Nmap Development mailing list archives

Previous By Date Next
Previous By Thread Next

Re: ncat udp

From: David Fifield <david () bamsoftware com>
Date: Fri, 27 Mar 2009 13:07:21 -0600
On Fri, Mar 27, 2009 at 12:15:48PM +0100, Marius Sturm wrote:

Now that we allow multiple connections, could you implement the
--max-conns option in ncat_listen_udp? It just involves updating and
checking the conn_count variable like in ncat_listen_tcp.

The only remaining difference is UDP is listen mode without an exec
option. That still only accepts one client. Making that work like TCP
mode will be more difficult because we will have to maintain a list of
connected clients and somehow decide when to remove a client from the
list.


Thanks for your patch. I have committed it.


The same problem concerns --max-conns. You have to decide when a child
will be terminated, if it don't terminates by itself, or the conn_count
is never be decremented, e.g. --exec "/bin/cat".

So you can not do things like this,
ncat -l --udp --exec -m 2 "/bin/cat"

ncat --udp localhost
ncat --udp localhost ^C

ncat --udp localhost

Maybe we can kill a child after some idle timeout?


I think that is a reasonable solution. I would like to see a general
solution that works for listen and exec modes. Such a solution would
even enable UDP connection brokering. It would involve finding a
representation for the list of "connected" clients, and some mechanism
for "disconnecting" them. Maybe you just kill the oldest one once you
reach the connection limit, or only if it has been idle for some period.

Measuring idleness with --exec would be difficult, because we currently
give up control of the socket when we hand it to the child process. I
can see a solution where we fork off a "caretaker" process that shuttles
data to and from the child process (like we do in a thread under
Windows) and can measure for idleness. This is rather cumbersome, but it
would also enable --exec to work with --ssl, which it doesn't currently.

David Fifield

_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://SecLists.Org
Previous By Date Next
Previous By Thread Next

Current thread: