Implementations:
  - original netcat
    http://www.vulnwatch.org/netcat/
    - the infamous nc110.tgz
    - lines of code: 2045
    - quite badly readable code
    - code contains not very polite words
      => cleanup would be needed
  - GNU netcat
    netcat-0.7.1
    http://netcat.sourceforge.net/
    - tunneling possibilities
      - not present in other implementations ?
    - contains all the configure mess
    - again, badly readable code (bloat)
    - lines of code: 3681
    - too terse man page
      - tunnel mode (-L) is almost unexplained
  - NetBSD
    - does not have netcat in base system, uses pkgsrc:
      http://pkgsrc.se/net/netcat
      http://www.securityfocus.com/tools/137
      - this is original netcat by hobit
    - simple patches:
      - #include <string.h> (patch-a[a-c])
      - introduce -q , -b options: (patch-ad)
	-b			allow broadcasts
	-q secs			quit after EOF on stdin and delay of secs
      - use pksrc-supplied CC (patch-a[ef])
  - FreeBSD
    original netcat in /usr/bin/nc (base system)
    - added IPv6 support
    - knows SOCKSv4/5 + HTTPS proxy support
      - compile dir:
        http://www.freebsd.org/cgi/cvsweb.cgi/src/usr.bin/nc/
	- compiled with -DIPSEC -lipsec (!)
      - src dir:
        http://www.freebsd.org/cgi/cvsweb.cgi/src/contrib/netcat/
	- clearly, it is netcat imported from OpenBSD 3.9
  - OpenBSD
    - clean reimplementation of original netcat idea
    - source code:
      http://www.openbsd.org/cgi-bin/cvsweb/src/usr.bin/nc/
      - uses atomicio.c:atomicio() just like OpenSSH/SunSSH
      - no IPsec support
      - SOCKSv4/5 +HTTPS proxy support
    - lines of code: 1266
      - smallest code
      - very readable
    - man page:
      http://www.openbsd.org/cgi-bin/man.cgi?query=nc&apropos=0&sektion=1&manpath=OpenBSD+Current&arch=i386&format=html

--------------------------------------------------------------------------

Feature comparison:

		| nc110(orig) | GNU (0.7.1) | OpenBSD nc |  FreeBSD nc |
proxy support	|     No      |     Yes     |     Yes    |     Yes     |
SSL             |     No      |     No      |     No     |     No      |
IPv6		|     No      |     No[1]   |     Yes    |     Yes     |
TCP MD5		|     No      |     No      |     Yes    |     Yes     |
IPsec		|     No      |     No      |     Yes[2] |     No      |
Tunneling[3]    |     No      |     Yes     |     No     |     No      |
Exec. cmds[4]	|     Yes[6]  |     Yes     |     No[5]  |     No      |
Src routing[7]  |     Yes     |     No[8]   |     No     |     No      |
Src addrsel[9]  |     Yes     |     Yes     |     Yes    |     Yes     |
Telnet support  |     Yes[10] |     Yes     |     Yes    |     Yes     |

[1]  will be added in 0.8.0
[2]  IPsec support uses ipsec_set_policy() which is KAME/BSD-centric
     so it cannot be used on Solaris
[3]  specify listen and connect port at the same time
     can be used e.g. as port redirector
[4]  command execution (-e)
     considered security risk
[5]  removed from OpenBSD's implementation early on
[6]  has to be compiled in with GAPING_SECURITY_HOLE define 
[7]  loose source routing (for IP spoofing)
[8]  has -g/-G cmdline options defined but not used
[9]  source address selection
[10] has to be compiled in with TELNET define

NOTE #1: comparing nc from OpenBSD 4.0
NOTE #2: FreeBSD's nc is virtually the same as OpenBSD's
         http://www.freebsd.org/cgi/cvsweb.cgi/~checkout~/src/contrib/netcat/FREEBSD-upgrade?rev=1.1.2.1&content-type=text/plain
NOTE #3: proxy support usually means multiple versions of SOCKS (v[45])
         and HTTPS proxy