ncat only works in certain scenarios


I tried using ncat (a “much-improved reimplementation of netcat”) to chat with a friend (and ultimately want to send a large file, but I know I can get that working once I get chat to work).

We both have Windows.

On my end I typed:

ncat -l 3333

On his end I had him type:

ncat [my public IP] 3333

Nothing happened on my end, while his completed with "Ncat: ." and returned to the prompt.

I couldn't figure out what to do to fix this, so I decided, while he's busy, I'll test this out on two of my own laptops (one with Windows, the other with Linux, not sure if it should matter).

I found the same results ("Ncat: ." then back to prompt) only when I issued

ncat -l 3333

from Linux and

ncat [my public IP] 3333

from Windows.

The only scenario in which the chat/file-transfer did work was when I listened from Windows and did ncat [my public IP] 3333 from Linux.

Any ideas why this is happening, and what I can do to fix it?


Posted 2013-03-04T23:33:55.247

Reputation: 123

You did not tell wether it's working or not. At the moment, you don't like the blinking cursor. That's all you've told. Please give us more information of what works and what doesn't. And I suggest you portforwarding, if the connection could not be established. – Peter – 2013-03-05T07:50:34.477

@Peter: Read it again.  He’s saying that the client process exits immediately upon being started. – Scott – 2013-03-05T20:53:17.037

Emil: Have you tried -v (and -vv and -vvv)?  Do you have a sniffer (e.g., ethereal, Wireshark, tcpdump, …)?  Can you see what is happening on the wire? – Scott – 2013-03-05T20:54:08.363

yes, I have Wireshark. I can try taking a look, but it is a little overwhelming, and I'm not sure what to look for. I took my first Routing/networking class last semester, so I'm new to this.

I'll check though and see if anything looks...::ahem:: familiar – Emil – 2013-03-06T03:18:05.930



Check that there are no firewalls in the way (to check in Wireshark, verify that a TCP SYN packet arrives at the listening instance) and check that port forwarding is properly set up if you are accessing the internet through a firewall or home router. If you aren't getting a TCP SYN packet, work your way back to the originating machine until you see where it stops. If you see a TCP SYN packet incoming followed by an outgoing TCP SYN/ACK packet, make sure that packet is arriving at the originating node, and that it responds with a TCP ACK.

Based on the fact that it works when listening from Windows and ncatting in from Linux, I would check the personal firewall settings for the firewalls on both Linux and Windows and see if they are configured differently. Make sure you allow incoming traffic on the port you are listening on (in this case 3333).

One difference that exists with real Netcat between Linux and Windows is that in Windows there is a -L flag that causes persistent listening after a closure. This may not have anything to do with this issue, but I thought it was worth mentioning.


Posted 2013-03-04T23:33:55.247

Reputation: 260


So, the last part of your post said it only worked locally when you listened from windows, and ran the client from Linux.

Most likely your Linux firewall (most likely ufw - are you on Ubuntu or a variant?) Is set to allow outgoing and deny incoming unless it is established by your own outgoing connections. Somehow your Windows firewall is happy enough that you are listening with ncat that it just lets the incoming traffic through.

In Linux run: sudo systemctl status ufw If ufw is up, then run: sudo ufw allow 3333 Then try listening from Linux at Port 3333 and see if it works. Don't forget to deny port 3333 when you are finished with ncat - same syntax but use deny instead of allow.

In the first case, wherein your friend couldn't connect to your machine, since your Windows machine can listen and initiate successfully over the local network, it is almost guaranteed that port 3333 on your machine is not forwarded to your router. When your friend tries ncatting to your IP, he is requesting a service from your router - not from your computer.

If you login to your routers admin interface it should have an option for port forwarding/triggering. This might be in the advanced settings. Good luck and let us know if you have any more questions.

PS. If you get this to work with your friend over the internet, I would suggest shutting it down after proof of concept. If you want to continue exposing your computer's port to the world wide web for ncat chatting then you should use ssl with ncat and you should monitor the port activity.

Guy Gastineau

Posted 2013-03-04T23:33:55.247

Reputation: 301