Nmap Development mailing list archives
Re: ncat should try connecting to all resolved addresses, not only the first one
From: Fyodor <fyodor () nmap org>
Date: Sun, 15 Dec 2013 12:35:09 -0800
On Fri, Dec 13, 2013 at 10:38 AM, Jacek Wielemborek <d33tah () gmail com>wrote:
I'd like to add another one to PROS - the current behavior isn't really intuitive. Suppose you're running an IPv6-ignorant HTTP server, or SSH, or anything like that. You're experiencing problems and want to make sure that it's listening. You run ncat localhost 22... and it says "connection refused". On the other hand, "telnet localhost 22" will connect with no problems. Personally, I like the "try out all the A records" approach and I believe that trying out both IPv4 and IPv6 is the least that Ncat should do in this case. I also had the idea that Ncat should perhaps warn that IPv4 was assumed if neither -4 nor -6 was specified, or maybe do so only in case of an error.
Those are good points (as is Daniel Miller's note about OpenBSD Netcat behavior). We don't have to be compatible with other Netcats, but we might as well when the behavior is desirable anyway. So if someone wants to review and integrate this patch, I'm all for it. The behavior warrants notice in the man page so I've attached a patch which adds that. Cheers, Fyodor
Attachment:
ncat.xml.patch
Description:
_______________________________________________ Sent through the dev mailing list http://nmap.org/mailman/listinfo/dev Archived at http://seclists.org/nmap-dev/
Current thread:
- Re: ncat should try connecting to all resolved addresses, not only the first one Jaromir Koncicky (Nov 07)
- Re: ncat should try connecting to all resolved addresses, not only the first one Jaromir Koncicky (Dec 03)
- Re: ncat should try connecting to all resolved addresses, not only the first one Jacek Wielemborek (Dec 09)
- Re: ncat should try connecting to all resolved addresses, not only the first one Jaromir Koncicky (Dec 11)
- Re: ncat should try connecting to all resolved addresses, not only the first one David Fifield (Dec 27)
- Re: ncat should try connecting to all resolved addresses, not only the first one Jacek Wielemborek (Dec 09)
- Re: ncat should try connecting to all resolved addresses, not only the first one Fyodor (Dec 12)
- Re: ncat should try connecting to all resolved addresses, not only the first one Jacek Wielemborek (Dec 13)
- Re: ncat should try connecting to all resolved addresses, not only the first one Fyodor (Dec 15)
- Re: ncat should try connecting to all resolved addresses, not only the first one Jacek Wielemborek (Dec 15)
- Re: ncat should try connecting to all resolved addresses, not only the first one Fyodor (Dec 15)
- Re: ncat should try connecting to all resolved addresses, not only the first one Jaromir Koncicky (Dec 16)
- Re: ncat should try connecting to all resolved addresses, not only the first one Jaromir Koncicky (Dec 03)
- Re: ncat should try connecting to all resolved addresses, not only the first one Daniel Miller (Dec 13)