Testing ports without telnet or nc

Ever hop onto a server where the network admin may have been a bit over-caffeinated when they were locking down the firewall? What if they also locked down egress along with ingress? They want you to prove you cannot connect outbound, but you cannot even install ‘telnet’ or ‘nc’ since yum/apt can’t get outbound. While that is proof in and of itself, what if you needed something more for some reason?

Assuming you have root access and ‘telnet’ or ‘nc’ is not installed, you can use the bash networking features (see REDIRECTION man page). The example below shows connections that succeed since they return instantly:

[[email protected] ~]# echo > /dev/tcp/1.1.1.1/80
[[email protected] ~]# echo > /dev/tcp/1.1.1.1/443
[[email protected] ~]# echo > /dev/tcp/google.com/443
[[email protected] ~]#

You can tell the connection failed as the command will hang or return an error about ‘connection refused’.