Try Us Free for 30 Days – Your Wallet Can Thank Us Later!

Try Us Free for 30 Days – Your Wallet Can Thank Us Later!

How to Check if a Port is Blocked with Netcat or Ncat

If you’re having trouble connecting to services like FTP, MySQL, or SSH, it’s possible that the port you need is blocked by a firewall. This could be anywhere from your local workstation, network router, VPN, or even the server itself. You can check if a port is blocked using Netcat or Ncat, which are command-line tools for testing network connections.


Step 1: Install Netcat/Ncat

  • Linux/macOS: Netcat (often nc) is usually pre-installed. For macOS, you might need to install ncat separately via Homebrew:
    bash
    brew install nmap
  • Windows: You can use Ncat, which is the successor of Netcat, available with the Nmap package. Download it from Nmap.org.

Step 2: Scan a Single Port

To check if a specific port is open or blocked, use either Netcat or Ncat by following the steps below:

Netcat (Linux)

To check if port 21 (FTP) is open on a domain, use:

bash
nc -vzw 15 domain.com 21
  • -v gives verbose output, showing connection details.
  • -z scans for open ports without sending data.
  • -w 15 sets a 15-second timeout for the connection.

Expected Output:

  • If the port is open, you will see:
    bash
    Connection to domain.com 21 port [tcp/ftp] succeeded!
  • If the port is blocked or closed, you will see:
    bash
    nc: connect to domain.com port 21 (tcp) failed: Connection refused

If the connection request is dropped by the firewall, it may also timeout and display:

bash
nc: connect to domain.com port 21 (tcp) timed out: Operation now in progress

Ncat (for Nmap)

To check if port 22 (SSH) is open on a server with IP address 1.2.3.4, use:

bash
ncat -vz 1.2.3.4 22
  • -v gives verbose output.
  • -z scans for open ports without sending data.

Add -w 15 for a 15-second timeout:

bash
ncat -vzw 15 1.2.3.4 22

Expected Output:

  • If the port is open, you’ll see:
    bash
    Ncat: Version 7.60 ( https://nmap.org/ncat )
    Ncat: Connected to 1.2.3.4:22.
    Ncat: 0 bytes sent, 0 bytes received in 0.04 seconds.
  • If the port is closed or blocked, you will see:
    bash
    Ncat: Version 7.60 ( https://nmap.org/ncat )
    Ncat: Connection refused.

Step 3: Check Further with Manual

If you’d like to learn more about Netcat or Ncat, use the following commands to view their manuals:

bash
man nc
man ncat

Using Netcat or Ncat is a quick way to check if a port is blocked, whether by your local firewall, network settings, or server-side configurations.

Picture of Ramandeep Singh Sethi

Ramandeep Singh Sethi

Hello, I’m Ramandeep Singh Sethi a Public Speaker, Entrepreneur, Philanthropist, and the CEO & Founder of three pioneering technology companies: Hydizo Global Solutions, 1Only Host, and Leadtuts.
Share the Post:

Related Posts

Scroll to Top