Socat – Netcat on steroids
Switchboard
Netcat is the Swiss Army knife of networking for admins. Socat takes this principle one step further, offering multiplexing, TLS-secured channels, pipes, Unix sockets, and executables.
Netcat is undoubtedly a useful tool for testing TCP connections or UDP ports, transferring files, and far more [1]. Socat [2] offers even more: Besides raw TCP and UDP connections, it supports channels secured by TLS and can access pipes, Unix sockets, and executables. As if that were not enough, it can also multiplex multiple client connections.
Just like Netcat, Socat expects two position parameters to establish a connection between two network addresses: socat <address1> <address2>
. It can make sense to transfer files via raw TCP connections, for example, if you need to work as a different user on the target system than on the source. On many of the systems I support, sudo I/O logging is enabled.
This means that for SCP or SFTP transfers with a user change (Listing 1), the complete transfer is added to the sudo logs via stdin
and stdout
. This can mean several gigabytes of data need to be stored in the /var/log/sudo/
directory. If you don't want to do without additional security via public key authentication and deactivated root accounts, you have to come up with something smart for transfers of this type. This is where Netcat and Socat come into play.
[...]
Buy this article as PDF
(incl. VAT)