Annotation of src/usr.bin/nc/nc.1, Revision 1.89
1.89 ! schwarze 1: .\" $OpenBSD: nc.1,v 1.88 2017/11/28 16:59:10 jsing Exp $
1.1 deraadt 2: .\"
3: .\" Copyright (c) 1996 David Sacerdote
4: .\" All rights reserved.
5: .\"
6: .\" Redistribution and use in source and binary forms, with or without
7: .\" modification, are permitted provided that the following conditions
8: .\" are met:
9: .\" 1. Redistributions of source code must retain the above copyright
10: .\" notice, this list of conditions and the following disclaimer.
11: .\" 2. Redistributions in binary form must reproduce the above copyright
12: .\" notice, this list of conditions and the following disclaimer in the
13: .\" documentation and/or other materials provided with the distribution.
14: .\" 3. The name of the author may not be used to endorse or promote products
15: .\" derived from this software without specific prior written permission
16: .\"
17: .\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
18: .\" IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
19: .\" OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
20: .\" IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
21: .\" INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
22: .\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
23: .\" DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
24: .\" THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
25: .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
26: .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
27: .\"
1.89 ! schwarze 28: .Dd $Mdocdate: November 28 2017 $
1.3 aaron 29: .Dt NC 1
1.4 deraadt 30: .Os
1.1 deraadt 31: .Sh NAME
32: .Nm nc
1.28 jmc 33: .Nd arbitrary TCP and UDP connections and listens
1.2 deraadt 34: .Sh SYNOPSIS
1.1 deraadt 35: .Nm nc
1.70 jmc 36: .Op Fl 46cDdFhklNnrStUuvz
37: .Op Fl C Ar certfile
38: .Op Fl e Ar name
39: .Op Fl H Ar hash
1.47 jmc 40: .Op Fl I Ar length
1.1 deraadt 41: .Op Fl i Ar interval
1.70 jmc 42: .Op Fl K Ar keyfile
1.73 jca 43: .Op Fl M Ar ttl
44: .Op Fl m Ar minttl
1.47 jmc 45: .Op Fl O Ar length
1.77 beck 46: .Op Fl o Ar staplefile
1.42 djm 47: .Op Fl P Ar proxy_username
1.28 jmc 48: .Op Fl p Ar source_port
1.70 jmc 49: .Op Fl R Ar CAfile
1.57 jeremy 50: .Op Fl s Ar source
1.69 beck 51: .Op Fl T Ar keyword
1.54 guenther 52: .Op Fl V Ar rtable
1.85 bluhm 53: .Op Fl W Ar recvlimit
1.6 aaron 54: .Op Fl w Ar timeout
1.33 djm 55: .Op Fl X Ar proxy_protocol
1.71 schwarze 56: .Op Fl x Ar proxy_address Ns Op : Ns Ar port
1.83 beck 57: .Op Fl Z Ar peercertfile
1.57 jeremy 58: .Op Ar destination
1.48 sobrado 59: .Op Ar port
1.1 deraadt 60: .Sh DESCRIPTION
61: The
1.6 aaron 62: .Nm
1.1 deraadt 63: (or
64: .Nm netcat )
1.57 jeremy 65: utility is used for just about anything under the sun involving TCP,
66: UDP, or
67: .Ux Ns -domain
68: sockets.
1.13 ericj 69: It can open TCP connections, send UDP packets, listen on arbitrary
70: TCP and UDP ports, do port scanning, and deal with both IPv4 and
71: IPv6.
1.7 aaron 72: Unlike
1.1 deraadt 73: .Xr telnet 1 ,
1.6 aaron 74: .Nm
1.1 deraadt 75: scripts nicely, and separates error messages onto standard error instead
1.6 aaron 76: of sending them to standard output, as
1.24 pvalchev 77: .Xr telnet 1
1.6 aaron 78: does with some.
1.1 deraadt 79: .Pp
80: Common uses include:
1.7 aaron 81: .Pp
82: .Bl -bullet -offset indent -compact
1.1 deraadt 83: .It
1.3 aaron 84: simple TCP proxies
1.1 deraadt 85: .It
1.28 jmc 86: shell-script based HTTP clients and servers
1.1 deraadt 87: .It
1.13 ericj 88: network daemon testing
1.1 deraadt 89: .It
1.33 djm 90: a SOCKS or HTTP ProxyCommand for
91: .Xr ssh 1
92: .It
1.1 deraadt 93: and much, much more
94: .El
95: .Pp
96: The options are as follows:
97: .Bl -tag -width Ds
1.13 ericj 98: .It Fl 4
1.89 ! schwarze 99: Use IPv4 addresses only.
