After reading Brian Hatch's [Nmap Version Detection Rocks][nmap], I
wanted to set up a simple socket-connection test.  Here are my notes:

Start a plain-text socket echoing incomming text using [netcat][]:

    a$ nc -l -p 8080

The `-l` (listen) switches netcat into server mode.  I was a bit
confused by the `<host>` and `<port>` arguments to `nc -l`.  It turns
out that they do not specify which address netcat binds to; they limit
the *connecting* host.  Something like

    a$ nc -l -p 8080 b.example.net 12345

will only accept connections originating from port `12345` on
`b.example.net`.

Echo text to that port

    b$ echo 'hi there' | nc -q 1 a.example.net 8080

To connect from a specific port, use the `-p` option.

    b$ echo 'hi there' | nc -q 1 -p 12345 a.example.net 8080

The `-q 1` tells netcat to quit after an EOF is detected.  When the
client quits, the connection breaks, and the server goes down on its
own.  If you want netcat to stay up you'll have to restart it:

    $ while nc -l -p 8080; do :; done

The `:` is Bash's noop.

If you just want a simple telnet-style connection use:

    b$ nc a.example.net 8080

For a secure connection, use [OpenSSL][] (see [[X.509_certificates]]
for more on generating keys and certificates):

    a$ openssl s_server -key key.pem -cert cert.pem -accept 8080

Connect with

    b$ echo 'hi there' | openssl s_client -connect a.example.net:8080

The OpenSSH client automatically closes on EOF, but the server stays
open for new connections.  You'll have to kill it manually when you're
done.

If you don't like OpenSSL, you can also use [stunnel][] for SSL
connections.  Examples are all over.  [This post][DB] by Dustin Breese
seems good.

Also note that with the `crypt` USE flag, Gentoo will install netcat
with an [AES][] patch by [Mixter][], which allows

    $ nc -k <password> -l -p
    $ nc -k <password> <options> <host> <port>

AES is a symmetric-key encryption standard, so you don't have to go
through all the rigmarole of setting up SSL keys and certs for a
one-off connection.

[nmap]: http://www.hackinglinuxexposed.com/articles/20031006.html
[netcat]: http://nc110.sourceforge.net/
[OpenSSL]: http://www.openssl.org/
[stunnel]: http://stunnel.mirt.net/
[DB]: http://dustinbreese.blogspot.com/2008/09/stunnel.html
[AES]: http://en.wikipedia.org/wiki/Advanced_Encryption_Standard
[Mixter]: http://mixter.void.ru/

[[!tag tags/linux]]
[[!tag tags/tools]]