ProgrammingThis forum is for all programming questions.
The question does not have to be directly related to Linux and any language is fair game.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
Hello,
I have this project where I have to implement a simple port scanner in C++ for Linux. The program should take as input a target IP address, beginning
port number, and ending port number.After recieving the above info, the program should display a list of open ports. This seems not too bad but I have NO IDEA where to begin to implement a port scanner. By any chance can anyone direct me in the right path! Any response/advice will be helpful.
The best known port scanner I can think of is nmap of course. Take a look into it and do a google search for "open source port scanner" or something like that. You might find something light enough to provide a starting point. Cheers
Read about sockets in linux?
A port scanner isn't a big threat unless it's something many people worked on and improved, since the most basic usually doesn't go very far:
check port #1, check port #2, check port #3 etc.
Most firewalls and security admins should catch that pretty easily.
Simply "connect()" to a port; if it succeeds, then the port is open; if it fails, the reason for failure may give a clue why it failed (no listener, blocked by firewall, whatever).
On the networks I work on, if you ever tested such a thing you'd be in trouble; I don't know of anyone who's not checking for port scans.
Pinniped,
Thanks!! However, how do you check ports in C++ in Linux. I think if I knew how to even access ports I think I could do this. Any advice/example will be greatly appreciated.
Thanks in Advance!!
you can thread each connect() attempt to make to scan faster.
The nmap manual also talks in detail about how it does SYN scanning.
As for this type of program being 'dangerous', I imagine nmap is a much better product that's distributed with most major Linux distributions. Besides, as has been stated, any half decently competent sys admin will be monitoring for port scans.
Hello,
I have this project where I have to implement a simple port scanner in C++ for Linux. The program should take as input a target IP address, beginning port number, and ending port number.After recieving the above info, the program should display a list of open ports. At this time I have it doing the above through a socket but it takes a very long time to search a wide range of ports. I was told that the run time would greatly decrease if I had several sockets open. However, I am confused about how to open several sockets at once. Any advice/input would greatly be appreciated.
Hello,
I have this project where I have to implement a simple port scanner in C++ for Linux. The program should take as input a target IP address, beginning port number, and ending port number.After recieving the above info, the program should display a list of open ports. At this time I have it doing the above through a socket but it takes a very long time to search a wide range of ports. I was told that the run time would greatly decrease if I had several sockets open. However, I am confused about how to open several sockets at once. Any advice/input would greatly be appreciated.
Thanks in Advance
Threading. Start up a thread for each socket.
I've used pthread.. but it's a C library, so it won't play well with your object oriented design. zthread (http://zthread.sourceforge.net/) was another library I found out about later, no personal experience with it though.
I've used pthread.. but it's a C library, so it won't play well with your object oriented design. zthread (http://zthread.sourceforge.net/) was another library I found out about later, no personal experience with it though.
Threads will not help at all on a uniprocessor and even on a multiprocessor machine the benefits of threading a port scanner are dubious. The best way to scan faster is to open a lot more ports at once, which means calling socket() and connect() many times in one pass. Managing so many open sockets at once is slightly more complex with a single thread than with multiple threads, but it does not have the overhead (context switching) of the multithread approach. Using a single thread does force you to think of sensible ways to manage the many sockets and their states, while the code looks slightly neater with the multithread approach but also forces you to use IPC mechanisms.
"pthread" will work with C++ just as it works with C.
pinniped,
Thanks! By any chance can you give me an example on how to go about doing what you stated(The best way to scan faster is to open a lot more ports at once, which means calling socket() and connect() many times in one pass.). This is my first time working with sockets and don't fully understand. Below is what I have so far, it just opens one socket and see if it is open or not:
Code:
for (port=start; port<=end; port++)
{
soc = socket(PF_INET, SOCK_STREAM, IPPROTO_TCP); //created the tcp socket
fcntl(soc,F_SETFL, O_NONBLOCK);
memset( &servaddr, 0, sizeof(servaddr));
servaddr.sin_family = AF_INET;
servaddr.sin_port = htons(port); //set the portno
hostaddr = gethostbyname( argv[1] ); //get the ip 1st argument
memcpy(&servaddr.sin_addr, hostaddr->h_addr, hostaddr->h_length);
conres = connect(sd, (struct sockaddr*)&servaddr, sizeof(servaddr));
if (conres == -1)
{
printf("Port %d is closed\n", port);
close(soc);
}
else
printf("Port %d is open\n",port);
close(soc);
}
return 0;
}
If you want examples, have a look at the source for existing port scanners. There is no simple 1-page example for this. You might even look at a network library like RakNet to see how numerous sockets are handled.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.