LiveZilla Live Chat Software

How to reproduce network errors (DNS, SMTP, …) with NetCat

Written by Yves Lacombe on . Posted in Best Practices

As an administrator, developer, support technician, or a quality analyst who works with email or network solutions, you probably often face issues caused by a network component that fails randomly. For example, a DNS server could time out sporadically, or the SMTP server rejects recipients because it doesn’t feel like accepting them. So you start by troubleshooting the problem by analyzing  logs and network traffic (WireShark rules!). But at some point, you want to reproduce the issue so you can validate your fix or simply check your beloved system’s behavior wink

And that’s when it becomes complicated, because random issues will never happen when you need them to, and you have to sit and wait for the problem to happen again. Not really an efficient use of your time!

So what you need is a tool that can mimic flawed server behavior. It must act as a server, accept connections from clients, and process them according to specific behavior that you define. This way, you can have your own fake DNS server that accepts any query but lets it time out, or your own SMTP server that accepts connections but rejects all recipients. Also, this tool shouldn’t be limited to DNS or SMTP: you could use it for any protocol, and it could act as both a server and a client.

Well, I’ve got great news – this tool exists (and it’s been out for a while, actually).  It’s free, simple to use, offers all the features listed above, and it’s even available for Windows! It’s NetCat for Windows.

So, how do you use NetCat to setup a DNS server to time out systematically?

  1. Download NetCat from http://www.downloadnetcat.com/
  2. Stop your DNS service, if you have one running
  3. Run this command: nc -L -p 53
    • This will create a server that listens on a DNS port (-p 53), and accepts client     connections, but never sends a response, hence simulating a timeout.
    • The -L parameter will ensure that your NetCat server restarts each time a connection is     closed.
    • For more details about parameters, just execute nc—help.
  4. Change your DNS client settings to point to the machine where your fake DNS server is     running.

And that’s all folks! You can now reproduce the issue at will. Obviously, the same procedure can be applied to reproduce any kind of server timeout (POP, IMAP, SMTP, etc.). To do so, simply change the port number in the command line.

Now for our other situation: how do you reproduce a SMTP server that returns an error on recipient validation?

  1. Create a text file called smtp_error_on_rcpt_to.txt, that  contains the following lines:
  • 220 Welcome to the NetCat Fake SMTP Server
  • 250 OK (replying to the HELO command)
  • 250 OK (replying to the MAIL FROM command)
  • 450 Temporary failure  (replying to the RCPT TO command)
  1. Stop your SMTP server, if you have one running
  2. Run this command: nc -L -p 25 -i 5 < smtp_error_on_rcpt_to.txt

This will create a SMTP server that listens on port 25, and sends one line from the input file every 5 seconds (-i 5) on any new connection, hence simulating a SMTP conversation with your client.

You can see how easy it is to modify the input file to adapt the behavior to your needs. You can also see that NetCat can be used (in fact is mainly used) as a network client, and that it can easily interact with a server. It makes it easy, for example, to send an email from a batch script. I won’t cover this point here – there are many tutorials on the web detailing how to do that.

Granted, NetCat won’t be useful in all situations. You could say that NetCat is kind of dumb: that it doesn’t interpret data received from its clients, that it has no conditional logic and will just blindly send the same sequence of data read from its input file, and that it doesn’t work nicely with binary protocols. Yet, its simplicity makes it a great tool, and it has helped me in many situations. I hope it will do the same for you. And if you’re aware of other, more advanced tools, feel free to comment and to share them with everybody.

 

Trackback from your site.

Yves Lacombe

Yves Lacombe

Yves Lacombe has been working on Internet Infrastructure products for over 15 years. He is an Internet Security expert and one of his company's gurus. He has forgotten more things about Email Security than most people will ever know. He runs numerous heavily secured email servers and is constantly getting in trouble while trying to hack into his company's products. Yves has two mottos that he lives by: “The buck stops here” and “Lets just get the job done”.

Leave a comment

Whitepaper Downloads

  • Spam Industry terms
  • Antispam checklists
  • Tips and tricks
  • In depth research analysis

Download

Customer Quote

No one other than Vircom offers a solution that blends such an amazing catch-rate with extremely low false-positives.

    Gary King
    Net-Noggin