Re: [nmap-svn] r12219 - nmap-exp/david/ncat-allowdeny/test

[Fyodor <fyodor () insecure org>]

On Fri, Feb 20, 2009 at 09:24:40PM -0700, David Fifield wrote:
> On Fri, Feb 20, 2009 at 02:38:29PM -0800, Fyodor wrote:
> > On Fri, Feb 20, 2009 at 09:01:00AM -0800, commit-mailer () insecure org wrote:
> > > The specifications "1", "1.2", and "1.2.3" are interpreted as 0.0.0.1,
> > > 1.0.0.2, and 1.2.0.3 respectively. That's surprising, but it's how ping
> > > and my web browser interpret the addresses, so Ncat should do the same.

Interestingly, iptables allows those too, but interprets them
differently.  Iptables treats "1.2" as "1.2.0.0".  My ping treats it
as 1.0.0.2, like yours.  I can actually see the IPTables notation as
being a bit useful when you're specifying CIDR masks.  So you could
--allow 192.168/16 or 10/8.  I haven't thought of a use yet for the
"1.2 == 1.0.0.2" behavior.  I guess it could get points for
compatability with some other programs such as ping.  And I guess
points for "already working that way".

Anyway, it is a minor detail.  Though I think my favorite of the
approaches would be the error message approach or the iptables one.

Cheers,
-F

_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://SecLists.Org