1. Test if a particular TCP port of a remote host is open.
$ nc -vn 192.168.233.208 5000
nc: connect to 192.168.233.208 5000 (tcp) failed: Connection refused
$ nc -v 192.168.233.208 22
Connection to 192.168.233.208 22 port [tcp/ssh] succeeded! SSH-2.0-OpenSSH_6.0p1 Debian-4
2. Send a test UDP packet to a remote host.
The command below sends a test UDP packet with 1 second timeout to a remote host at port 5000.
$ echo -n “foo” | nc -u -w1 192.168.1.8 5000
3. Perform TCP port scanning against a remote host.
The command below scans ports in the ranges of [1-1000] and [2000-3000] to check which port(s) are open.
$ nc -vnz -w 1 192.168.233.208 1-1000 2000-3000
4. Perform UDP port scanning against a remote host.
$ nc -vnzu 192.168.1.8 1-65535
Connection to 192.168.1.8 68 port [udp/*] succeeded! Connection to 192.168.1.8 5353 port [udp/*] succeeded! Connection to 192.168.1.8 16389 port [udp/*] succeeded! Connection to 192.168.1.8 38515 port [udp/*] succeeded! Connection to 192.168.1.8 45103 port [udp/*] succeeded!
The above command checks which UDP port(s) of a remote host are open and able to receive traffic.
5. Listen on a UDP port and dump received data in text format.
The command below listens on UDP port for incoming messages (lines of text).
$ nc -u localhost 5000
Note that this command dies after receiving one message. If you want to receive multiple messages, use while loop as follows.
$ while true; do nc -u localhost 5000; done