Re: ncat --max-conns

[David Fifield <david () bamsoftware com>]

On Tue, Sep 22, 2009 at 04:02:01PM -0600, David Fifield wrote:
> On Mon, Sep 21, 2009 at 07:03:34PM +0000, Jon Greaves wrote:
> > > On Mon, Sep 21, 2009 at 06:57:44PM +0000, Jon Greaves wrote:
> > > > > On Mon, Sep 21, 2009 at 09:41:38AM +0000, Jon Greaves wrote:
> > > > > > I've just started playing ncat and am running into something odd with
> > > > > > --max-conns the documantation suggest the this command does the
> > > > > > following "Maximum n simultaneous connections". My ncat redirection
> > > > > > runs quite happily until for several hours then stops accepting
> > > > > > connection with the following error
> > > > > >
> > > > > > New connection denied: connection limit reached (100)
> > > > > >
> > > > > > I guess this makes sense but I'm pretty sure I don't have 100
> > > > > > simultaneous connections via ncat as each connection should be being
> > > > > > closed down after connection am I missing something or is there a
> > > > > > value i can use with --max-conns that tells it to just accept
> > > > > > unlimited connections.
> > > > >
> > > > > Thanks for this report. What is the command line that you use?
> > > >
> > > > ncat -l server1 143 --max-conns 100 --sh-exec "ncat --ssl imap.gmail.com 993"
> > > >
> > > > I know 100 is the default but if you set it to say 10 you get the same
> > > > behaviour it kind of feels like its doing a count of total connections rather
> > > > that simultaneous connections
> > >
> > > Another question: is this on Windows or another operating system?
> >
> > windows and i'm running version 5 of nmap
>
> This is a known bug with --exec and --sh-exec on Windows. The problem is
> that the connection count is increased when a new connection is made,
> but it is never decreased. Normally it is decreased when a SIGCHLD
> signal is received, but that's not available on Windows.
>
> I'll make a note to have this fixed before the next release. If someone
> wants to volunteer to fix it, I think what will be necessary is to make
> the conn_count variable accessible by the ncat_exec_win.c source file,
> and then decrement conn_count at the end of subprocess_thread_func. An
> even better way to do it would be to pass a callback function pointer to
> netrun, which would be called when a process ends.

I made some changes to Venkat's patch from
http://seclists.org/nmap-dev/2009/q4/8 and committed it. This will be
fixed in the next release.

David Fifield

_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://SecLists.Org