If you’re having trouble connecting to services like FTP, MySQL, or SSH, it’s possible that the port you need is blocked by a firewall. This could be anywhere from your local workstation, network router, VPN, or even the server itself. You can check if a port is blocked using Netcat or Ncat, which are command-line tools for testing network connections.
Step 1: Install Netcat/Ncat
- Linux/macOS: Netcat (often
nc
) is usually pre-installed. For macOS, you might need to installncat
separately via Homebrew:bashbrew install nmap
- Windows: You can use Ncat, which is the successor of Netcat, available with the Nmap package. Download it from Nmap.org.
Step 2: Scan a Single Port
To check if a specific port is open or blocked, use either Netcat or Ncat by following the steps below:
Netcat (Linux)
To check if port 21 (FTP) is open on a domain, use:
nc -vzw 15 domain.com 21
-v
gives verbose output, showing connection details.-z
scans for open ports without sending data.-w 15
sets a 15-second timeout for the connection.
Expected Output:
- If the port is open, you will see:bash
Connection to domain.com 21 port [tcp/ftp] succeeded!
- If the port is blocked or closed, you will see:bash
nc: connect to domain.com port 21 (tcp) failed: Connection refused
If the connection request is dropped by the firewall, it may also timeout and display:
nc: connect to domain.com port 21 (tcp) timed out: Operation now in progress
Ncat (for Nmap)
To check if port 22 (SSH) is open on a server with IP address 1.2.3.4
, use:
ncat -vz 1.2.3.4 22
-v
gives verbose output.-z
scans for open ports without sending data.
Add -w 15
for a 15-second timeout:
ncat -vzw 15 1.2.3.4 22
Expected Output:
- If the port is open, you’ll see:bash
Ncat: Version 7.60 ( https://nmap.org/ncat )
Ncat: Connected to 1.2.3.4:22.
Ncat: 0 bytes sent, 0 bytes received in 0.04 seconds.
- If the port is closed or blocked, you will see:bash
Ncat: Version 7.60 ( https://nmap.org/ncat )
Ncat: Connection refused.
Step 3: Check Further with Manual
If you’d like to learn more about Netcat or Ncat, use the following commands to view their manuals:
man nc
man ncat
Using Netcat or Ncat is a quick way to check if a port is blocked, whether by your local firewall, network settings, or server-side configurations.