LinuxQuestions.org
Download your favorite Linux distribution at LQ ISO.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie
User Name
Password
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!

Notices


Reply
  Search this Thread
Old 04-24-2014, 10:47 AM   #1
conks_eddie
LQ Newbie
 
Registered: Apr 2014
Posts: 3

Rep: Reputation: 0
Port Scanner in Bash


Deleted

Last edited by conks_eddie; 05-07-2014 at 11:59 PM.
 
Old 04-24-2014, 02:59 PM   #2
sag47
Senior Member
 
Registered: Sep 2009
Location: Orange County, CA
Distribution: Kubuntu x64, Raspbian, CentOS
Posts: 1,831
Blog Entries: 36

Rep: Reputation: 451Reputation: 451Reputation: 451Reputation: 451Reputation: 451
Is this simply an exercise in bash? If so then I don't mind providing some pointers however if you are in legitimate need of a port scanner then I would say you should use nmap. As for intrusion detection systems there's always bro.
 
Old 04-25-2014, 05:52 AM   #3
conks_eddie
LQ Newbie
 
Registered: Apr 2014
Posts: 3

Original Poster
Rep: Reputation: 0
delete

Last edited by conks_eddie; 05-08-2014 at 12:03 AM.
 
Old 04-25-2014, 06:46 AM   #4
pan64
LQ Guru
 
Registered: Mar 2012
Location: Hungary
Distribution: debian i686 (solaris)
Posts: 8,104

Rep: Reputation: 2267Reputation: 2267Reputation: 2267Reputation: 2267Reputation: 2267Reputation: 2267Reputation: 2267Reputation: 2267Reputation: 2267Reputation: 2267Reputation: 2267
you need to find the processes opened those ports and kill them. do you really want to close all the ports? Probably you will not be able to use that box any more ....
 
Old 04-25-2014, 11:18 AM   #5
conks_eddie
LQ Newbie
 
Registered: Apr 2014
Posts: 3

Original Poster
Rep: Reputation: 0
delete

Last edited by conks_eddie; 05-08-2014 at 12:03 AM.
 
Old 04-25-2014, 11:24 AM   #6
szboardstretcher
Senior Member
 
Registered: Aug 2006
Location: Detroit, MI
Distribution: GNU/Linux systemd
Posts: 3,774
Blog Entries: 1

Rep: Reputation: 1339Reputation: 1339Reputation: 1339Reputation: 1339Reputation: 1339Reputation: 1339Reputation: 1339Reputation: 1339Reputation: 1339Reputation: 1339
This will likely break the box.

But as an excercize, If you are scanning for open ports, then you want to block any ports that you found open, you can work this into your script:

Code:
# for each port found open do this, perhaps a loop...
/sbin/iptables -A INPUT -p tcp --destination-port $port -j DROP

# last thing to do before leaving the program
/sbin/service iptables save
 
1 members found this post helpful.
Old 04-25-2014, 12:03 PM   #7
sag47
Senior Member
 
Registered: Sep 2009
Location: Orange County, CA
Distribution: Kubuntu x64, Raspbian, CentOS
Posts: 1,831
Blog Entries: 36

Rep: Reputation: 451Reputation: 451Reputation: 451Reputation: 451Reputation: 451
You can't close the ports from the outside unless the listening application has an admin port exposed which allows you to close that specific application (e.g. Tomcat has such a port). Otherwise you would need SSH access to said system which would then require you to log in (with a password if manual, or with a key pair if automated) which would then execute a program scan the /proc filesystem for open network ports, use lsof, or use netstat to find the PID of programs listing on said ports and kill them. Not all programs allow themselves to be killed with SIGTERM so you may have to handle that with SIGKILL.

Basically the point I'm making with the above description is you'll not have the ability to close network ports on a remote system simply by using bash.

Here are some bash tips.
  1. Always quote your variables. What if $1 or $2 argument has a space in the argument?
  2. You should practice regularly using braces with variables so the variable is explicit. e.g. ${1} instead of $1 or ${hello} instead of $hello. A good example is when you set `hello="tree"` and then execute `echo "$hello_friend"` expecting to see `tree_friend` but instead get a null result because underscores are considered part of the variable. So it's a good habit to practice.
  3. You should style your code with indenting. It improves readability. Take for example this deploy script. I doubt anyone could easily read it if there was no indenting. Concise and clear comments are recommended too. Describe your functions.
  4. You should make better user of POSIX exit codes. In your script, you have functions reaching out and exiting the script. This is bad practice. Functions should have return values and not exit commands. Then you should use bash logic to handle those functions.
  5. I also tend to include environment information at the top of each script and the date it was created. This way 2 years down the road when you've forgotten how this script was made you at least know which versions of software it was written against to ease updating it or creating the same environment.
  6. You should do preflight checks which validate user input. You should never trust user input to be what you expect it to be. If the last two arguments are supposed to be integers then they better be integers. You should also check the bounds of the user input because there's only so many ports (65535 to be exact) so the program should show meaningful error messages when they enter wrong input arguments.
  7. Use getopt and properly parse arguments for the user. Look at example scripts for getopt usage.

Here's an example of your code rewritten in the way I describe my recommendations (most but not all as I only have so much time).

Code:
#!/bin/bash
#Created by John Doe
#Fri Apr 25 11:56:07 EDT 2014
#Ubuntu 14.04 LTS
#Linux 3.13.0-24-generic x86_64
#GNU bash, version 4.3.8(1)-release (x86_64-pc-linux-gnu)

#DESCRIPTION
#  Checks if the remote host is up.  If the host is up
#  then it will attempt to scan the requested port range
#  and report open ports.

#define variables
host="${1}"
firstport="${2}"
lastport="${3}"

#ping a host to see if it is up
function pingup(){
  ping="$(ping -c 1 -w 10 "${host}" | grep bytes | wc -l)"
  if [ "${ping}" -gt "1" ]; then
    echo "${host} is up, now scanning for open ports";
    return 0
  else
    echo "${host} is down, program will close";
    return 1
  fi  
}

#test a port to see if it is open
function portscan(){
  for ((port=${firstport}; port<=${lastport}; port++)); do
    ( echo > "/dev/tcp/${host}/${port}" ) > /dev/null 2>&1 && echo "${port} is open"
  done
}

#run functions
pingup && portscan
I tend to list the different versions of programs I'm using in the script e.g. Python version if it is python, etc.

I use vim so I used the following commands to get that environment information.

Code:
:r!date
:r!head -n1 /etc/issue
:r!uname -rms
:r!bash --version | head -n1
SAM

Last edited by sag47; 04-25-2014 at 03:09 PM.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
Port Scanner ghandizzle8 Linux - Newbie 9 02-23-2012 04:14 AM
best port scanner To scan open port in a network tanveer Linux - Security 8 01-21-2007 09:19 PM
port scanner and more ANU Linux - Software 1 05-26-2006 10:53 AM
In need of the best port scanner there is! Pcghost Linux - Security 11 03-10-2003 10:37 AM
Port Scanner tfrye Linux - Security 1 04-18-2001 12:22 PM


All times are GMT -5. The time now is 02:53 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration