NMAP, NCAT and NGREP: The Networking Toolbox

NMAP, NCAT and NGREP: The Networking Toolbox

Nmap is a highly popular, and very powerful network security tool. Nmap is used for network mapping and port scanning in the discovery of hosts and services on any network.

Nmap -sP

Or -sL or -sn
Ping sweep of entire network, returns device details

Nmap -p- hostname

Scans all ports of a given host and returns service details

Nmap -sS -A

Or -sV gives banner information
Portscan an IP and return complete service details

Within the NMAP suite there is also the NCAT tool. Ncat is a modern reinvention of the original Netcat, a widely used tool for interfacing with TCP/IP services over a network.

NC -lvp 10101

Ncat listens on port 10101

Nc -c 10101 hostname

Connect to host on port 10101

ncat -l -p 10101 --chat

Run a chat server on port 10101

NGREP is GREP for live network traffic. A very powerful PCAP utility, NGREP can filter traffic based on packet content or IP parameters.

Ngrep google.com

Grep all network traffic to google.com

ngrep -d any "pass|USER" port 80 >> treasure

Grap all plain-text HTTP traffic containing "pass" or "USER", and append to a file named "treasure"

Related Article