Nmap Development mailing list archives
Re: ncat 5.10BETA handling of -l -p is not compatible with nc-1.10
From: Kris Katterjohn <katterjohn () gmail com>
Date: Sun, 10 Jan 2010 02:47:49 -0600
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 01/09/2010 10:33 AM, Denys Vlasenko wrote:
On Friday 08 January 2010 22:33, Fyodor wrote:On Fri, Jan 08, 2010 at 05:32:00PM +0100, Denys Vlasenko wrote:Every reimplementation of netcat seems to try to break this syntax: nc -l -p 123 # listen on local port 123 GNU nc, openbsd's nc all have it broken. And ncat is no exception. "You too, Brutus". IIRC they even break it in different ways - they have different ways to specify local port: as a parameter to -l option, as a standalone port parameter etc... AARRGGHH... This makes users' lives harder for no apparent benefit.One difference between ncat and those other reimplementations is that we don't use the name "nc". So you can have both installed at once, and if you specifically request "ncat", then you know what syntax you're going to get.I heard that Fedora plans to ditch openbsd's implementation of nc and use ncat. They are going to rename it to nc (otherwise scripts which use nc would break).
If a third-party renames ncat to nc, then it looks like they'll deal with any issues. It's name is Ncat, not Netcat.
I think our syntax for listening on port 123 ("ncat -l 123") is preferable to the longer "nc -l -p 123".Because it is shorter by 3 chars? Such insignificant advantage is not going to amuse people who would need to jump through hoops in their scripts (checking "nc --version" and such) just in order to open a listening socket.
I am the one who made this change to Ncat: r8740 | kris | 2008-07-09 14:24:56 -0500 (Wed, 09 Jul 2008) | 16 lines Redesign of --listen. Instead of -l specifying the port to listen on and -s specifying the address to bind to, it now accepts the local address and port like it does the address and port to connect to. You can still leave out the address to accept connections from any address. Before: ncat -l 80 -s 192.168.0.11 Now: ncat -l 192.168.0.11 80 This is the behavior of OpenBSD netcat, in contrast to traditional netcat. Traditional netcat uses the -p option to specify the local port number, but the OpenBSD behavior (and now new ncat behavior) seems much more natural IMO. Thoughts? I'll mention this to nmap-dev when I email asking about wanted features, etc. I did indeed mention this to nmap-dev[1], and I don't recall complaints. Besides, a simple check for the executable ncat should be enough to know what you're doing. No "nc --version" or anything, because it's not called nc.
Do you understand why compatibility is important?
Do you understand why convenience is important? We as authors and users shouldn't be stuck with command arguments from over a decade ago when we can have better. Ncat and many others are full of options not present in the traditional netcat, so anybody utilizing these in scripts must already take specific versions into account. Again, it's not even named nc. And if you're complaining about Fedora or anybody else who may rename ncat to nc, I think you need to complain to them about compatibility since we're not doing it.
That being said, I also agree with David that it would be reasonable for us to just "do what the user wants" in the -l -p case. At least as long as the code change is simple. I think a warning message would still be warranted, at least in verbose mode.What's wrong with simply keeping compatibility with original nc? What are the drawbacks?
Have you complained to every non-conforming "netcat"? Yet again: it's not named nc. When you call Ncat you don't have to worry about what's what. And it's not even like Ncat has some completely different set of arguments. It's similar to various nc's and has the -l style of OpenBSD nc. Kris Katterjohn [1] http://seclists.org/nmap-dev/2008/q3/110 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iQIcBAEBAgAGBQJLSZQ0AAoJEEQxgFs5kUfuFyAP/1ZgfgedUynr6WJA29yydOvk Oq2u70jDf4l3i8G3GAQ9VyM260x3ELpe9Sj3+gO+4I8zuvvTHGLJqwkH/e9cPFKx TdaoJaYFTAOd9FgBt1V6fPpWs5IbJQcNW2JDNOo1svSPSFORvziZBzQcE7JBUQqR FYBZv9gsKwfBOzyndR9fXCwI0cLFDpklKJ4cRGec4mAXPndnrpK0bvdY2BSmmjVP +pmFcIplPJQYuhIQwfvdlSe0DAydAk6XWTsPPlONxHSl8QvTwZzgRraI2KDz/OO/ bMub+kFHiJgqLzrGsmUhl2DJXACToiJNMQZhGb/isCDXFSGELiiv1RShWky1ZvzC RkO3vMvEuFyIIxTr9ALSnnpceCRiEuwSNkj1p3BavCv5g4K53DLawzPkwb7iJ6kT aGUmlKh5rmvlN2/Xf1c/x18Ba4z9bdpVIQAB5NpTGa95FaZDrzRm559D85Ec94Mr OUKDtTh8vOJmTjXXjJOysP4Hox0rDTh8fZefjmcIxbdl7C7Z6tic4StzZwpdDAXq d8forKRZ3Y349u3hP+feX8h7AAQd+ZYxA4scS1OgHkDEwNTfcPKk5dswdBRz2CNe CJMSF9TxkTZz0OVEinik2BXpUJti3Icq1lRwUoH9rXGrqqO2s+Dm3nBZZE9rWIYo plMhDu0HfLuKo/6ljzr9 =Ytus -----END PGP SIGNATURE----- _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://seclists.org/nmap-dev/
Current thread:
- ncat 5.10BETA handling of -l -p is not compatible with nc-1.10 Denys Vlasenko (Jan 08)
- Re: ncat 5.10BETA handling of -l -p is not compatible with nc-1.10 David Fifield (Jan 08)
- Re: ncat 5.10BETA handling of -l -p is not compatible with nc-1.10 Fyodor (Jan 08)
- Re: ncat 5.10BETA handling of -l -p is not compatible with nc-1.10 Denys Vlasenko (Jan 09)
- Re: ncat 5.10BETA handling of -l -p is not compatible with nc-1.10 Kris Katterjohn (Jan 10)
- Re: ncat 5.10BETA handling of -l -p is not compatible with nc-1.10 Denys Vlasenko (Jan 10)
- Re: ncat 5.10BETA handling of -l -p is not compatible with nc-1.10 Kris Katterjohn (Jan 10)
- Re: ncat 5.10BETA handling of -l -p is not compatible with nc-1.10 Denys Vlasenko (Jan 10)
- Re: ncat 5.10BETA handling of -l -p is not compatible with nc-1.10 Kris Katterjohn (Jan 10)
- Re: ncat 5.10BETA handling of -l -p is not compatible with nc-1.10 Denys Vlasenko (Jan 10)
- Re: ncat 5.10BETA handling of -l -p is not compatible with nc-1.10 Fyodor (Jan 12)
- Re: ncat 5.10BETA handling of -l -p is not compatible with nc-1.10 Denys Vlasenko (Jan 09)
- Re: ncat 5.10BETA handling of -l -p is not compatible with nc-1.10 Jon Kibler (Jan 11)
- Re: ncat 5.10BETA handling of -l -p is not compatible with nc-1.10 Ron (Jan 11)
- Re: ncat 5.10BETA handling of -l -p is not compatible with nc-1.10 bensonk (Jan 11)
- Re: ncat 5.10BETA handling of -l -p is not compatible with nc-1.10 Daniel Roethlisberger (Jan 10)