This is a BSD netcat, I suppose.
I had the same problem, and when I did nc --version , I really saw:
This is nc from the netcat-openbsd package. Alternative nc is available in the traditional netcat package.
The traditional wisdom is that BSD is the βbestβ version (see What are the differences between netcat-traditional and netcat-openbsd? )
But anyway, BSD sources are where you need to look to find the appropriate code where the "X" happens. And you donβt need to look too much!
http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/usr.bin/nc/netcat.c?rev=1.177
A smoking gun is the udptest() function:
int udptest(int s) { int i, ret; for (i = 0; i <= 3; i++) { if (write(s, "X", 1) == 1) ret = 1; else ret = -1; } return (ret); }
And the conditions under which this is caused are if vflag (Verbosity) or zflag (port scan flag):
if (vflag || zflag) { if (uflag) { if (udptest(s) == -1) { ret = 1; continue; } } ...
Regarding the rationale for why the -v switch will start throwing random data on a UDP port, I would suggest that those using -v want to get every bit of the information they can get. Thus, the tradeoff between receiving a start message and a voice connection message is worth helping someone in a debugging situation.
But even in this case, my opinion will be that instead of sending the mysterious "X" , sending something like "NETCAT UDP PING DUE TO -V OPTION" would be better .: - /