Re: ncat: terminate when remote EOF

[Daniel Miller <bonsaiviking () gmail com>]

Matthias,

You are correct that there is no way to currently do this. I think the
cleanest way to do this would actually be to change Ncat's default to match
traditional and OpenBSD netcat, which as you note is to disconnect
immediately on EOF from the remote socket. Once this is implemented, we can
allow the -k (--keep-open) option to be used in connect mode to introduce
the current behavior. This seems to be a pretty good solution: it brings us
closer to compatibility with both the older netcat implementations.

I hope to get some feedback from other users on this before implementing.

Dan

On Tue, May 9, 2017 at 2:21 AM, Matthias Wächter <matthias () waechter wiz at>
wrote:

> Hi guys,
>
> Thanks for this great tool. However, I just don’t understand how to tell
> ncat to terminate when the remote end has closed the session.
>
> Take for example, a simple HTTP session. When I have told the server what
> page I want to receive, i.e., sending GET, Host: and empty line, and the
> server has returned the data, the server closes its end of the connection.
> Using "telnet server 80", or "nc server 80", or even "socat -
> TCP:server:80" for that, all lead to the same result: When the server is
> done, the program exits. In this discipline, telnet and nc are the fastest,
> terminating without any delay, and socat offers the option "-t" to specify
> the delay between EOF and termination. Specifying "-t0" brings socat to the
> same zero-delay like telnet and nc.
>
> Not so with ncat. After the server has sent the data and is obviously
> done, the session stays open until either (a) the client terminates it, or
> (b) sends additional data, which then breaks the pipe, or (c) -i <timeout>
> was specified, and that inactivity timeout ran out.
>
> As my script connects the input to ncat with another program, I cannot
> control to send additional data into the pipe. Also the output is out of
> reach, so even if I planned to analyze the output to identify the semantic
> end of the stream, I cannot, and it’s stupid anyway since the stream
> already tells by EOF when it’s time to go. So the only thing that comes
> close to what I need is "-i <timeout>".
>
> IMO, timeouts should be used to cope with higher-layer errors (e.g.,
> remote application takes too long to process my query), or with lower-layer
> errors (network stall), but not for the normal case when there is no error
> present. Say, I want to have a timeout of 10 seconds, for the case where
> the remote script rarely takes long to gather the data; if I need to take
> that timeout for any connection that returns my data even within 10
> milliseconds, my script will crawl like a snail for every connection.
>
> Isn’t there something in ncat that behaves like "socat -t0"? Do I miss the
> obvious?
>
> Note: My script isn’t about HTTP, so wget/curl won’t catch it at all. I
> definitely need nc/ncat/socat for the job, and I want to offer
> compatibility with each of them.
>
> Thanks in advance,
> – Matthias
> _______________________________________________
> Sent through the dev mailing list
> https://nmap.org/mailman/listinfo/dev
> Archived at http://seclists.org/nmap-dev/
_______________________________________________
Sent through the dev mailing list
https://nmap.org/mailman/listinfo/dev
Archived at http://seclists.org/nmap-dev/