cf7/ittavern.com
1
0
Fork 0
Code Issues 2 Pull requests Projects Releases Packages Wiki Activity Actions
ittavern.com/items/2024-01-20_long_bandwidth-measurement-using-netcat.md
CaffeineFueled 3484b45045
init - PoC
2025-10-27 20:12:00 +01:00

110 lines
3.6 KiB
Markdown
Raw Blame History

# Bandwidth Measurement using netcat on Linux
There are various implementations. I am using nmap-ncat on rockOS 8 on both hosts.
Netcat's using **TCP by default** and this test is **not limited by disk I/O** from what I understood. That said, it is not the best solution, but it is a great 'quick and dirty' method. Additionally, there is **no encryption overhead** and **no compression** involved.
**Important:** Please use with caution. You can lose access to a host while performing the test.
---
Server / Receiver:
: `nc -k -v -l 33333 > /dev/null`
: `-k` # keeps listening after connection ends *(might not be available e.g. gnu-netcat)*
: `-v` # verbose output
: `-l 33333` # listen on port 33333 (default TCP)
: `> /dev/null` # send incoming data into the void to avoid disk I/O
Client / Sender:
: `dd if=/dev/zero bs=500M count=1 | nc -v 192.0.2.5 33333`
: `dd` # convert/copy files
: `if=/dev/zero` # read from file, only zeros in this case
: `bs=500M` # sets the data-/ blocksize, 500 Mibibytes, use `500MB` for Megabytes,
: `count=1` # set the maximum number of blocks, just leave it at `1`
: `|` # 'pipes' all data to the next command
: `nc` # netcat command
: `-v` # set a more verbose output
: `192.0.2.5` # set destination server IP
: `33333` # set destination port
---
**Result on the client side**
```markdown
[user@test-rocky-01 ~]$ dd if=/dev/zero bs=500M count=1 | nc -v 192.0.2.5 33333
Ncat: Version 7.92 ( https://nmap.org/ncat )
Ncat: Connected to 192.0.2.5:33333.
1+0 records in
1+0 records out
524288000 bytes (524 MB, 500 MiB) copied, 19.6253 s, 26.7 MB/s
Ncat: 524288000 bytes sent, 0 bytes received in 19.71 seconds.
```
---
**Result on the server side**
```markdown
[user@test-rocky-02 ~]$ nc -k -v -l 33333 > /dev/null
Ncat: Version 7.92 ( https://nmap.org/ncat )
Ncat: Listening on :::33333
Ncat: Listening on 0.0.0.0:33333
Ncat: Connection from 198.51.100.19.
Ncat: Connection from 198.51.100.19:42822.
Ncat: Connection from 198.51.100.19.
Ncat: Connection from 198.51.100.19:43088.
[...]
```
**Side note:** It is recommended to test both directions.
#### Additional options
**Side note:** For security reasons on most systems you need **higher permissions to use ports in the range of 0-1023** (reserved port range).
```markdown
[user@test-rocky-02 ~]$ nc -k -v -l 444 > /dev/null
Ncat: Version 7.92 ( https://nmap.org/ncat )
Ncat: bind to :::444: Permission denied. QUITTING.
```
---
Specify source interface/IP:
: `-s 10.20.10.8`
Specify source port:
: `-p 45454` # on the client obviously
: Tip: changing the source port with every run to find a specific run faster in a packet capture
Using UDP instead of TCP:
: `-u` # must be used on both hosts and might not be compatible with other options
# Troubleshooting
#### Large transfer / longer test
`[user@test-rocky-01 ~]$ dd if=/dev/zero bs=4G count=1 | nc -p 5555 -v 192.0.2.5 33333`
`dd: memory exhausted by input buffer of size 4294967296 bytes (4.0 GiB)`
You are limited by your RAM when you want to send more data. You can decrease `bs=4G` to `bs=1G`, and increase the counter `count=1` to `4` to transfer 4GiB of data.
#### Connection refused
`Ncat: Connection refused.`
`Ncat: TIMEOUT.`
Make sure:
- that the netcat server is running
- double-check the destination host and port of the command
- make sure that you can reach the destination over this port
- network firewalls
- routing
- check both host firewalls and make sure the inbound and outbound traffic is allowed
# Caution
As mentioned before, you can lose access to your hosts. Additionally, please **announce tests to your network and security team** as you can disrupt a productive network or trigger some kind of IDS system in place.
---
Reference in a new issue View git blame Copy permalink