Also, leaving netcat listening without restriction can pose a HUGE security risk.
so, only execute the listening command when you will connect within a short period of time
yes i know...
but this only is on a lan with no access to the i-net, so the risk should be coming from the inside then...

but suppose the system was able to access i-net, is there any possiblity then to get a cmd after entering a specific password?