Yesterday I wanted to move an 2.3 GiByte VMware image from one Ubuntu System to another. At first I tried SFTP but
it's more than slow (1 MiByte/s on a 100 MBit/s connection). The next logical step would have been to use Samba or
NFS but I don't like both of them…
This is where
netcat comes in handy.
netcat is a small Unix/Linux command line tool that lets you pipe data over a
network connection (among many other things). The cool thing: it's quite simple.
First listen on the server
netcat -l -w 2 1111 > vm.zip
-l parameter makes
netcat listen for incoming data while
-w 2 tells
netcat to automatically close the
connection 2 seconds after data stopped coming in.
1111 at last is the port number where
netcat actually listens.
All data received is then stored in the file
Then send the data from the client
netcat 192.168.0.1 1111 < vm.zip
This one's straight forward: give
netcat the IP address and port where the other system's listening
192.168.0.1 1111) and feed it with data (
This little trick gave me a transfer rate from about 7 to 9 MiByte/s. Much better than SFTP.
Of course this netcat styles of data transfer has it's drawbacks. Theres no real protocol involved so it's somewhat vague.
On the positive side attackers will have a hard time to figure out what the heck you're sending. It's also not possible to
transfer multiple files with
netcat alone but
tar can help us here:
netcat -l -w 2 1111 | tar -xz
tar -cz * | netcat 192.168.0.1 1111
It's basically piping a tar archive over the network.
-c for creating the archive and
-x for extracting it. The
tar gives us data compression for free. Pretty nice and basic.
On the fly check with MD5
Some Unix piping goodes makes it possible to check the data transfer on the fly with MD5. For those who don't trust
netcat -l -w 2 1111 | tee >( md5sum > /dev/stderr ) | tar -xz
tar -cz * | tee >( md5sum > /dev/stderr ) | netcat 127.0.0.1 1111
This transfers the data over the network and outputs an MD5 checksum afterwards. Just compare the checksums and you
know your data wasn't hurt on the way.
These commands use
tee and the
bash process substitution feature to redirect the tar archive to the
netcat on the same time (taken from Redirect output to multiple processes). It's a bit complex though so it's
better suited for shell scripts I think.