Re: [RFC] Now Redoing Ncat's Output Options

[Kris Katterjohn <katterjohn () gmail com>]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 10/11/2008 04:31 PM, DePriest, Jason R. wrote:
> The same can be said for built-in proxy server options.  Why use those
> when you can use corkscrew or something like that?

I think proxying is a desire occurring often enough to warrant it's own
option, provided it's a simplistic interface like we've been discussing.

Besides, you would need separate programs to provide proxying for HTTP and
SOCKS, both client and server.  Corkscrew IIRC is only like a HTTP proxy client.

> Having an option to dump output as pcap format would let Windows users
> pipe it through windump.

Offering a pcap output would be nice, but Ncat doesn't use pcap for anything:
it's pure connect-style sockets operated, so this isn't feasible.

> A question is: do we want this to be a drop-in replacement for netcat
> or do we want it to be a clone + improvement that may break old
> scripts using netcat?

IMO the problem with going the line of being a drop-in replacement and
avoiding breaking nc scripts is that most people probably don't use the
original Netcat anymore.  They probably use newer ones with more features like
OpenBSD Netcat or Netcat6 or Socat (though I guess that one doesn't strictly
count).  And these all vary in the features they offer and option names they
provide.

So, while I think the core options should remain as similar as possible, I'm
of the opinion that other options which aren't available in most popular
implementations can be setup how we like.  I'm all about community input in
these areas.

I suspect virtually everyone on this list uses some incarnation of Netcat on
some sort of a regular basis, so my want is for Ncat's interface to be how we
would all want it.  Well to a certain extent of course, since I don't want a
Socat-style interface or offer basic features like -e under a different name.

> If the plan is improvement all the way, then the file output options
> should be as close a match to nmap's as they can.

Agreed.

Thanks,
Kris Katterjohn

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iQIVAwUBSPFok/9K37xXYl36AQJgVQ/9F1kj9uCLIjce7UJUxRQd8AJUrIizjJLb
Uo4alNVXO1bE657lft9gZhpWeApnyHUgvQizcSQvvxBrMzS+FWkYmQoWmgkWClv8
MAEIYijfDT5MJpnnhctT10gykbzFGh7kGdG+fpsVs3qb0rTDnob48WuJnLOS/vTu
kpHyosDLhh2b7TJ1kVp4+NmMBHX2ZH0I5Nt0YJTEEjmsxbhGn/Len5HTqrDjQOni
/JjgZXbKJGjS5LB43EFBJA1rnfWiiM1hrCIZrrVu/Bdl9ky/Li54nLM/ooLvlHI/
k+756+owT+/jeXAxm/Wk7kaHUctwX5y0MvwLOMIcBNO76fjBtL9GI4bzCRcOv+3W
KF5DtGdnj2tHj+0yXNZNsSU+uA34RZzzT0og5in3XUUSeShy5b5x2Aklla6nso92
lBNZSu8x4fsbIs6r5SwcsuHZJbSNfgWn8vmcKVaSbq4K3omZfCJBvlai+N5ytlDx
MqJDwsHhygCSnmsje47npG+spjwGzUv6Dffa9uN0mFazE+korQabazQxXCwFUdu7
0l8y5PAPiKCNkZznv8Hh89GCvKtcT4QTpnIGMCeWKkKMMnyELkJVpOzwCdtDQTbS
wTz6m5ExEOKo+gWMNbMPiTZ2NlcLJbwtAlrsJoxXax7uP8RakQ+stNZ5wd9WOewP
SIzAOzDCQ3Y=
=Kin/
-----END PGP SIGNATURE-----

_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://SecLists.Org