1.13 ericj 100: .It Fl 6
1.89 ! schwarze 101: Use IPv6 addresses only.
1.70 jmc 102: .It Fl C Ar certfile
1.89 ! schwarze 103: Load the public key part of the TLS peer certificate from
! 104: .Ar certfile ,
! 105: in PEM format.
! 106: Requires
! 107: .Fl c .
1.69 beck 108: .It Fl c
1.89 ! schwarze 109: Use TLS to connect or listen.
! 110: Cannot be used together with any of the options
! 111: .Fl FuU .
1.32 markus 112: .It Fl D
113: Enable debugging on the socket.
1.29 tedu 114: .It Fl d
115: Do not attempt to read from stdin.
1.69 beck 116: .It Fl e Ar name
1.89 ! schwarze 117: Only accept the TLS peer certificate if it contains the
! 118: .Ar name .
! 119: Requires
! 120: .Fl c .
! 121: If not specified,
! 122: .Ar destination
! 123: is used.
1.64 djm 124: .It Fl F
125: Pass the first connected socket using
126: .Xr sendmsg 2
127: to stdout and exit.
128: This is useful in conjunction with
129: .Fl X
130: to have
131: .Nm
132: perform connection setup with a proxy but then leave the rest of the
1.65 jmc 133: connection to another program (e.g.\&
1.64 djm 134: .Xr ssh 1
135: using the
136: .Xr ssh_config 5
1.68 tobias 137: .Cm ProxyUseFdpass
1.64 djm 138: option).
1.89 ! schwarze 139: Cannot be used with
! 140: .Fl c
! 141: or
! 142: .Fl U .
1.70 jmc 143: .It Fl H Ar hash
1.89 ! schwarze 144: Only accept the TLS peer certificate if its hash returned from
! 145: .Xr tls_peer_cert_hash 3
! 146: matches
! 147: .Ar hash .
! 148: Requires
! 149: .Fl c
! 150: and cannot be used with
! 151: .Fl T Cm noverify .
1.13 ericj 152: .It Fl h
1.89 ! schwarze 153: Print out the
1.13 ericj 154: .Nm
1.89 ! schwarze 155: help text and exit.
1.47 jmc 156: .It Fl I Ar length
1.89 ! schwarze 157: Specify the size of the TCP receive buffer.
1.13 ericj 158: .It Fl i Ar interval
1.89 ! schwarze 159: Sleep for
! 160: .Ar interval
! 161: seconds between lines of text sent and received.
1.1 deraadt 162: Also causes a delay time between connections to multiple ports.
1.70 jmc 163: .It Fl K Ar keyfile
1.89 ! schwarze 164: Load the TLS private key from
! 165: .Ar keyfile ,
! 166: in PEM format.
! 167: Requires
! 168: .Fl c .
1.13 ericj 169: .It Fl k
1.89 ! schwarze 170: When a connection is completed, listen for another one.
! 171: Requires
! 172: .Fl l .
1.61 haesbaer 173: When used together with the
174: .Fl u
175: option, the server socket is not connected and it can receive UDP datagrams from
176: multiple hosts.
1.1 deraadt 177: .It Fl l
1.89 ! schwarze 178: Listen for an incoming connection rather than initiating a
1.7 aaron 179: connection to a remote host.
1.89 ! schwarze 180: Cannot be used together with any of the options
! 181: .Fl psxz .
1.36 jmc 182: Additionally, any timeouts specified with the
1.35 jmc 183: .Fl w
1.36 jmc 184: option are ignored.
1.73 jca 185: .It Fl M Ar ttl
1.74 jmc 186: Set the TTL / hop limit of outgoing packets.
1.73 jca 187: .It Fl m Ar minttl
1.74 jmc 188: Ask the kernel to drop incoming packets whose TTL / hop limit is under
1.73 jca 189: .Ar minttl .
1.62 sthen 190: .It Fl N
191: .Xr shutdown 2
192: the network socket after EOF on the input.
