nc (netcat) reads and writes TCP/UDP data, scans ports, transfers files, and creates simple servers directly from the terminal.
nc [options] [hostname] [port]If nc is missing, install it via your package manager. On Debian/Ubuntu:
sudo apt-get install netcatOn RHEL/CentOS 7:
sudo yum install ncOn Fedora/RHEL 8+:
sudo dnf install ncTested on Ubuntu 22.04 with netcat-openbsd 1.217-2.
Options and Flags
| Flag | Type | Default | Description |
|---|---|---|---|
-l |
Boolean | Off | Listen mode: nc waits for an incoming connection on the specified port. |
-p |
Integer | System assigned | Local port number to bind to (used with -l or -s). |
-v |
Boolean | Off | Verbose output; show connection details. |
-z |
Boolean | Off | Zero-I/O mode: scan ports without sending data. Often combined with -v. |
-k |
Boolean | Off | Keep listening after client disconnects (requires -l). |
-u |
Boolean | TCP (default) | Use UDP instead of TCP. |
-w |
Seconds | None (infinite) | Connection timeout: wait max <seconds> for a connection or response. |
-i |
Seconds | 0 | Interval: delay <seconds> between sent lines or scan attempts. |
-s |
IP address | Primary interface | Source IP address for the connection. |
-g |
List | None | Specify source route hop points (IPv4). |
-U |
Boolean | Off | Connect to a Unix domain socket instead of TCP. |
-W |
Seconds | None | Receive timeout: wait for data up to <seconds> after connection. |
-R |
Integer | 0 | Set TOS (Type of Service) value. |
Usage Examples
Port Scanning
nc -zv 10.10.8.8 22 80 443 8080Scans ports 22, 80, 443, and 8080 on host 10.10.8.8 using verbose zero-I/O mode. Each open port prints a confirmation line; closed ports produce a timeout or “Connection refused” message. Combine with -w 2 to limit scan duration to 2 seconds per port.
File Transfer
# Receiver (listens on port 5555, saves to received.zip)
nc -l -p 5555 > received.zip
# Sender (sends the file)
cat backup.zip | nc 192.168.0.1 5555Transfers backup.zip over the network. The receiver starts in listen mode; the sender connects and pipes the file into the connection. No encryption—use over trusted networks or pipe through openssl enc for production.
Simple Chat Server
# Server
nc -l -p 1234
# Client (replace 10.10.8.8 with server IP)
nc 10.10.8.8 1234After both sides run the commands, each line typed in one terminal is immediately displayed in the other. Use -u for UDP-based chat (delivery not guaranteed). Ctrl+D exits.
HTTP Request
printf "GET / HTTP/1.1rnHost: example.comrnConnection: closernrn" | nc example.com 80Manually crafts an HTTP GET request and sends it to port 80. The response headers and body are printed to stdout. Useful for debugging web servers without a full browser or curl.
Troubleshooting & Common Errors
| Error Message / Condition | Root Cause | Resolution Command |
|---|---|---|
nc: Permission denied |
User lacks privileges to bind to a reserved port (below 1024). |
|
nc: connect to <host> port <port> (tcp) failed: Connection refused |
No service listening on that port, or firewall blocked the inbound connection. |
|
nc: getaddrinfo: Name or service not known |
DNS resolution failed for the hostname. |
|
nc: timeout (no reply) |
Host unreachable, firewall drops packets, or port is filtered. |
|
Blank output with -u scan |
UDP scans rely on ICMP unreachable; no response may mean open or filtered. |
|
Exit Codes
| Code | Meaning | Operational Impact |
|---|---|---|
| 0 | Success (connection established, file transferred, port open) | Expected for normal operation. |
| 1 | General failure (connection refused, timeout, invalid flags) | Check firewall, host reachability, port state, or command syntax. |
| 2 | Syntax error (unknown option or missing argument) | Verify flag spelling and provide required parameters (e.g., port number). |
| 64-78 | System errors (out of memory, file descriptor limit) | Use ulimit -n to check open file limits; free memory or reduce concurrent connections. |
Frequently Asked Questions
What is the difference between `nc -l` and `nc -lp` for listening mode?
Answer: `nc -l` specifies listening mode; `-p` sets a source port.
Without `-p`, `nc -l` uses a dynamically assigned port. Using `-p` ensures the listener binds to a specific port. Example: `nc -lp 8080`. On some distributions (e.g., older GNU netcat), `-lp` is required; others allow `-l -p`. For compatibility, use `-l -p` or `-lp`.
When should I use the `-z` flag with `nc`?
Answer: Use `-z` for port scanning without sending any data.
The `-z` flag is ideal for scripting CI/CD health checks or firewall validation. Example: `nc -zv host.example.com 22 80 443`. Combine with `-v` for verbose output. Does not work for UDP unless combined with `-u` (but still no data sent).
How do I fix `nc: Address already in use` when starting a listener?
Answer: Kill the existing process using the port with `fuser -k /tcp` or `kill $(lsof -ti : )` then retry `nc -l -p `.
This error indicates the port is occupied. To identify the PID: `lsof -i :
Does `nc` work on AWS, Azure, or GCP instances for network testing?
Answer: Yes, `nc` is available by default on all major Linux distributions used by AWS (Amazon Linux), Azure (Ubuntu, RHEL), and GCP (Debian, COS).
On container-optimized OS like GKE’s Container-Optimized OS, `nc` may be missing. Install via `apt-get install netcat-openbsd` (Debian) or `yum install nmap-ncat` (RHEL). For cloud-firewall testing, use `nc -zv
What is the fastest way to test bidirectional TCP connectivity between two servers with `nc`?
Answer: Start listener on Server A: `nc -l -p 1234`.
For one-shot connectivity tests, pipe immediately: `echo “test” | nc -w1
Command Line Expert & Software Engineer
Welcome! I’m Thomas Heinrich, a software engineer and system administrator with a deep passion for the Command Line Interface (CLI). With years of experience navigating the terminal, building backend architectures, and automating server deployments, I created this space to share practical, real-world terminal knowledge.
Whether you are a beginner taking your first steps in a Linux environment or a seasoned DevOps engineer looking to optimize your deployment scripts, you will find actionable solutions here. My goal is to help you ditch the mouse, speed up your workflow, and harness the full power of the command line.