Re: Netcat VS 'real' clients
From: Jayson Anderson (sonick_at_sonick.com)
Date: 08/24/05
- Previous message: Stefano Zanero: "Re: QualysGuard - VA/PT appliance"
- In reply to: Ishay: "Netcat VS 'real' clients"
- Next in thread: Irene Abezgauz: "RE: Netcat VS 'real' clients"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
To: pen-test@securityfocus.com Date: Wed, 24 Aug 2005 11:02:01 -0700
Barring any protocol optioning anomoles, idiosyncracies vs.
standards-implementation or application-specific fixed-length padding
etc. or any other kind of identifiable application-specific trait, then
the answer is yes: netcat can perform the same operation provided you
supply the correct I/O iterations on your side of the socket. The other
big giveaway when humans become involved is timing. if /var/log/maillog
has 2 seconds elapsed for userbob to pop his mailbox, followed by a 13
second elapsed time while you fiddle trying to cut/paste or type
straight in the protocol mechanics, then that is visible :) much smaller
nuances can be had I'm sure for each application, so the ultimate answer
is "mostly yes, but it ultimately depends on the level of scrutiny on
the server side."
Jayson
On Wed, 2005-08-24 at 15:11 +0300, Ishay wrote:
> I wonder if using netcat is simulating the Http,Imap,Pop3,Ftp,SMTP as
> the real clients does?
> For e.g. pentest for pop3 with netcat VS outlook.
- application/pgp-signature attachment: This is a digitally signed message part
- Previous message: Stefano Zanero: "Re: QualysGuard - VA/PT appliance"
- In reply to: Ishay: "Netcat VS 'real' clients"
- Next in thread: Irene Abezgauz: "RE: Netcat VS 'real' clients"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
