on the subject of socketrecycling

[Bas Alberts <bas.alberts () immunitysec com>]

H D Moore wrote:      
> And now on to the warez (all written by metasploit staff, part of 2.3)...

Yah doing a simple non-blocking recv round and checking for a tag in
any success buffer (or any variation on the theme) is a fairly
straightforward way of approaching the socket recycling, and does allow
for alot smaller code because you don't have to bother with building
handle structs / fd bitmasks for full select fun et al. Practically   
I've found that when you have room, a GOcode approach allows for a bit   
more robust handshake and less chance of actually missing your socket due
to timing issues or whatever socket funkyness might rear it's head.

(I'm a firm believer one should test these things through laggy
connections through hosts in whatever hostile nationstate of choice)

I suppose at the end of the day it's a matter of personal preference. I've
never been of the 'omg i shaved of 3 bytes here' generation and tend to 
only optimise when the need comes up. Practically GOcode's always worked
out fine :)

Whichever you prefer I think we can all safely agree that anyone
relying on just getpeername for socketrecycling in 2005 clearly hasn't
ever stepped a foot out into the real world.
   
Bas

_______________________________________________
Dailydave mailing list
Dailydave () lists immunitysec com
https://lists.immunitysec.com/mailman/listinfo/dailydave