What are the alternatives for checking open ports, besides telnet?

Netcat (nc) is one option.

nc -zv kafka02 6667
  • -z = sets nc to simply scan for listening daemons, without actually sending any data to them
  • -v = enables verbose mode

If using Bash Shell, then you can use its feature to check if a port is open or closed:

(timeout 1 bash -c '</dev/tcp/127.0.0.1/17500 && echo PORT OPEN || echo PORT CLOSED') 2>/dev/null
PORT OPEN

(timeout 1 bash -c '</dev/tcp/127.0.0.1/7500 && echo PORT OPEN || echo PORT CLOSED') 2>/dev/null
PORT CLOSED

Note that if the server does not respond after 1 second the timeout is reached, the commands between ' interrupted, and thus nothing is printed.


The gold standard is undoubtedly nmap (nmap.org), but it typically requires root for “best results”. However, standalone binaries are available and it is possible to run it as an unprivileged user, just with degraded capabilities. For example, instead of a stealth syn scan (-sS), it falls back to a standard TCP connect scan (-sT). This is functionally equivalent to netcat, but with the nice multi-host, sped-up capabilities that it has.

An example:

not-root$ nmap -sT google.com
Starting Nmap 7.70 ( https://nmap.org ) at 2018-11-04 21:01 GMT
Nmap scan report for google.com (172.217.23.14)
Host is up (0.12s latency).
rDNS record for 172.217.23.14: lhr35s01-in-f14.1e100.net
Not shown: 998 filtered ports
PORT    STATE SERVICE
80/tcp  open  http
443/tcp open  https