Nmap Development mailing list archives

Previous By Date Next
Previous By Thread Next

Re: ncat should try connecting to all resolved addresses, not only the first one

From: Fyodor <fyodor () nmap org>
Date: Sun, 15 Dec 2013 12:35:09 -0800
On Fri, Dec 13, 2013 at 10:38 AM, Jacek Wielemborek <d33tah () gmail com>wrote:



I'd like to add another one to PROS - the current behavior isn't really
intuitive. Suppose you're running an IPv6-ignorant HTTP server, or SSH, or
anything like that. You're experiencing problems and want to make sure that
it's listening. You run ncat localhost 22... and it says "connection
refused".
On the other hand, "telnet localhost 22" will connect with no problems.

Personally, I like the "try out all the A records" approach and I believe
that
trying out both IPv4 and IPv6 is the least that Ncat should do in this
case. I
also had the idea that Ncat should perhaps warn that IPv4 was assumed if
neither -4 nor -6 was specified, or maybe do so only in case of an error.



Those are good points (as is Daniel Miller's note about OpenBSD Netcat
behavior).  We don't have to be compatible with other Netcats, but we might
as well when the behavior is desirable anyway.  So if someone wants to
review and integrate this patch, I'm all for it.  The behavior warrants
notice in the man page so I've attached a patch which adds that.

Cheers,
Fyodor

Attachment: ncat.xml.patch
Description: 

_______________________________________________
Sent through the dev mailing list
http://nmap.org/mailman/listinfo/dev
Archived at http://seclists.org/nmap-dev/
Previous By Date Next
Previous By Thread Next

Current thread: