Networking

NMAP, NCAT and NGREP: The Networking Toolbox

By Skylar Simoncelli / / 1 min read
NMAP, NCAT and NGREP: The Networking Toolbox

Nmap is a highly popular, and very powerful network security tool. Nmap is used for network mapping and port scanning in the discovery of hosts and services on any network.

Nmap -sP 10.0.0.0/24

Or -sL or -sn
Ping sweep of entire network, returns device details

Nmap -p- hostname

Scans all ports of a given host and returns service details

Nmap -sS -A 10.10.1.1

Or -sV gives banner information
Portscan an IP and return complete service details

Within the NMAP suite there is also the NCAT tool. Ncat is a modern reinvention of the original Netcat, a widely used tool for interfacing with TCP/IP services over a network.

NC -lvp 10101

Ncat listens on port 10101

Nc -c 10101 hostname

Connect to host on port 10101

ncat -l -p 10101 --chat

Run a chat server on port 10101

NGREP is GREP for live network traffic. A very powerful PCAP utility, NGREP can filter traffic based on packet content or IP parameters.

Ngrep google.com

Grep all network traffic to google.com

ngrep -d any "pass|USER" port 80 >> treasure

Grap all plain-text HTTP traffic containing "pass" or "USER", and append to a file named "treasure"

Networking Linux Network Security Import 2022-12-07 17:16

Skylar Simoncelli — Technology Enthusiast, professionally specializing in Network Automation, Monitoring and Security.

Read more posts by this author.

Related Article

Managing Network ACL's With Ansible

Automating Network VLAN Deployments with Ansible

Rendering Cisco configuration with Ansible and Jinja2

Automated SNMPv3 Configuration

Vendor Migrations: Automating Config Translations

My Top 10 Handy CLI Networking Tools