Home page logo

nmap-dev logo Nmap Development mailing list archives

Re: ncat should try connecting to all resolved addresses, not only the first one
From: David Fifield <david () bamsoftware com>
Date: Tue, 10 Sep 2013 14:54:16 -0700

On Mon, Sep 02, 2013 at 12:26:24PM -0400, Jaromir Koncicky wrote:
I made a patch which adds this functionality: if one resolved address fails, next one is tried.
You can find it there: https://bugzilla.redhat.com/show_bug.cgi?id=978964#c6

I am not very familiar with the code, so I'd like to consult how to do
this better. I don't think the way I made it is ideal and would like
to make it more acceptable.

Thanks for the patch.

I agree with Thomas Hozza's comments at

You can't use global state in the resolver. What you will want to do is
store all the potential addresses of the target in ncat_main.c. Then in
ncat_connect, call nsock_connect_{tcp,ssl,sctp,udp} with the first
address. Then, in connect_handler, if the connection timed out, do
another nsock_connect_{tcp,ssl,sctp,udp} on the next address.

The changes aren't trivial, and I'm also not sure they are completely
specified--for example, what should happen if a port is closed on IPv6
but open on IPv4? Is "connection refused" the same as "timed out" for
the purposes of attempting to reconnect? Suppose it does, you have a
script that relies on this behavior--then what happens if someone
manages to open the IPv6 port and intercept your connection?

David Fifield
Sent through the dev mailing list
Archived at http://seclists.org/nmap-dev/

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]