telnet、nc 查看开放端口号
telnet 命令
telnet 命令 的可选参数
telnet [-468EFKLNacdfruxy] [-S tos] [-X authtype] [-e escapechar] [-k realm] [-l user] [-n tracefile] [-s src_addr] [host
[port]]
-4 Forces telnet to use IPv4 addresses only.
-6 Forces telnet to use IPv6 addresses only.
-8 Specifies an 8-bit data path. This causes an attempt to negotiate the TELNET BINARY option on both input and
output.
-E Stops any character from being recognized as an escape character.
-F If Kerberos V5 authentication is being used, the -F option allows the local credentials to be forwarded to the
remote system, including any credentials that have already been forwarded into the local environment.
-K Specifies no automatic login to the remote system.
-L Specifies an 8-bit data path on output. This causes the BINARY option to be negotiated on output.
-N Prevents IP address to name lookup when destination host is given as an IP address.
-S tos Sets the IP type-of-service (TOS) option for the telnet connection to the value tos, which can be a numeric TOS
value or, on systems that support it, a symbolic TOS name found in the /etc/iptos file.
-X atype
Disables the atype type of authentication.
-a Attempt automatic login. This is now the default, so this option is ignored. Currently, this sends the user name
via the USER variable of the ENVIRON option if supported by the remote system. The name used is that of the
current user as returned by getlogin(2) if it agrees with the current user ID, otherwise it is the name associated
with the user ID.
-c Disables the reading of the user's .telnetrc file. (See the toggle skiprc command on this man page.)
-d Sets the initial value of the debug toggle to TRUE.
-e escapechar
Sets the initial telnet escape character to escapechar. If escapechar is omitted, then there will be no escape
character.
-f If Kerberos V5 authentication is being used, the -f option allows the local credentials to be forwarded to the
remote system.
-k realm
If Kerberos authentication is being used, the -k option requests that telnet obtain tickets for the remote host in
realm realm instead of the remote host's realm, as determined by krb_realmofhost(3).
-l user
When connecting to the remote system, if the remote system understands the ENVIRON option, then user will be sent
to the remote system as the value for the variable USER. This option implies the -a option. This option may also
be used with the open command.
-n tracefile
Opens tracefile for recording trace information. See the set tracefile command below.
-r Specifies a user interface similar to rlogin(1). In this mode, the escape character is set to the tilde (~)
character, unless modified by the -e option.
-s src_addr
Set the source IP address for the telnet connection to src_addr, which can be an IP address or a host name.
-u Forces telnet to use AF_UNIX addresses only (e.g., UNIX domain sockets, accessed with a file path).
-x Turns on encryption of the data stream if possible. This is now the default, so this option is ignored.
-y Suppresses encryption of the data stream.
host Indicates the official name, an alias, or the Internet address of a remote host. If host starts with a ‘/’, telnet
establishes a connection to the corresponding named socket.
port Indicates a port number (address of an application). If a number is not specified, the default telnet port is
used. nc命令
nc命令(也称为netcat)命令的可选参数
GNU netcat 0.7.1, a rewrite of the famous networking tool.
Basic usages:
connect to somewhere: nc [options] hostname port [port] ...
listen for inbound: nc -l -p port [options] [hostname] [port] ...
tunnel to somewhere: nc -L hostname:port -p port [options]
Mandatory arguments to long options are mandatory for short options too.
Options:
-c, --close close connection on EOF from stdin
-e, --exec=PROGRAM program to exec after connect
-g, --gateway=LIST source-routing hop point[s], up to 8
-G, --pointer=NUM source-routing pointer: 4, 8, 12, ...
-h, --help display this help and exit
-i, --interval=SECS delay interval for lines sent, ports scanned
-l, --listen listen mode, for inbound connects
-L, --tunnel=ADDRESS:PORT forward local port to remote address
-n, --dont-resolve numeric-only IP addresses, no DNS
-o, --output=FILE output hexdump traffic to FILE (implies -x)
-p, --local-port=NUM local port number
-r, --randomize randomize local and remote ports
-s, --source=ADDRESS local source address (ip or hostname)
-t, --tcp TCP mode (default)
-T, --telnet answer using TELNET negotiation
-u, --udp UDP mode
-v, --verbose verbose (use twice to be more verbose)
-V, --version output version information and exit
-x, --hexdump hexdump incoming and outgoing traffic
-w, --wait=SECS timeout for connects and final net reads
-z, --zero zero-I/O mode (used for scanning)
Remote port number can also be specified as range. Example: '1-1024'
