Live Data Acquisition - Netcat Flashcards
What is netcat (‘nc’)?
- A versitile command line tool
- used for reading from & writing to network connections.
- can be used for a wide range of tasks such as
port scanning
file transfers
creating network connections (acting as a client to connect to a remote server) - remote shell access
- debugging / testing network services.
Netcat creates and listens on both TCP & UDP connections
Pipes anything recieved to a preset file or command on either a local or remote server.
Netcat has been ported to Linux, Unix & windows.
A version called cryptcat suppports encrypted tunnels.
In this context - netcat tunnels are perfect for sending any data from a suspect system to a listening server
List some netcat (nc) commands
-k keep inbound sockets open for multiple connects
-l listen mode for inbound connects
-n suppress name / port resolutions
-p (port) specify port for remote connects
-r randomize remote ports
-s (addr) local source address
Some points when using netcat (nc)
See lecture for full details.
Copying caveat - copied partitions contain no data.
/proc/partitions contains the partition information
Can read contents of PSEUDO FILES to netcat and pipe to text file. Can send file contents and notes
