How To: Netcat – Check for open ports with the command line

NetCat PortKitty Port-checking

When troubleshooting a network integration or any other connection issue in Linux, step one is usually a matter of checking to see if the network port on the other side is even responding.

Netcat -The network Swiss Army knife (Hobbit, not nmap)- is the right tool for the job.

Before we begin, NetCat needs to be installed.

# RHEL / CentOS
~$ yum install nc

# Debian / Ubuntu
~$ apt-get install nc

Once installed, you can invoke Netcat like so:
~$ nc [REMOTE_SERVER] [PORT]

Syntax:
[REMOTE_SERVER] – The server to be checked
[PORT] – The service/port to be checked

 

 


Connection to google.com 443 port [tcp/https] succeeded!

How To: Avoid password theft, Faceraping, Email hijacks etc. On public networks

Network SendHas your email been blacklisted? Does your forum-posts suddenly contain nothing but kittens? Did your relationship status become same-sex over night? Well, physical access to your box may be the answer to most of these scenarios. But everything you send on public wire, in plain-text that is, has the potential to be sniffed out or otherwise phished if you are careless.

Here are a few tips in avoiding disaster:

* SSL/TLS
Encrypt, encrypt, encrypt and make sure the certificate in question is properly signed – its mandatory. Wether if its web, email or chat. Most online services today allow an encrypted alternative and that includes popular services like Google, Facebook and Twitter. Just be on the lookout for https:// and not plain http:// in the address-bar. Never trust a pretty “Lock Icon”, those can be injected onto the session while SSL is being striped out, in an attempt to fool the user.

Secure Address-Bar

The same mindset applies to SMTP/IMAP/POP3-email and various chat protocols. Enable, if any, SSL option that is available. For email, the default SSL port numbers are as follows: 993 for IMAP(S), 995 for POP3(S) and 465 for SMTP(S). The port number may vary depending on your email provider.

* SSH Tunnel
When encrypted alternatives are not available, or doesn’t exist, an SSH-tunnel can be used. Simply, tunnel the traffic through an encrypted SSH-session and relay it through the trusted network where the SSH-server is located. I have a tutorial on how to do just that, complete with syntax and resources required here: http://peppoj.net/2012/10/tunnel-http-traffic-encrypted-using-polipo-and-ssh/.

* BYOIC (Bring Your Own Internet Connection)
If all else fails and trust is an issue, avoid public networks completely and use your own connection. If you already made the leap to the new generation and bought a smartphone with a generous dataplan, why not use it? Most smartphones today (and some older devices I’ve seen) allow tethering to computers and other devices. Simply enable tethering, hock it up and mess with the network settings on your host.

Disclaimer:
None of the tips above will protect you from Phishing, or otherwise plain fraudulent websites. Use you’re brain.

Feedback welcome

External Resources
CompariTech: Common phishing scams and how to recognise and avoid them

Tunnel HTTP traffic encrypted, using Polipo and SSH

SSH can be used to do allot of great things. Login remotely, transfer files with scp and run single commands for a quick fix. All encrypted! Another great and well-known feature of SSH is SSH tunnelling.

SSH tunneling can be used to tunnel any kind of traffic, and in this guide I’ll focus on HTTP tunneling in conjunction with the proxy client Polipo (encrypted of course).

Things you will need:

  • Linux server
  • SSH daemon running on the server (openssh-server recommended)
  • Polipo daemon running on the server
  • SSH client (openssh-client recommended)

How to:

~$ ssh username@server -L 8118:localhost:8123 -N [Enter]
(Enter password)
Point your web-browsers proxy (Firefox, Chrome, etc) to localhost, port 8118

Syntax:

  • -L Specifies the remote address, remote port and local port ([local port]:[remote address]:[remote port])
  • -N Don’t execute any command on the remote machine when connected

Tunnel initiated!

How To: Send and receive files with Ncat (formerly NetCat)

As with any application in Linux, piping the output from an application to a logfile or perhaps another application. Can sometimes clarify what is going on. It would be even better if you could “cat” any output over the Network (Ncat, get it?) to another computer. That is where Ncat comes in.

First, some basics

  • ncat The command in question
  • -v Verbose output, recommended for testing
  • -l Tells ncat to listen
  • -k Tells ncat to keep the connection up (ncat exits on client disconnect by default)
  • -n Tells ncat to skip DNS resolution (not necessary when connecting/listening on plain IP’s)
  • –ssl Tells ncat to send data encrypted with ssl (optional)
  • –send-only Tells ncat to only send data (optional)
  • –recv-only Tells ncat to only receive data (optional)

Now, some examples

  • [Server] $ncat -l 1025 > file.txt [Client] $cat file.txt | ncat [IP of Server] 1025 – Sends “file.txt” to the server over port 1025
  • [Server] $ncat -lkv 12345 > file.txt [Client] $cat file.txt | ncat [IP of Server] 12345 – Sends “file.txt” to the server over port 12345. The server will verbosely print what is going on, and keep the connection open when the client disconnects
  • [Server] $ncat -lkvn –recv-only 1337 > supersecretfile.txt [Client] $cat supersecretfile.txt | ncat –send-only –ssl [IP of Server] 1337 – Sends “supersecretfile.txt” to the server over port 1337. The server will verbosely print output, keep the connection open and skip resolving DNS. While the client sends the data encrypted over ssl