Nmap Development mailing list archives
Re: New syntax for Ncat --allow and --deny
From: David Fifield <david () bamsoftware com>
Date: Sat, 21 Feb 2009 19:39:36 -0700
On Fri, Feb 20, 2009 at 11:23:45PM -0800, Fyodor wrote:
On Fri, Feb 20, 2009 at 09:13:23PM -0700, David Fifield wrote:On Thu, Feb 19, 2009 at 11:57:38AM -0700, David Fifield wrote: Ncat's parser is a reimplementation of the parser in Nmap's TargetGroup.cc. Believe me, I felt bad about that. I decided that reimplementing it was the right thing for a few reasons. First, Ncat is a pure C program with no dependencies on any (C++) Nmap files. Linking with TargetGroup.o would change that. Second, I wanted support for IPv6 netmasks. Third, I had a neat idea for representing IPv4 ranges as bit vectors.It could always be moved to nbase and shared between nmap and ncat if that turned out to be desirable. Though, as you note, perhaps the uses are different enough that it isn't worthwhile.
The same code could be used for both. There are two obstacles I can think of. One, TargetGroup not only checks addresses against a list (--exclude), it also has to enumerate all the addresses in the list (target specification). addrset doesn't do that but could be made to. Two, addrset adds all the addresses found for a host name, while TargetGroup adds just the first. Compare: $ nmap -sL google.com Warning: Hostname google.com resolves to 3 IPs. Using 74.125.45.100. $ ./ncat -vvv --allow google.com Add IPv4 209.85.171.100/32 to addrset. Add IPv4 74.125.67.100/32 to addrset. Add IPv4 74.125.45.100/32 to addrset. David Fifield _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://SecLists.Org
Current thread:
- Weird target specifications David Fifield (Feb 19)
- Re: Weird target specifications Fyodor (Feb 19)
- Re: Weird target specifications David Fifield (Feb 19)
- Re: Weird target specifications David Fifield (Feb 20)
- Re: Weird target specifications Fyodor (Feb 20)
- Re: Weird target specifications David Fifield (Feb 23)
- Re: Weird target specifications David Fifield (Feb 19)
- Re: Weird target specifications Fyodor (Feb 19)
- Re: New syntax for Ncat --allow and --deny Fyodor (Feb 20)
- Re: New syntax for Ncat --allow and --deny David Fifield (Feb 21)