Nmap Development mailing list archives
Re: Socat
From: MadHat <madhat () unspecific com>
Date: Thu, 16 Jun 2005 14:03:47 -0500
On Jun 16, 2005, at 1:17 PM, Andreas Ericsson wrote:
MadHat wrote:On Jun 16, 2005, at 6:06 AM, Andreas Ericsson wrote:Max wrote:A Windows version of this sort of tool is *mandatory* since it is often used as a backdoor/tunnel on a vulnerable machine. And what OS is more vulnerable than any other ? Hence this mandatory requirement :-)Bah! The kids that needs a netcat-like program to backdoor a system aren't really worthy of owning it in the first place. Spending quality coding time so that juvenile idiots (the kind that have a hard time grasping the meaning of the switch() statement) have a means of quickly doing something non-constructive and possibly illegal is not my idea of fun.That is like saying I won't make a hammer because it might be used to bash someone's head in.More like sitting in a wheelchair and building surfboards for no- one in particular.
I don't understand. But what ever... <snip>
Yes, there are other implementations os netcat out there. I think Fyodor's idea is to possibly expand nmap to be a set of tools, instead of just one tool. So instead of installed 3 or 4 packages to do all your scanning and testing, you install one. Maybe similar interfaces (CLI options) and all the same quality.Oh, so it'd be like inventing the wheel when you've already started on rocket science then? I'd just love to see nping, ncat, nawk, ngrep (oh wait, that last one exists), nperl, nls (another acronym for that, I suppose), ncut, nvim, ndate, ndd, nsed and a dozen other tools. Never mind that it wouldn't be logical to use either one of them. Since it can be done, it should be done.
ummm....? Anyway, these are specific 2 tools being discussed that are commonly used (often in conjunction with nmap) when doing network reconnoissance. I didn't think it was that big of a deal. Maybe netcat is not a good idea because there is a version that is well maintained and well designed. Maybe it can be done better? I'm not sure, I have not looked at socat yet. I still use the original one because it does what I need. hping is not well maintained and the UI is kind of kludgy. I can see where taking the ideas of hping (and maybe netcat) and reworking it from the ground up with a new interface and new ideas could work out well for performance and usability. I don't see it as reinventing the wheel, but improving upon it.
Something worth while would be write a testing engine for vulnerabilities to serially try various exploits on a wide range of hosts. The exploits could be distributed in much the same way as the OS fingerprint file is today. That would be nmap'ish as well, since it would definitely be usefule for the whitehats while being close to invaluable for those nocturnal fellas out there as well.
So put together specs and propose it.
Remember this is also for the Summer of Code. This may not bee added, may not be maintained after the end of the summer and may not even be finished. I think it sounds interesting none the less.True. Student projects tend to lean somewhat toward intellectual masturbation. Let's just hope they don't get carried away with their own cleverness.
I think the projects are being directed by the groups they are working for and not working free of any supervision, but I am not sure. -- MadHat (at) Unspecific.com, C²ISSP E786 7B30 7534 DCC2 94D5 91DE E922 0B21 9DDC 3E98 gpg --keyserver wwwkeys.us.pgp.net --recv-keys 9DDC3E98 _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev
Current thread:
- Re: What would we want in a new Netcat/Hping?, (continued)
- Re: What would we want in a new Netcat/Hping? Andreia Gaita (Jun 16)
- Re: What would we want in a new Netcat/Hping? Simon Spencer (Jun 16)
- Re: What would we want in a new Netcat/Hping? Chuck (Jun 15)
- Re: What would we want in a new Netcat/Hping? Fyodor (Jun 15)
- Re: What would we want in a new Netcat/Hping? Chuck (Jun 15)
- Re: What would we want in a new Netcat/Hping? Fyodor (Jun 15)
- Re: What would we want in a new Netcat/Hping? Martin Mačok (Jun 16)
- Re: Socat Martin Mačok (Jun 17)