Re: Ncat portable for Windows (static edition)

[Shinnok <admin () shinnok com>]

Hey Fyodor,

On 06/30/2011 12:39 AM, Fyodor wrote:
> Thanks Shinnok.  This will be good news for all of the people who have
> requested this.
>
> I see that you put instructions into ncat/INSTALL.  While that is a
> logical place, and the instructions are well written, I think it would
> be better to have this on SecWiki.  That makes it easier to update and
> maintain, and also allows better formatting (links, bullet lists,
> etc.)
>
> Would you please make a page on SecWiki.org and move this information
> there?  You could then remove the information from INSTALL and instead
> add a link to SecWiki there.  As for the page name, maybe
> https://secwiki.org/w/Nmap/Ncat-Portable.

Removed the instructions from INSTALL and left a note with a link to the
afferent Secwiki page in r24505.
https://secwiki.org/w/Nmap/Ncat_Portable

> Once the new page is ready, please let me know so I can update the
> CHANGELOG appropriately.  If you can do this fast enough, maybe we can
> get it into the CHANGELOG for the 5.59BETA1 release (due out tonight
> or tomorrow, I think).

Hopefully, it was fast enough. The page is a first draft, but it look
good enough, I'll improve it further later.

> Of course having a large set of compilation instructions is only part
> of the solution.  Most users don't want to deal with that.  So I think
> we should distribute a portable version of Ncat from
> http://nmap.org/ncat/.  Let's wait for the Nmap 5.60 release (due in
> the next couple weeks, probably) and build it then.

I wasn't even thinking that we won't distribute an official Ncat
Portable, otherwise the build instructions have limited visibility.
We definitely must distribute an official release, most likely in
parallel with new Nmap/Ncat stable releases, otherwise other people will
be forced to distribute unofficial releases like for the original
Netcat, which have a trust factor of 0 in most cases.

> If it proves to
> be extremely possible, we can then look into going farther (things
> like including the static SSL libraries in the Nmap tarball and/or
> making the Ncat in normal Nmap packages static and/or even offering
> static versions of the other members of the Nmap suite of tools).
> I'll add a note to the Nmap TODO so we don't forget.

The only big pain in the ass is WinPcap and it's kernel drivers for
Windows. So everything that uses that is a no-no. I am thinking about
some hacks(binary packing and runtime unpacking and automatic driver
loading) but that is not nice for the end-user, so I'll keep it to my
self, for now. :-)

I'll add this research to my low priority todo list and when works gets
thin(not in the near future) or I feel like taking a switch from another
task, I'll dive into it.

PS: What about Linux static binaries?

Cheers,
Shinnok
_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/