First, the use of the NC command detection port
# nc-v-W%ip%-Z%PORT%
-V Displays the instruction execution process.
-W < timeout seconds > set the time to wait for the connection.
-U means using the UDP protocol
-Z uses 0 in/out mode and is only used when scanning communication ports.
Example 1: Scan a specified 8080 port
# nc-v-W 10-z 192.168.0.100 8080
Connection to 192.168.0.100 8080 port [tcp/http] succeeded!
Example 2: Scan the 20 to 25 port range and verbose output.
# nc-v-W 2-z 192.168.0.100 20-25
Nc:connect to 192.168.0.100 port (TCP) Failed:connection refused
Nc:connect to 192.168.0.100 port (TCP) Failed:connection refused
Connection to 192.168.0.100 Port [Tcp/ssh] succeeded!
Nc:connect to 192.168.0.100 port (TCP) Failed:connection refused
Nc:connect to 192.168.0.100 port (TCP) Failed:connection refused
Nc:connect to 192.168.0.100 port (TCP) Failed:connection refused
Example 3: Scan the 1 to 65535 port range and output only the open ports (minus the-v parameter)
# nc-w 1-z 192.168.0.100 1-65535
Connection to 192.168.0.100 Port [Tcp/ssh] succeeded!
Connection to 192.168.0.100 Port [Tcp/http] succeeded!
Connection to 192.168.0.100 2121 Port [Tcp/scientia-ssdb] succeeded!
Connection to 192.168.0.100 4004 Port [tcp/pxc-roid] succeeded!
Connection to 192.168.0.100 8081 Port [Tcp/tproxy] succeeded!
Connection to 192.168.0.100 11211 Port [tcp/*] succeeded!
Second, the batch detection server designated port open situation:
1, if we want to monitor a bunch of specified IP and port, you can create a new file (1th server IP, 2nd column to monitor the port).
# Vim/scripts/ip-ports.txt
192.168.0.100 80
192.168.0.100 8081
192.168.0.101 8082
192.168.1.100 21
2, we can write such a script to detect the bulk of the port is open:
# vim/scripts/ncports.sh
#!/bin/bash
#检测服务器端口是否开放, Success will return 0 value display OK, failure will return 1 value show fail
Cat/scripts/ip-ports.txt | While Read line
Do
Nc-w 10-z $line >/dev/null 2>&1
If [$?-eq 0]
Then
echo $line: OK
Else
echo $line: Fail
Fi
Done
3, execute the script to see the results of the operation as follows:
# chmod a+x/scripts/ncports.sh
#/scripts/ncports.sh
192.168.0.100 80:ok
192.168.0.100 8081:ok
192.168.0.101 8082:ok
192.168.1.100 21:fail
3, the port does not pass the message and the message pop-up window alarm script as follows:
# vim/scripts/ncports.sh
#!/bin/bash
#检测服务器端口是否开放, Success will return 0 value, no meeting return 1 value
Cat/scripts/ip-ports.txt | While Read line
Do
Nc-w 10-z $line >/dev/null 2>&1
If [$?-eq 0]
Then
echo $line: OK
Else
echo $line: Fail
echo "Server $line port does not pass, please deal with it ASAP!" "| Mail-s "" Machine Room Monitoring "server $line port" [email protected]
Fi
Done
4, join the task plan to execute every 2 minutes
# CRONTAB-E
*/2 * * * */scripts/ncports.sh >/dev/null 2>&1
Linux Monitoring Command NC usage