193: Some servers require this to finish their work.
1.1 deraadt 194: .It Fl n
1.21 ericj 195: Do not do any DNS or service lookups on any specified addresses,
196: hostnames or ports.
1.47 jmc 197: .It Fl O Ar length
1.89 ! schwarze 198: Specify the size of the TCP send buffer.
1.77 beck 199: .It Fl o Ar staplefile
1.89 ! schwarze 200: During the TLS handshake, load data to be stapled from
! 201: .Ar staplefile ,
! 202: which is expected to contain an OCSP response from an OCSP server in
1.78 jmc 203: DER format.
1.89 ! schwarze 204: Requires
! 205: .Fl c
! 206: and
! 207: .Fl C .
1.42 djm 208: .It Fl P Ar proxy_username
209: Specifies a username to present to a proxy server that requires authentication.
210: If no username is specified then authentication will not be attempted.
211: Proxy authentication is only supported for HTTP CONNECT proxies at present.
1.28 jmc 212: .It Fl p Ar source_port
1.89 ! schwarze 213: Specify the source port
1.6 aaron 214: .Nm
1.1 deraadt 215: should use, subject to privilege restrictions and availability.
1.89 ! schwarze 216: Cannot be used together with
! 217: .Fl l .
1.70 jmc 218: .It Fl R Ar CAfile
1.89 ! schwarze 219: Load the root CA bundle for TLS certificate verification from
! 220: .Ar CAfile ,
! 221: in PEM format, instead of
1.69 beck 222: .Pa /etc/ssl/cert.pem .
1.89 ! schwarze 223: Requires
! 224: .Fl c .
1.1 deraadt 225: .It Fl r
1.89 ! schwarze 226: Choose source and/or destination ports randomly
1.13 ericj 227: instead of sequentially within a range or in the order that the system
1.21 ericj 228: assigns them.
1.28 jmc 229: .It Fl S
1.89 ! schwarze 230: Enable the RFC 2385 TCP MD5 signature option.
1.57 jeremy 231: .It Fl s Ar source
1.89 ! schwarze 232: Send packets from the interface with the
! 233: .Ar source
! 234: IP address.
1.56 jeremy 235: For
236: .Ux Ns -domain
237: datagram sockets, specifies the local temporary socket file
238: to create and use so that datagrams can be received.
1.89 ! schwarze 239: Cannot be used together with
1.28 jmc 240: .Fl l
1.89 ! schwarze 241: or
! 242: .Fl x .
1.69 beck 243: .It Fl T Ar keyword
1.89 ! schwarze 244: Change the IPv4 TOS value or the TLS options.
! 245: .Pp
! 246: For TLS options,
1.69 beck 247: .Ar keyword
1.87 jmc 248: may be one of:
1.89 ! schwarze 249: .Cm noverify ,
1.70 jmc 250: which disables certificate verification;
1.89 ! schwarze 251: .Cm noname ,
1.75 beck 252: which disables certificate name checking;
1.89 ! schwarze 253: .Cm clientcert ,
1.75 beck 254: which requires a client certificate on incoming connections; or
1.89 ! schwarze 255: .Cm muststaple ,
1.76 jmc 256: which requires the peer to provide a valid stapled OCSP response
257: with the handshake.
1.89 ! schwarze 258: The following TLS options specify a value in the form of a
! 259: .Ar key Ns = Ns Ar value
! 260: pair:
! 261: .Cm ciphers ,
1.88 jsing 262: which allows the supported TLS ciphers to be specified (see
263: .Xr tls_config_set_ciphers 3
264: for further details);
1.89 ! schwarze 265: .Cm protocols ,
1.88 jsing 266: which allows the supported TLS protocols to be specified (see
267: .Xr tls_config_parse_protocols 3
268: for further details).
1.89 ! schwarze 269: Specifiying TLS options requires
! 270: .Fl c .
1.70 jmc 271: .Pp
1.89 ! schwarze 272: For the IPv4 TOS value,
1.69 beck 273: .Ar keyword
1.58 haesbaer 274: may be one of
1.89 ! schwarze 275: .Cm critical ,
! 276: .Cm inetcontrol ,
! 277: .Cm lowdelay ,
! 278: .Cm netcontrol ,
! 279: .Cm throughput ,
! 280: .Cm reliability ,
1.58 haesbaer 281: or one of the DiffServ Code Points:
1.89 ! schwarze 282: .Cm ef ,
! 283: .Cm af11 No ... Cm af43 ,
! 284: .Cm cs0 No ... Cm cs7 ;
1.58 haesbaer 285: or a number in either hex or decimal.
