PDA

View Full Version : C port scanner



xchg
02-13-2009, 05:08 PM
I want to write simple port scaner in C. Here is my code:



#include <stdio.h>
#include <unistd.h>
#include <sys/types.h>
#include <sys/socket.h>
#include <netdb.h>
#include <netinet/in.h>
#include <string.h>
#include <stdlib.h>

int main(int argc, char *argv[]) {

struct hostent *host;
struct sockaddr_in addr;
int PortSocket;
int from_port = atoi(argv[2]);
int to_port = atoi(argv[3]);


if((host = gethostbyname((const char*)argv[1])) == NULL) {
puts("Bad address\n");
_exit(-1);
}
int i = 0;
for(i = from_port; i <= to_port; i++) {
if((PortSocket = socket(AF_INET, SOCK_STREAM, IPPROTO_TCP)) == -1) {
puts("Can not create socket\n");
_exit(-1);
}

addr.sin_family = AF_INET;
memcpy(&(addr.sin_addr), host->h_addr, host->h_length);
addr.sin_port = htons(i);

if(connect(PortSocket, (struct sockaddr *)&addr, sizeof(addr)) == -1)continue;
printf("Port %d open\n", i);
close(PortSocket);
}
return 0;
}

On LAN working it Ok. But if I try to scan some address from internet it take much more time, for connecting to the ports. I have quite fast connection to the internet. How to set time limit for connect function?.. or if you have some other solution.
Thnak you.

brewbuck
02-13-2009, 05:17 PM
I don't think we really want to help you make what is essentially a DoS device. Scanning ports has legitimate uses -- blasting packets to the Internet as quickly as possible does not.

root4
02-14-2009, 02:35 AM
Port scanning (outside of your lan) is illegal, check your ISP policy for details. Concerning the purely technical question about tcp timeouts, they are configurable via the kernel pseudo-fs /proc/sys/net.

brewbuck
02-17-2009, 05:43 PM
Port scanning (outside of your lan) is illegal, check your ISP policy for details. Concerning the purely technical question about tcp timeouts, they are configurable via the kernel pseudo-fs /proc/sys/net.

Sending packets on the Internet is not illegal. The security of a host does not depend on whether a person is legally allowed to probe it. Depending on such a thing would be idiotic.

Attempting unauthorized access may be illegal, depending on jurisdiction, and packet-flooding somebody is definitely a DoS and probably illegal. But a law that bans sending any packet of any kind to a host on the Internet is ridiculously draconian, and I don't believe such a law exists (again, depending on your jurisdiction).

Legality aside, I don't have much interest in helping somebody send packets as quickly as possible to a host, for the purpose of probing that host.

root4
02-18-2009, 03:41 PM
Sending packets on the Internet is not illegal.

Really? ...



The security of a host does not depend on whether a person is legally allowed to probe it. Depending on such a thing would be idiotic.

Who said the security of a host was depending on the ability to probe it? I was just saying that port scanning (as DoS method) is illegal -- but ok, that's not /illegal/ (at least not directly), simply against most ISP policy -- my bad. However it can go further than a simple 'ban' (see the link below)...

Check this page for details: http://nmap.org/book/legal-issues.html

brewbuck
02-18-2009, 04:34 PM
I have a hard time believing a person could be jailed because they sent a single packet to a host. You have to prove intent.

Blasting a host with packets is clearly a DoS and illegal most places. But attempting to telnet to a port, and getting a rejected connection, is hardly a reason to toss someone in jail.