Re: Socat

[MadHat <madhat () unspecific com>]

On Jun 16, 2005, at 1:17 PM, Andreas Ericsson wrote:
> MadHat wrote:
> > On Jun 16, 2005, at 6:06 AM, Andreas Ericsson wrote:
> > > Max wrote:
> > > > A Windows version of this sort of tool is *mandatory* since it is
> > > > often
> > > > used as a backdoor/tunnel on a vulnerable machine. And what OS is
> > > > more
> > > > vulnerable than any other ? Hence this mandatory requirement :-)
> > > Bah! The kids that needs a netcat-like program to backdoor a system
> > > aren't really worthy of owning it in the first place. Spending  
> > > quality
> > > coding time so that juvenile idiots (the kind that have a hard time
> > > grasping the meaning of the switch() statement) have a means of
> > > quickly
> > > doing something non-constructive and possibly illegal is not my
> > > idea of fun.
> > That is like saying I won't make a hammer because it might be used to
> > bash someone's head in.
>
> More like sitting in a wheelchair and building surfboards for no- 
> one in
> particular.

I don't understand.  But what ever...

<snip>

> > Yes, there are other implementations os netcat out there.  I think
> > Fyodor's idea is to possibly expand nmap to be a set of tools,
> > instead of just one tool.  So instead of installed 3 or 4 packages to
> > do all your scanning and testing, you install one.  Maybe similar
> > interfaces (CLI options) and all the same quality.
>
> Oh, so it'd be like inventing the wheel when you've already started on
> rocket science then? I'd just love to see nping, ncat, nawk, ngrep (oh
> wait, that last one exists), nperl, nls (another acronym for that, I
> suppose), ncut, nvim, ndate, ndd, nsed and a dozen other tools. Never
> mind that it wouldn't be logical to use either one of them. Since  
> it can
> be done, it should be done.

ummm....?

Anyway, these are specific 2 tools being discussed that are commonly  
used (often in conjunction with nmap) when doing network  
reconnoissance.  I didn't think it was that big of a deal.  Maybe  
netcat is not a good idea because there is a version that is well  
maintained and well designed.  Maybe it can be done better?  I'm not  
sure, I have not looked at socat yet.  I still use the original one  
because it does what I need.  hping is not well maintained and the UI  
is kind of kludgy.  I can see where taking the ideas of hping (and  
maybe netcat) and reworking it from the ground up with a new  
interface and new ideas could work out well for performance and  
usability.

I don't see it as reinventing the wheel, but improving upon it.

> Something worth while would be write a testing engine for
> vulnerabilities to serially try various exploits on a wide range of
> hosts. The exploits could be distributed in much the same way as  
> the OS
> fingerprint file is today. That would be nmap'ish as well, since it
> would definitely be usefule for the whitehats while being close to
> invaluable for those nocturnal fellas out there as well.

So put together specs and propose it.

> > Remember this is also for the Summer of Code. This may not bee added,
> > may not be maintained after the end of the summer and may not even be
> > finished.  I think it sounds interesting none the less.
> True. Student projects tend to lean somewhat toward intellectual
> masturbation. Let's just hope they don't get carried away with  
> their own
> cleverness.

I think the projects are being directed by the groups they are  
working for and not working free of any supervision, but I am not sure.

--
MadHat (at) Unspecific.com, C²ISSP
E786 7B30 7534 DCC2 94D5  91DE E922 0B21 9DDC 3E98
gpg --keyserver wwwkeys.us.pgp.net --recv-keys 9DDC3E98



_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev