通常我们使用telnet测试端口是否开放,命令如下
telent 192.168.1.1 514
其实还可以用nc命令
安装
yum install nc -y
# nc --help
Ncat 7.50 ( https://nmap.org/ncat )
Usage: ncat [options] [hostname] [port]
Options taking a time assume seconds. Append 'ms' for milliseconds,
's' for seconds, 'm' for minutes, or 'h' for hours (e.g. 500ms).
-4 Use IPv4 only
-6 Use IPv6 only
-U, --unixsock Use Unix domain sockets only
-C, --crlf Use CRLF for EOL sequence
-c, --sh-exec <command> Executes the given command via /bin/sh
-e, --exec <command> Executes the given command
--lua-exec <filename> Executes the given Lua script
-g hop1[,hop2,...] Loose source routing hop points (8 max)
-G <n> Loose source routing hop pointer (4, 8, 12, ...)
-m, --max-conns <n> Maximum <n> simultaneous connections
-h, --help Display this help screen
-d, --delay <time> Wait between read/writes
-o, --output <filename> Dump session data to a file
-x, --hex-dump <filename> Dump session data as hex to a file
-i, --idle-timeout <time> Idle read/write timeout
-p, --source-port port Specify source port to use
-s, --source addr Specify source address to use (doesn't affect -l)
-l, --listen Bind and listen for incoming connections
-k, --keep-open Accept multiple connections in listen mode
-n, --nodns Do not resolve hostnames via DNS
-t, --telnet Answer Telnet negotiations
-u, --udp Use UDP instead of default TCP
--sctp Use SCTP instead of default TCP
-v, --verbose Set verbosity level (can be used several times)
-w, --wait <time> Connect timeout
-z Zero-I/O mode, report connection status only
--append-output Append rather than clobber specified output files
--send-only Only send data, ignoring received; quit on EOF
--recv-only Only receive data, never send anything
--allow Allow only given hosts to connect to Ncat
--allowfile A file of hosts allowed to connect to Ncat
--deny Deny given hosts from connecting to Ncat
--denyfile A file of hosts denied from connecting to Ncat
--broker Enable Ncat's connection brokering mode
--chat Start a simple Ncat chat server
--proxy <addr[:port]> Specify address of host to proxy through
--proxy-type <type> Specify proxy type ("http" or "socks4" or "socks5")
--proxy-auth <auth> Authenticate with HTTP or SOCKS proxy server
--ssl Connect or listen with SSL
--ssl-cert Specify SSL certificate file (PEM) for listening
--ssl-key Specify SSL private key (PEM) for listening
--ssl-verify Verify trust and domain name of certificates
--ssl-trustfile PEM file containing trusted SSL certificates
--ssl-ciphers Cipherlist containing SSL ciphers to use
--version Display Ncat's version information and exit
See the ncat(1) manpage for full options, descriptions and usage examples
例如
,我们要验证某台服务器udp 514端口是否开放
#nc -zvu 192.168.7.214 514
Ncat: Version 7.50 ( https://nmap.org/ncat )
Ncat: Connected to 192.168.70.214:514.
Ncat: Connection refused.
#nc -zvu 192.168.7.224 514
Ncat: Version 7.50 ( https://nmap.org/ncat )
Ncat: Connected to 192.168.70.224:514.
Ncat: UDP packet sent successfully
可以看到214机器端口未开放,224是开放的。
-z 表示为zero,意思是扫描时不发送任何数据包
-v 即为详细输出
-u 使用udp方式
其他例子
sh-4.2# nc -l 9999 # 开启一个本地9999的TCP协议端口,由客户端主动发起连接,一旦连接必须由服务端发起关闭
sh-4.2# nc -vw 2 192.168.21.248 11111 # 通过nc去访问192.168.21.248主机的11111端口,确认是否存活;可不加参数
sh-4.2# nc -ul 9999 # 开启一个本地9999的UDP协议端口,客户端不需要由服务端主动发起关闭
sh-4.2# nc 192.168.21.248 9999 < test # 通过192.168.21.248的9999TCP端口发送数据文件
sh-4.2# nc -l 9999 > zabbix.file # 开启一个本地9999的TCP端口,用来接收文件内容
# 测试网速
A机器操作如下:
sh-4.2# yum install -y dstat # A机器安装dstat命令
sh-4.2# nc -l 9999 > /dev/null
# B机器开启数据传输
nc 10.0.1.161 9999 </dev/zero
# A机器进行网络监控
sh-4.2# dstat
# UDP 协议测试
A机器开启UDP 端口
nc -ulp 8888
B机器测试UDP 端口联通
nc -zvu 192.168.1.1 8888