Home page logo

nmap-dev logo Nmap Development mailing list archives

Re: [PATCH] [Ncat] Fix EOF handling
From: David Fifield <david () bamsoftware com>
Date: Sun, 19 Apr 2009 13:33:01 -0600

On Sun, Apr 19, 2009 at 02:34:21PM +0200, Daniel Roethlisberger wrote:
bensonk () acm wwu edu <bensonk () acm wwu edu> 2009-04-18:
The standard netcat behavior as defined by the canonical
implementation by hobbit explicitly does not halt on EOF.
I would recommend reversing the option, and instead providing
an option like "-q N" in gentoo's netcat.  The "-q N" option
means "after EOF, exit after N seconds". 

I think that, in general, usefulness should supercede history.

I fail to see a use case for keeping running after EOF on the
client side.  If I want Ncat to keep receiving data, I just make
sure not to close Ncat's stdin.  By closing Ncat's stdin (^D on a
tty or close() on the fd in a shell pipe) I signal Ncat that I'm
done.  This is the Unix way of handling standard input/output,
and is what I expect from command line utilities to adhere to, in
order to be useful in constructing larger command pipes.

I have been annoyed that Ncat doesn't quit on EOF from stdin sometimes
too. I had to add a note recommending ctrl+C to
http://nmap.org/ncat/guide/ncat-file-transfer.html. It's not as easy as
with a pipe, though, because pipes are one-way and Ncat can both read
and write its socket.

Do you have a use case that is better served by a -q timer than
proper EOF handling?

In some cases quitting on EOF is the right behavior, as in your
        tar cvf - somedir | ncat server 1234
But in other cases, staying alive until the remote end closes the
connection is correct. Consider
        echo -e 'GET / HTTP/1.0\r\n\r\n' | ncat scanme.nmap.org 80
With current Ncat you get a web page printed to the screen, and Ncat
exits. With the EOF patch, you get nothing (and Ncat exits).

So it's hard to pick a good default. The documentation at
http://nc110.sourceforge.net/ has not quitting on EOF as a feature:
        You may be asking "why not just use telnet to connect to
        arbitrary ports?" Valid question, and here are some reasons.
        Telnet has the "standard input EOF" problem, so one must
        introduce calculated delays in driving scripts to allow network
        output to finish.
Then there is a -w <secs> option to quit after some period of

I don't have experience with earliers Netcats so I don't know what's
best. I guess my bias would be to leave connections running by default,
and add a switch to close on stdin EOF, the reason being that in case of
user error it's better to receive extra data than to potentially throw
data away. It looks like we can't have the default behavior be
compatible with all the other Netcats.

Ncat used to have documented a non-functional option --disable-eof-Exit.
It sounds like it was meant to do what the -k option would do. If we go
that route I like the name -k better.


David Fifield

Sent through the nmap-dev mailing list
Archived at http://SecLists.Org

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]