Nmap Development mailing list archives
Re: [nmap-svn] r12219 - nmap-exp/david/ncat-allowdeny/test
From: Fyodor <fyodor () insecure org>
Date: Sat, 21 Feb 2009 02:06:06 -0800
On Fri, Feb 20, 2009 at 09:24:40PM -0700, David Fifield wrote:
On Fri, Feb 20, 2009 at 02:38:29PM -0800, Fyodor wrote:On Fri, Feb 20, 2009 at 09:01:00AM -0800, commit-mailer () insecure org wrote:The specifications "1", "1.2", and "1.2.3" are interpreted as 0.0.0.1, 1.0.0.2, and 1.2.0.3 respectively. That's surprising, but it's how ping and my web browser interpret the addresses, so Ncat should do the same.
Interestingly, iptables allows those too, but interprets them differently. Iptables treats "1.2" as "1.2.0.0". My ping treats it as 1.0.0.2, like yours. I can actually see the IPTables notation as being a bit useful when you're specifying CIDR masks. So you could --allow 192.168/16 or 10/8. I haven't thought of a use yet for the "1.2 == 1.0.0.2" behavior. I guess it could get points for compatability with some other programs such as ping. And I guess points for "already working that way". Anyway, it is a minor detail. Though I think my favorite of the approaches would be the error message approach or the iptables one. Cheers, -F _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://SecLists.Org
Current thread:
- Re: [nmap-svn] r12219 - nmap-exp/david/ncat-allowdeny/test Fyodor (Feb 20)
- Re: [nmap-svn] r12219 - nmap-exp/david/ncat-allowdeny/test David Fifield (Feb 20)
- Re: [nmap-svn] r12219 - nmap-exp/david/ncat-allowdeny/test Fyodor (Feb 21)
- Re: [nmap-svn] r12219 - nmap-exp/david/ncat-allowdeny/test David Fifield (Feb 20)