmap. Es kann im Terminal oder in Skripten für die Kommunikation über TCP - und UDP -Netzwerkverbindungen ( Internet Protocol Version 4 und Version 6 ), aber auch lokale UNIX Domain Sockets genutzt werden. Damit eignet es sich für zahlreiche Anwendungsfälle zum Thema Netzwerkverbindungen. This command filters out only the open ports with the “succeeded!” message at the end, as shown below. The scanning output is shown in the middle window. I see many examples for nc, even one in the man page, that says. 69 1-1000. Aug 25, 2023 · The problem is that the 'netcat -z -v localhost' command is missing the port or port range specification. Step 3: Usage for the script type ( . Output: Using Netcat for Port Scanning: An In-Depth Guide. Range of ports: 1-90 Multiple ports: 80 443 separated by a space Examples of service names: http ssh smtp Combination: ssh 2222 10022-10080 Simple port scan # There are better options like nmap, but it is often enough all you need. Sep 10, 2020 · Thay thế subnet ip, range IP, range port tuỳ theo nhu cầu. Using netcat, you can query a server like this: nc -z www. In the command 'netcat -z -v localhost', you are missing specifying the port or port range to scan. 56. 1 21-443 Useful when Nmap is not available:) Range declaration like X. 8. Download : Download full-size image; Figure 2. For IP protocol scanning ( -sO ), this option Jan 28, 2023 · To scan ports using netcat, you can use the nc command followed by the target IP address and port number you want to scan. 1. TCP/UDP ICMP. First, let’s determine what hosts had port 80 open according to Nmap. com port. Oct 24, 2023 · Let‘s go through some examples of using Nmap for basic port scanning. For the sake of comparison, we’ll compare our Nmap scan results for port 80 with a Metasploit scanning module. You can create a file server, chat client/server, TCP client etc. Example: nc -v -z example Jun 1, 2016 · If netcat is not failing, then most likely netcat is binding to port 0 instead, which tells the listening socket to bind to a random available ephemeral port. Proxy and Tunneling: It can be utilized for tasks like routing network traffic, acting as a proxy, or creating tunnels. Output : 7. ) or a whole range (1-1024) can be entered for the scan: Jul 27, 2023 · In the realm of networking tools, Netcat, commonly known as `nc`, stands out as a versatile and powerful utility. Now, the first step is to scan for open ports on your server. Netcat Banners. com port netcat domain. nc domain. The more advanced users can use Netcat to set up a reverse shell to an exploited server, as shown in Figure 4. 10. In this mode, Netcat doesn't try to connect to the ports—it simply scans the range and reports any ports that it finds open. Sep 10, 2020 · #script netcat scan range ip, range port onlinux. You'll learn Netcat basics, network fundamentals . Jul 14, 2021 · I'm aware that Nmap is the obvious choice for this task, however I would still like to know if it's possible to scan a range of ports with Ncat. So what a port scanner does is send a packet of network data to a port to check the current status. #Install netcat. Jan 7, 2021 · One of the most interesting and popular feature of the netcat command is network or port scanning. Whatever you type on the client and press the Enter key to send will appear in the console on the remote computer: The port range was specified to limit the search to ports 20 - 30, and is scanned by increasing order. 1 80-90 Connection to 192. For example, if you wanted to scan ports 21 trough 25 on a Sep 6, 2019 · In this small article I'll very briefly explain on basic netcat – known as the TCP Army knife tool port scanning for an IP range of UDP / TCP ports . Netcat Backdoor Shells. For example to scan for open TCP ports on a remote machine with IP address 10. 8 in the range 20-80 you would use the following command: nc -z -v 10. The command that follows scans the localhost, which has an IP address of 127. Quick Ref. The following nc command is used to perform a TCP port scan on the specified target using the nc (netcat) tool in Kali Linux. 192. jk vm gn kn pt qt ez ez ne hg