Nmap Development mailing list archives

Previous By Date Next
Previous By Thread Next

Re: ncat should try connecting to all resolved addresses, not only the first one

From: Daniel Miller <bonsaiviking () gmail com>
Date: Fri, 13 Dec 2013 12:52:49 -0600
On 12/12/2013 07:16 PM, Fyodor wrote:

* Ncat is a pretty low level tool.  If it times out an address or
connection is refused, user might want to know about it rather than have
Ncat "magically" try other addresses.

* Changes like this risk adding new bugs and/or breaking things for people
who depended on the old behavior.  This is only a minor con since it could
be used to argue against any change, and we do like to move forward.
This got brought up because RedHat is using Ncat as a Netcat replacement. The OpenBSD version of Netcat (used on many systems) has this behavior at least for 4-to-6 and 6-to-4 fallback (just tested). I don't have a setup to test whether it uses it for A-record fallback, too. If we want to be compatible (as evidenced by design decisions in Ncat's past), we should support the same set of fallbacks as Netcat does. "Magic" can be reduced by verbose output when that is requested. 

Dan
_______________________________________________
Sent through the dev mailing list
http://nmap.org/mailman/listinfo/dev
Archived at http://seclists.org/nmap-dev/
Previous By Date Next
Previous By Thread Next

Current thread: