Talk:Netcat

From Wikipedia, the free encyclopedia
Jump to: navigation, search
          This article is of interest to the following WikiProjects:
WikiProject Software / Computing  (Rated Stub-class, Low-importance)
WikiProject icon This article is within the scope of WikiProject Software, a collaborative effort to improve the coverage of software on Wikipedia. If you would like to participate, please visit the project page, where you can join the discussion and see a list of open tasks.
Stub-Class article Stub  This article has been rated as Stub-Class on the project's quality scale.
 Low  This article has been rated as Low-importance on the project's importance scale.
Taskforce icon
This article is supported by WikiProject Computing.
 

What does it actually do?[edit]

The article has nothing about what netcat actually does... should the article even exist? with only half a sentence about this basic info it seems to serve no purpose.

Examples section added to make clear what netcat can do. —Preceding unsigned comment added by 207.47.61.234 (talk) 01:26, 3 April 2008 (UTC)

GNU netcat: merge, split, or half-n-half[edit]

Vote Here:[edit]

Voting closed. Merge completed Xrblsnggt 03:09, 6 July 2006 (UTC)

  • (merge) I'm not against adding GNU netcat information here, but it currently has its own article, so trying to add its external link here, when it's already at GNU netcat isn't really consistent. Similarly, adding half of the GNU netcat information to this infobox (while keeping only half of the Hobbit info) isn't consistent. If others think GNU netcat should be merged here, then please explicitely do so in a consistent manner, rather than adding in bits and pieces from the other article. For what it's worth, I support the merge, though another editor felt that it would be akin to trying to merge "OpenSSH into SSH, IPFilter into firewall and Encarta into encyclopedia", which does make some sense (although mergism might dictate that GNU netcat doesn't have enough information for its own separate article yet, and so should be merged here). Anyway, at this point, I'd just settle for a consistent state of things (eg. the external link for GNU netcat being at one article or the other, and perhaps the infobox here showing the most recent date/version of the GNU version, since Hobbit's hasn't been updated for a very long time) --Interiot 14:24, 8 May 2006 (UTC)
  • (merge) Well, I remember viewing that "merge Encarta to encyclopedia" reasoning. It's plainly wrong. While "Encarta" is an encyclopedia, you cannot say that "GNU Netcat" is a "netcat". Netcat was created by Hobbit, and the name is a specific name for some specific functionalities. We are not talking about merging into "Unix software utilities". Also, there is nothing special to write inside a specific article for GNU Netcat, expecially when a small paragraph plus an external link into the main Netcat article can suffice. Even more, there are many Netcat variants out there, some are just a patched version of the original nc110 (the Hobbit's one), some others are full rewrite like GNU Netcat or [1] (the former respects nc110 command line compatibility, the latter does not). That's just my opinion, of course I can understand that the intention of the one that splitted out GNU Netcat into an article by itself was willing to add a consistent Infobox_Software.. but I don't think it's a good idea anyway. --ThG 19:59, 24 May 2006 (GMT)
  • (merge) Vote to merge to keep with existing conventions. Telnet has one page for umpteen implementations, including a GNU version. Other examples include awk, ls, cron... Xrblsnggt 04:40, 13 June 2006 (UTC)

Merge completed Xrblsnggt 03:09, 6 July 2006 (UTC)

netcat flagged up by virus / spyware scanners[edit]

my windows version of netcat is upsetting ad-aware and apparently some virus scanners. I'm adding a sentence or two saying this seems overcautious, any other perspectives / info on security risks would be good

security risks[edit]

I don't quite understand the "security risks" section. In my mind, netcat should raise a red flag if it's been installed surreptitiously; conversely any warnings should be treated as a false alarm if netcat was installed intentionally by the computer's owner (or was installed as part of a default installation). Is there really any inherent extra risk in having netcat installed, above any risk posed by having telnetd or sshd (which can open listening ports that get connected to a shell) or ssh (which can forward ports) installed? --Interiot 05:04, 6 July 2006 (UTC)

Most security software is too dumb to be able to discern surreptitous vs. authorized installation. As to risk, netcat can do things telnet and ssh can't, but it kinda depends on your threat model. Akb4 22:04, 19 September 2006 (UTC)
The bigger problem is not so much that it gets flagged by AV; but that the AV doesn't give you many options. Almost all AV programs will halt execution every time you run it, and almost as many simply delete it on sight, giving you a box saying "We deleted this.", instead of "What should I do with this?". With a lot of AVs you really have to jump through hoops to get pen-testing, or, in nc's case, low level networking utilities, left alone.
But back to the topic at hand; if a mention is made, it should be that while nc can be used for malicious purposes, it is not a malicious program intrinsically; and that often AVs are a little...overzealous in their handling of it. King Spook 09:56, 28 May 2008 (UTC)

My opinion[edit]

It seems that such command like

nc -L #targetip -p #port-number -v -t -d -e cmd.exe

is a Windows only command, because the original necat does not have the option -L. See the Netcat Mannual Page

No, it just needs to be compiled with specific flags enabled to activate the -L flag. For security reasons, most precompiled distributions aren't compiled with these flags, so the -L flag is usually not available, and you need to recompile it yourself if you want that. The windows compiled versions, for whatever reasons, are precompiled with those flags. -82.156.210.192 (talk) 15:41, 4 August 2008 (UTC)

GAPING_SECURITY_HOLE[edit]

(yes, it needs an explanation/desciption)

Netcat is USEFUL, remember[edit]

For such a handy tool (not just for hacking) there seems to be a lot more on the risks than the uses. --대조 | Talk 08:58, 6 February 2007 (UTC)

Hacking?[edit]

I wouldnt say nc can be used for hacking, more debugging.. If you refer to the malicious action that is trying to break into a system, that'd be called cracking.

129.240.70.72 10:55, 20 February 2007 (UTC)

netcat site (vulnwatch.org) down?[edit]

The vulnwatch.org site does not work at all. Where can one get nc for Windows, then?

217.77.161.17 (talk) 09:42, 28 May 2008 (UTC)

The vulnwatch.org linked as home the page appears to have expired and is serving malware!! Please update or remove the link. —Preceding unsigned comment added by 96.230.138.100 (talk) 17:03, 6 April 2009 (UTC)

Yes, vulnwatch.org appears to be dead, but I doubt it is serving up malware, it is a godaddy parking page now. I have changed the URLs in the to source forge. Wrs1864 (talk) 17:49, 6 April 2009 (UTC)

Evil netcat?[edit]

Anyone ever used Netcat to do this?

Cant it be added to the official netcat wiki? —Preceding unsigned comment added by 41.240.64.31 (talk) 19:04, 3 August 2008 (UTC)

Usage examples[edit]

According to the man page for nc,

 -l      Used to specify that nc should listen for an incoming connection rather than initiate a connec-
            tion to a remote host.  It is an error to use this option in conjunction with the -p, -s, or -z
            options.  Additionally, any timeouts specified with the -w option are ignored.

but the example on the page shows $nc -l -p 3333. Ergosteur (talk) 03:30, 17 November 2008 (UTC)

Hm, indeed and I was about to change this, but: netcat-traditional seems to need "-l -p 3333", it won't listen on a local 3333 port without the -p. The more flexible netcat-openbsd does not accept -p in combination with -l and the manpage contains the comment you quoted above. However, I'm not too eager providing examples for all netcat versions out there, I think the few examples are more than enough for an encyclopedia :) 78.47.219.222 (talk) 19:57, 9 August 2009 (UTC)

Version weirdness[edit]

The infobox in the article says the latest version is 1.10 March 20, 1996, while the linked homepage says : 0.7.1 released on 11 Jan 2004. Someone should fix it up. --Xerces8 (talk) 15:58, 21 April 2009 (UTC)

This is because this article confuses the legacy original version (which has no page actually, mirrored at http://nc110.sourceforge.net/ ) and the new GNU implementation (which is GPL licensed) called GNU Netcat ( http://netcat.sourceforge.net/ ). Maybe this needs clarification because the hobbit version of netcat has nothing to do with the GNU version. --Netol (talk) 21:25, 6 September 2009 (UTC)

Varaints[edit]

I'd like to see a table of the netcat varaints. I think it should include all the the programs that are trying to be descendants (in spirit) of *Hobbits*'s netcat, whereas cousins should not be in this table. I have started one here, but I did not put it in the article because it is not complete.

Netcat variants
name Author last release URL
Netcat (the original) *Hobbit* version 1.10 (March 20, 1996)
OpenBSD Netcat Eric Jackson version 1.98 (July 3, 2010) http://www.openbsd.org/cgi-bin/cvsweb/src/usr.bin/nc/
GNU Netcat Giovanni Giacobbi version 0.7.1 (January 11, 2004) http://netcat.sourceforge.net/
Netcat 6 Mauro Tortonesi et al. version 1.0 (January 19, 2006) http://www.deepspace6.net/projects/netcat6.html
Ncat Fyodor et al. version 6.x (generally the same version as Nmap releases, even though there may not be any new features) http://nmap.org/ncat/

--GdcRNT (talk) 00:11, 14 October 2010 (UTC)

Added Fyodor's Ncat. Family Guy Guy (talk) 18:54, 4 June 2014 (UTC)

General Feedback[edit]

This article is great, the more content, the better. All the examples are great. Keep up the good work! — Preceding unsigned comment added by 75.149.163.230 (talk) 00:19, 17 August 2011 (UTC)

Nmap/Ncat -c option[edit]

The ncat implementation does support the -c parameter.

It's mentioned on the man page: [[2]] Family Guy Guy (talk) 01:00, 31 May 2013 (UTC)

*Hobbit*[edit]

I was wondering who is Hobbit or what happened to him? Is he underground? Or working in the security industry?

Family Guy Guy (talk) 06:02, 13 December 2013 (UTC)