Nmap Development mailing list archives

Previous By Date Next
Previous By Thread Next

ncat: terminate when remote EOF

From: Matthias Wächter <matthias () waechter wiz at>
Date: Tue, 09 May 2017 09:21:44 +0200
Hi guys,
Thanks for this great tool. However, I just don’t understand how to tell ncat to terminate when the remote end has closed the session.
Take for example, a simple HTTP session. When I have told the server what page I want to receive, i.e., sending GET, Host: and empty line, and the server has returned the data, the server closes its end of the connection. Using "telnet server 80", or "nc server 80", or even "socat - TCP:server:80" for that, all lead to the same result: When the server is done, the program exits. In this discipline, telnet and nc are the fastest, terminating without any delay, and socat offers the option "-t" to specify the delay between EOF and termination. Specifying "-t0" brings socat to the same zero-delay like telnet and nc.
Not so with ncat. After the server has sent the data and is obviously done, the session stays open until either (a) the client terminates it, or (b) sends additional data, which then breaks the pipe, or (c) -i <timeout> was specified, and that inactivity timeout ran out.
As my script connects the input to ncat with another program, I cannot control to send additional data into the pipe. Also the output is out of reach, so even if I planned to analyze the output to identify the semantic end of the stream, I cannot, and it’s stupid anyway since the stream already tells by EOF when it’s time to go. So the only thing that comes close to what I need is "-i <timeout>".
IMO, timeouts should be used to cope with higher-layer errors (e.g., remote application takes too long to process my query), or with lower-layer errors (network stall), but not for the normal case when there is no error present. Say, I want to have a timeout of 10 seconds, for the case where the remote script rarely takes long to gather the data; if I need to take that timeout for any connection that returns my data even within 10 milliseconds, my script will crawl like a snail for every connection.
Isn’t there something in ncat that behaves like "socat -t0"? Do I miss the obvious?
Note: My script isn’t about HTTP, so wget/curl won’t catch it at all. I definitely need nc/ncat/socat for the job, and I want to offer compatibility with each of them. 

Thanks in advance,
– Matthias
_______________________________________________
Sent through the dev mailing list
https://nmap.org/mailman/listinfo/dev
Archived at http://seclists.org/nmap-dev/
Previous By Date Next
Previous By Thread Next

Current thread: