LWN: Comments on "Nmap 5.00 released"

Nmap 5.00 released

tialaramex — Tue, 21 Jul 2009 09:49:30 +0000

and so netcat has a flag to set this socket option. I'm happy with that. What I was reacting adversely to was the suggestion that keepalive should be the default.

Nmap 5.00 released

dankamongmen — Sun, 19 Jul 2009 09:21:45 +0000

bounded LRU, buddy

Nmap 5.00 released

dankamongmen — Sat, 18 Jul 2009 06:54:23 +0000

i think you're right. embarrassing!

Nmap 5.00 released

speedster1 — Sat, 18 Jul 2009 05:11:49 +0000

>> The feature of socat I most often use that's lacking in nc(at) is AF_UNIX support.

>Would someone really have written socat(1) and not taken the time to include PF_UNIX?

I think you read that backwards -- the parent poster was actually applauding AF_UNIX support as a great socat feature.

Nmap 5.00 released

dankamongmen — Fri, 17 Jul 2009 20:40:42 +0000

GOPEN:<filename>
(Generic open) This address type tries to handle any file system
entry except directories usefully. <filename> may be a relative
or absolute path. If it already exists, its type is checked. In
case of a UNIX domain socket, socat connects; if connecting
fails, socat assumes a datagram socket and uses sendto() calls.
If the entry is not a socket, socat opens it applying the
O_APPEND flag. If it does not exist, it is opened with flag
O_CREAT as a regular file (example).
Option groups: FD,REG,SOCKET,NAMED,OPEN
See also: OPEN, CREATE, UNIX-CONNECT

Furthermore, SOCKET-* are fully generic on the socket(2) system call (they accept three params, for a domain, protocol, and local address.

Would someone really have written socat(1) and not taken the time to include PF_UNIX?

Nmap 5.00 released

quotemstr — Fri, 17 Jul 2009 18:20:33 +0000

socat is nice (aside from the massive set of options). The feature of socat I most often use that's lacking in nc(at) is <b>AF_UNIX support</b>.

Nmap 5.00 released

dlang — Fri, 17 Jul 2009 17:30:19 +0000

if firewalls (including NAT devices) didn't drop info about the connection after some period of inactivity you would have the equivalent of a memory leak because a system crash or reboot would leave the device 'tracking' a connection that the endpoint no longer knows about, and will never close.

routers and firewalls don't have infinite resources, so if you never timeout 'idle' connections you will eventually crash instead and take out everything

Nmap 5.00 released

foom — Fri, 17 Jul 2009 15:05:36 +0000

I dearly wish the majority of NAT gateways and firewalls out there didn't drop TCP connections after 10 minutes of inactivity. But they do. It sucks, yes. But that's what's out there...

My home NAT (linksys) did this. (until I replaced it with a linux box). And a non-natting firewall (Cisco, I think) at my workplace does this between certain internal networks!

I'm sure glad you have a non-broken network, but a great many people don't.

Nmap 5.00 released

nix — Fri, 17 Jul 2009 10:35:58 +0000

Oh, there's nothing wrong with socat's documentation. It's just that if you print the manpage out it's 40 pages long. It has *so many* options that trying to find the one you want is quite painful, even though they're all fairly regular. The options had to be classified along multiple dimensions to make sense of them...

(I picked Emacs for a reason: it too has excellent documentation and is huge.)

Nmap 5.00 released

tzafrir — Fri, 17 Jul 2009 09:08:44 +0000

netcat and similar tools are one of those things that should also be usable on broken networks, if possible.

Nmap 5.00 released

fyodor — Fri, 17 Jul 2009 08:38:17 +0000

For IPv6 we support TCP scanning (connect()-style), host discovery (connect) style), version detection, and NSE in Nmap. So you have the basics. Also, pretty much every part of Ncat should support IPv6 (there might be some aspects which don't due to lack of testing, but we'd consider that a bug to be quickly fixed). Ndiff supports IPv6 too.

However, Nmap cannot do the raw packet IPv6 stuff, such as UDP scan or the raw-packet TCP port scans (SYN, FIN, etc.) or raw packet host discovery modes. I agree that it would be great to add that functionality, and we're always looking for volunteers!

Nmap 5.00 released

tialaramex — Fri, 17 Jul 2009 08:26:03 +0000

On the SO_KEEPALIVE issue, some of us don't have broken networks, and the constant pressure to give in and put every node on the Internet the other side of two layers of amateur hour NAT and have it only ever sort-of work with HTTP and nothing else is exactly the sort of thing that gives us a headache.

One of the things we should have learned from the "browser wars" era web experience is that meekly going along with whatever craziness is currently dominant doesn't get you progress, just more pain. The standard says your TCP connection doesn't need keep alive packets, so there's no reason to send them by default.

More practically, if I have a quiescent connection, and I pull the rug out from under it, then put the rug back before using it, I expect it not to notice. With SO_KEEPALIVE the OS will notice and drop the connection. So forcing SO_KEEPALIVE throws away a feature I use. No thanks.

Nmap 5.00 released

arekm — Fri, 17 Jul 2009 07:28:14 +0000

Very incomplete IPv6 support, well.. There always will be 6.00 and others.

Nmap 5.00 released

drag — Thu, 16 Jul 2009 23:09:21 +0000

Ya...

I find quite a large number of what should be very good and high quality open source projects that are just utterly and completely useless do to shitty, out of date, or non-existent documentation.

Just a rant. A side note.

Just a reminder to myself a others.. the quality of your documentation is more important then the quality of your code.

Nmap 5.00 released

foom — Thu, 16 Jul 2009 22:58:40 +0000

Hm, two things I use that seems to be missing in ncat vs. the nc available on debian:

-q secs                 quit after EOF on stdin and delay of secs
-k                      set keepalive option on socket

The -q argument is somewhat like ncat's --send-only, except that it allows receiving data too, as long as you haven't closed stdin yet. I use that one a fair bit. Generally as -q0. I want the client to be able to send and receive data, but to be in control of closing the connection. The -k option is pretty self-explanatory -- it's useful when you're going through firewalls. Although really, I don't know why SO_KEEPALIVE isn't just on by default in the network stack with a timeout of 8 minutes, these days...

Nmap 5.00 released

fyodor — Thu, 16 Jul 2009 22:10:36 +0000

Good question. I have always loved Hobbit's original netcat, but it hasn't been maintained in more than a decade and it is missing modern features. Our Ncat is cross-platform (even us Linux devotees need to use or debug something on Windows or Mac once in a while) and offers things like SSL encryption, IPv6, a neat "connection brokering" feature for connecting machines behind NAT gateways, socks/http proxy (and proxy chaining) support, and many other goodies. We wrote a details Ncat Users' Guide detailing common tasks that are easier with Ncat.

Nmap 5.00 released

nix — Thu, 16 Jul 2009 20:53:06 +0000

A short and comprehensible manpage? A set of options short enough that
people learning it don't die of starvation before they're finished?

socat is amazing, but it's pretty much the Emacs of netcats.

Nmap 5.00 released

nix — Thu, 16 Jul 2009 20:38:44 +0000

Nice to know that the most significant feature of them all got a major
enhancement:

'The compile-time Nmap ASCII dragon is now more ferocious thanks to better
teeth alignment.'

(On a more serious note, the network topology graphing looks seriously
nifty. Can't wait to try it.)

Nmap 5.00 released

chmouel — Thu, 16 Jul 2009 20:13:56 +0000

what's the different between this ncat version and the other widely available
versions of netcat?

Nmap 5.00 released

dankamongmen — Thu, 16 Jul 2009 19:09:00 +0000

Thanks for the (as always) excellent work, Fyodor! ncat sounds a lot like socat -- what was socat missing that ncat brings to the table?

http://www.dest-unreach.org/socat/

Nmap 5.00 released

fyodor — Thu, 16 Jul 2009 19:06:39 +0000

Thanks for mentioning the new release, and I hope my fellow LWN members enjoy it! We've also made major improvements to the Zenmap GUI and results viewer. But if I had to pick one thing, I think I'm most excited about Ncat. I find myself using it every day now for one thing or another.