1.1 deraadt 286: .It Fl t
1.89 ! schwarze 287: Send RFC 854 DON'T and WON'T responses to RFC 854 DO and WILL requests.
1.7 aaron 288: This makes it possible to use
1.6 aaron 289: .Nm
1.7 aaron 290: to script telnet sessions.
1.28 jmc 291: .It Fl U
1.89 ! schwarze 292: Use
1.52 sobrado 293: .Ux Ns -domain
294: sockets.
1.89 ! schwarze 295: Cannot be used together with any of the options
! 296: .Fl cFx .
1.1 deraadt 297: .It Fl u
1.89 ! schwarze 298: Use UDP instead of TCP.
! 299: Cannot be used together with
! 300: .Fl c
! 301: or
! 302: .Fl x .
1.56 jeremy 303: For
304: .Ux Ns -domain
305: sockets, use a datagram socket instead of a stream socket.
306: If a
307: .Ux Ns -domain
308: socket is used, a temporary receiving socket is created in
309: .Pa /tmp
310: unless the
311: .Fl s
312: flag is given.
1.54 guenther 313: .It Fl V Ar rtable
314: Set the routing table to be used.
1.1 deraadt 315: .It Fl v
1.89 ! schwarze 316: Produce more verbose output.
1.85 bluhm 317: .It Fl W Ar recvlimit
318: Terminate after receiving
319: .Ar recvlimit
320: packets from the network.
1.26 jmc 321: .It Fl w Ar timeout
1.59 fgsch 322: Connections which cannot be established or are idle timeout after
1.26 jmc 323: .Ar timeout
1.59 fgsch 324: seconds.
1.26 jmc 325: The
326: .Fl w
327: flag has no effect on the
328: .Fl l
329: option, i.e.\&
330: .Nm
331: will listen forever for a connection, with or without the
332: .Fl w
333: flag.
334: The default is no timeout.
1.43 jmc 335: .It Fl X Ar proxy_protocol
1.89 ! schwarze 336: Use
! 337: .Ar proxy_protocol
! 338: when talking to the proxy server.
1.33 djm 339: Supported protocols are
1.89 ! schwarze 340: .Cm 4
1.33 djm 341: (SOCKS v.4),
1.89 ! schwarze 342: .Cm 5
1.33 djm 343: (SOCKS v.5)
344: and
1.89 ! schwarze 345: .Cm connect
1.33 djm 346: (HTTPS proxy).
347: If the protocol is not specified, SOCKS version 5 is used.
1.71 schwarze 348: .It Fl x Ar proxy_address Ns Op : Ns Ar port
1.89 ! schwarze 349: Connect to
1.57 jeremy 350: .Ar destination
1.33 djm 351: using a proxy at
1.28 jmc 352: .Ar proxy_address
353: and
354: .Ar port .
355: If
356: .Ar port
1.33 djm 357: is not specified, the well-known port for the proxy protocol is used (1080
358: for SOCKS, 3128 for HTTPS).
1.82 jca 359: An IPv6 address can be specified unambiguously by enclosing
360: .Ar proxy_address
361: in square brackets.
1.89 ! schwarze 362: A proxy cannot be used with any of the options
! 363: .Fl lsuU .
1.84 jmc 364: .It Fl Z Ar peercertfile
1.89 ! schwarze 365: Save the peer certificates to
! 366: .Ar peercertfile ,
1.84 jmc 367: in PEM format.
1.89 ! schwarze 368: Requires
! 369: .Fl c .
1.1 deraadt 370: .It Fl z
1.89 ! schwarze 371: Only scan for listening daemons, without sending any data to them.
! 372: Cannot be used together with
! 373: .Fl l .
1.28 jmc 374: .El
1.35 jmc 375: .Pp
1.57 jeremy 376: .Ar destination
1.35 jmc 377: can be a numerical IP address or a symbolic hostname
378: (unless the
379: .Fl n
380: option is given).
1.57 jeremy 381: In general, a destination must be specified,
1.35 jmc 382: unless the
383: .Fl l
384: option is given
385: (in which case the local host is used).
1.57 jeremy 386: For
387: .Ux Ns -domain
388: sockets, a destination is required and is the socket path to connect to
389: (or listen on if the
390: .Fl l
391: option is given).
1.35 jmc 392: .Pp
1.48 sobrado 393: .Ar port
1.72 beck 394: can be a specified as a numeric port number, or as a service name.
1.89 ! schwarze 395: Ports may be specified in a range of the form
! 396: .Ar nn Ns - Ns Ar mm .
1.35 jmc 397: In general,
398: a destination port must be specified,
399: unless the
400: .Fl U
1.57 jeremy 401: option is given.
1.28 jmc 402: .Sh CLIENT/SERVER MODEL
403: It is quite simple to build a very basic client/server model using
404: .Nm .
405: On one console, start
406: .Nm
407: listening on a specific port for a connection.
408: For example:
409: .Pp
410: .Dl $ nc -l 1234
411: .Pp
412: .Nm
413: is now listening on port 1234 for a connection.
414: On a second console
415: .Pq or a second machine ,
416: connect to the machine and port being listened on:
417: .Pp
418: .Dl $ nc 127.0.0.1 1234
419: .Pp
420: There should now be a connection between the ports.
421: Anything typed at the second console will be concatenated to the first,
422: and vice-versa.
423: After the connection has been set up,
424: .Nm
425: does not really care which side is being used as a
426: .Sq server
427: and which side is being used as a
428: .Sq client .
429: The connection may be terminated using an
430: .Dv EOF
431: .Pq Sq ^D .
432: .Sh DATA TRANSFER
433: The example in the previous section can be expanded to build a
434: basic data transfer model.
435: Any information input into one end of the connection will be output
436: to the other end, and input and output can be easily captured in order to
437: emulate file transfer.
438: .Pp
439: Start by using
440: .Nm
441: to listen on a specific port, with output captured into a file:
442: .Pp
443: .Dl $ nc -l 1234 \*(Gt filename.out
444: .Pp
445: Using a second machine, connect to the listening
446: .Nm
447: process, feeding it the file which is to be transferred:
448: .Pp
1.66 jmc 449: .Dl $ nc -N host.example.com 1234 \*(Lt filename.in
1.28 jmc 450: .Pp
451: After the file has been transferred, the connection will close automatically.
452: .Sh TALKING TO SERVERS
453: It is sometimes useful to talk to servers
454: .Dq by hand
455: rather than through a user interface.
456: It can aid in troubleshooting,
457: when it might be necessary to verify what data a server is sending
458: in response to commands issued by the client.
459: For example, to retrieve the home page of a web site:
1.40 jmc 460: .Bd -literal -offset indent
1.55 guenther 461: $ printf "GET / HTTP/1.0\er\en\er\en" | nc host.example.com 80
1.40 jmc 462: .Ed
1.28 jmc 463: .Pp
464: Note that this also displays the headers sent by the web server.
465: They can be filtered, using a tool such as
466: .Xr sed 1 ,
467: if necessary.
468: .Pp
469: More complicated examples can be built up when the user knows the format
470: of requests required by the server.
471: As another example, an email may be submitted to an SMTP server using:
472: .Bd -literal -offset indent
473: $ nc localhost 25 \*(Lt\*(Lt EOF
474: HELO host.example.com
1.44 jmc 475: MAIL FROM:\*(Ltuser@host.example.com\*(Gt
476: RCPT TO:\*(Ltuser2@host.example.com\*(Gt
1.28 jmc 477: DATA
478: Body of email.
479: \&.
480: QUIT
481: EOF
482: .Ed
483: .Sh PORT SCANNING
484: It may be useful to know which ports are open and running services on
485: a target machine.
486: The
487: .Fl z
488: flag can be used to tell
1.22 markus 489: .Nm
1.39 jmc 490: to report open ports,
491: rather than initiate a connection.
1.28 jmc 492: For example:
493: .Bd -literal -offset indent
1.39 jmc 494: $ nc -z host.example.com 20-30
1.28 jmc 495: Connection to host.example.com 22 port [tcp/ssh] succeeded!
496: Connection to host.example.com 25 port [tcp/smtp] succeeded!
497: .Ed
498: .Pp
499: The port range was specified to limit the search to ports 20 \- 30.
