Home page logo

Ncat Users' Guide


Ncat can use TCP, UDP, SCTP, SSL, IPv4, IPv6, and various combinations of these. TCP over IPv4 is the default.

TCP, the Transmission Control Protocol, is the reliable protocol that underlies a great deal of Internet traffic. Ncat makes TCP connections by default. TCP may be combined with SSL.

UDP, the User Datagram Protocol, is an unreliable protocol often used by applications that can't afford the overhead of TCP. Use the --udp option to make Ncat use UDP. In listen mode, Ncat will communicate with only one client, and the --keep-open option doesn't work, the reason for this being that UDP has no notion of a connection. UDP may be secured by a form of SSL called Datagram TLS (DTLS). This is currently only supported in connect (client) mode.

SCTP, the Stream Control Transmission Protocol, is a newer reliable protocol. It is selected with the --sctp option. Ncat uses a TCP-compatible subset of SCTP features, not including multiple streams per connection or message boundaries. SCTP may be combined with SSL.

SSL (Secure Sockets Layer) or TLS (Transport Layer Security) provides security to network traffic when used properly. Use the --ssl to turn SSL on; it works with TCP or SCTP. See the section called “SSL” for instructions and caveats.

IPv4, the Internet Protocol version 4, is the most popular version of the Internet Protocol in use. Using the -4 puts Ncat into IPv4-only mode; only IPv4 addresses will be used even if, for example, as hostname resolves to IPv6 addresses as well.

IPv6 is the lesser-used successor to IPv4. Use -6 to put Ncat into IPv6-only mode. By default, Ncat will listen on both IPv4 and IPv6, and will connect to resolved addresses in the order they are returned by the operating system.

[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]