The following project is an implementation of a port scanner using C
. A Port Scanner is a tool
which is used in order to determine what specific ports are open within a system. Security experts
could then use this information to guide them in designing exploits. The following sections breifly
discuss how to build and run the system.
A makefile
is included thus in order to build the project just do:
make portscanner
./prtsc [options] [target_ip]
[might need sudo
privilages to run some of the options]
where [target_ip]
is the ip adress of the machine to be scanned.
The options
are breifly discussed in the next sub-section.
The following options maybe specified inorder to specify which kind of scanning techinque is to be used. The project implements 4 scanning techinques. They can be specified as follows:
-sT
: This specifies the TCP connect scanning mode. In this mode super user privilages are not needed
inorder to carry out scans, as a full TCP connection is estabilished and the details are handled by the OS.
-sS
: This specifies a SYN scan, in which a TCP packect with the SYN flag on is sent and the tool waits for a SYN/ACK response.
If one is recieved indicating that the port is open
, a RST is sent back inorder not to trigger a denial of service attack.
Otherwise if a RST is recieved the port is closed
. No response might indicate that the port might be filtered. This type of scan requires super user privilages, as raw sockets are used.
-sU
: This option specifies a UDP scan. This works by sending a UDP packet to every port, if no response is received after retransmissions, the port is classified as open
.
-sF
: This option specifies a FIN scan. In this type of scan, a TCP packet with the FIN bit on is sent. If a RST is recieved the port is considered closed
. If no response is recieved the it is labelled as open|filtered
. This type of scan requires super user privilages, as raw sockets are used.