Networking

NMAP, NCAT and NGREP: The Networking Toolbox

By Skylar Simoncelli / / 1 min read
NMAP, NCAT and NGREP: The Networking Toolbox

Nmap is a highly popular, and very powerful network security tool. Nmap is used for network mapping and port scanning in the discovery of hosts and services on any network.

Nmap -sP 10.0.0.0/24

Or -sL or -sn
Ping sweep of entire network, returns device details

Nmap -p- hostname

Scans all ports of a given host and returns service details

Nmap -sS -A 10.10.1.1

Or -sV gives banner information
Portscan an IP and return complete service details

Within the NMAP suite there is also the NCAT tool. Ncat is a modern reinvention of the original Netcat, a widely used tool for interfacing with TCP/IP services over a network.

NC -lvp 10101

Ncat listens on port 10101

Nc -c 10101 hostname

Connect to host on port 10101

ncat -l -p 10101 --chat

Run a chat server on port 10101

NGREP is GREP for live network traffic. A very powerful PCAP utility, NGREP can filter traffic based on packet content or IP parameters.

Ngrep google.com

Grep all network traffic to google.com

ngrep -d any "pass|USER" port 80 >> treasure

Grap all plain-text HTTP traffic containing "pass" or "USER", and append to a file named "treasure"

Networking Linux Network Security Import 2022-12-07 17:16

Skylar Simoncelli — Technology Enthusiast, professionally specializing in Network Automation, Monitoring and Security.

Read more posts by this author.

Related Article

NixOS: Your New Favourite Linux Distribution

Automatic renewal of Oracle Cloud Load Balancer SSL Certs with Certbot & Let's Encrypt

Running BGP on a Linux server with BIRD Routing Daemon

Trading with the Wyckoff Method

SkyeNet.tech was Arc enabled! What is Arc, and why should you care?

Mining Crypto with CPU (cpuminer-multi Setup Guide)