500: .Pp
501: Alternatively, it might be useful to know which server software
502: is running, and which versions.
503: This information is often contained within the greeting banners.
504: In order to retrieve these, it is necessary to first make a connection,
505: and then break the connection when the banner has been retrieved.
506: This can be accomplished by specifying a small timeout with the
507: .Fl w
508: flag, or perhaps by issuing a
509: .Qq Dv QUIT
510: command to the server:
511: .Bd -literal -offset indent
512: $ echo "QUIT" | nc host.example.com 20-30
513: SSH-1.99-OpenSSH_3.6.1p2
514: Protocol mismatch.
515: 220 host.example.com IMS SMTP Receiver Version 0.84 Ready
516: .Ed
1.1 deraadt 517: .Sh EXAMPLES
1.37 jmc 518: Open a TCP connection to port 42 of host.example.com, using port 31337 as
1.28 jmc 519: the source port, with a timeout of 5 seconds:
520: .Pp
1.37 jmc 521: .Dl $ nc -p 31337 -w 5 host.example.com 42
1.69 beck 522: .Pp
1.88 jsing 523: Open a TCP connection to port 443 of www.example.com, and negotiate TLS with
524: any supported TLS protocol version and "compat" ciphers:
525: .Pp
526: .Dl $ nc -cv -T protocols=all -T ciphers=compat www.example.com 443
527: .Pp
1.70 jmc 528: Open a TCP connection to port 443 of www.google.ca, and negotiate TLS.
1.88 jsing 529: Check for a different name in the certificate for validation:
1.69 beck 530: .Pp
1.88 jsing 531: .Dl $ nc -cv -e adsf.au.doubleclick.net www.google.ca 443
1.28 jmc 532: .Pp
1.37 jmc 533: Open a UDP connection to port 53 of host.example.com:
1.28 jmc 534: .Pp
1.37 jmc 535: .Dl $ nc -u host.example.com 53
1.28 jmc 536: .Pp
1.37 jmc 537: Open a TCP connection to port 42 of host.example.com using 10.1.2.3 as the
1.28 jmc 538: IP for the local end of the connection:
539: .Pp
1.37 jmc 540: .Dl $ nc -s 10.1.2.3 host.example.com 42
1.28 jmc 541: .Pp
1.51 sobrado 542: Create and listen on a
1.52 sobrado 543: .Ux Ns -domain
1.57 jeremy 544: stream socket:
1.28 jmc 545: .Pp
546: .Dl $ nc -lU /var/tmp/dsocket
1.33 djm 547: .Pp
1.37 jmc 548: Connect to port 42 of host.example.com via an HTTP proxy at 10.2.3.4,
1.38 jmc 549: port 8080.
550: This example could also be used by
551: .Xr ssh 1 ;
552: see the
553: .Cm ProxyCommand
554: directive in
555: .Xr ssh_config 5
556: for more information.
1.33 djm 557: .Pp
1.37 jmc 558: .Dl $ nc -x10.2.3.4:8080 -Xconnect host.example.com 42
1.42 djm 559: .Pp
560: The same example again, this time enabling proxy authentication with username
561: .Dq ruser
562: if the proxy requires it:
563: .Pp
564: .Dl $ nc -x10.2.3.4:8080 -Xconnect -Pruser host.example.com 42
1.1 deraadt 565: .Sh SEE ALSO
1.38 jmc 566: .Xr cat 1 ,
567: .Xr ssh 1
1.15 smart 568: .Sh AUTHORS
1.89 ! schwarze 569: Original implementation by
! 570: .An *Hobbit* Aq Mt hobbit@avian.org .
1.28 jmc 571: .br
572: Rewritten with IPv6 support by
1.63 schwarze 573: .An Eric Jackson Aq Mt ericj@monkey.org .
1.39 jmc 574: .Sh CAVEATS
1.60 lum 575: UDP port scans using the
1.39 jmc 576: .Fl uz
1.60 lum 577: combination of flags will always report success irrespective of
578: the target machine's state.
579: However,
580: in conjunction with a traffic sniffer either on the target machine
581: or an intermediary device,
582: the
583: .Fl uz
584: combination could be useful for communications diagnostics.
585: Note that the amount of UDP traffic generated may be limited either
586: due to hardware resources and/or configuration settings.