The current implementation of the selection of a random sequence of ports in nc -r suffers from modulo bias and a biased shuffling procedure. Use arc4random_uniform() and the Fisher-Yates shuffle instead.
Index: usr.bin/nc/netcat.c =================================================================== RCS file: /cvs/src/usr.bin/nc/netcat.c,v retrieving revision 1.144 diff -u -p -r1.144 netcat.c --- usr.bin/nc/netcat.c 23 Nov 2015 01:23:56 -0000 1.144 +++ usr.bin/nc/netcat.c 6 Dec 2015 18:28:39 -0000 @@ -1303,8 +1303,8 @@ build_ports(char *p) int y; char *c; - for (x = 0; x <= (hi - lo); x++) { - y = (arc4random() & 0xFFFF) % (hi - lo); + for (x = hi - lo; x >= 1; x--) { + y = lo + arc4random_uniform(x + 1); c = portlist[x]; portlist[x] = portlist[y]; portlist[y] = c;