Re: [RFC] Redoing Ncat's Proxy Options

[jah <jah () zadkiel plus com>]

On 10/10/2008 03:36, Kris Katterjohn wrote:
> * Is moving in this direction a good idea?  I'm very much for it.
I think so too.
> * If so, what option names should be used?  I'm OK with -x and -X, but
> what do
> you guys like?
x is good.  How would one specify a server, -l {port} -X {type}?
> * Should the -X equivalent option default to anything?  OpenBSD Netcat
> defaults to SOCKS5.
It might be simplest to default to http.  Then we'd only need -X, -X4
and -X5.
> * Instead of -X taking "4" (SOCKS4), "5" (SOCKS5) and "connect" (HTTP
> CONNECT)
> like OpenBSD Netcat does, I think just using "socks4", "socks5" and
> "http" is
> better.  However, I'm not super-set either way.  Opinions?
I like http better than connect.  I like just 5 rather than socks5, but
I suppose both types of option might be allowed.
> * What about the proxy authentication option (currently --proxy-auth)?  I
> would like this to be similar to the names of the other proxy options, but
> using -x and -X would throw that out the window (OpenBSD Netcat uses
> -P).  One
> possibility is to just drop this option and allowing for
> "user@socksproxy" and
> "user:pass@httpproxy" syntax in the -x equivalent option, but I'm not 100%
> behind that one.
I guess we'd have to stick with a long option, something like --xauth,
--x-auth, -auth would be reasonable.
> Aside from using just -x, -X and --proxy-auth, here is the first set of
> options that came to my mind:
>
>  --proxy addr[:port]
>  --proxy-type {socks4|socks5|http}
>  --proxy-auth {user|user:pass}
These would be good long options and better than the --http-proxy,
--http-server, ... options for sure.
I do like the idea of -x, -X and --auth though.

My thruppence.

jah

_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://SecLists.Org