Thread: Port Scanning Question- probably not what you are thinking

Ok first off and I cant stress this enough.. THIS IS NOT INTENDED FOR MALICIOUS PURPOUSES!!!!

I am doing some research on common open ports as well as the statistics of those ports. especially with the microsoft OS. I am wondering if their is a way to port scan visitors of my website, not the index page but a seperate page that they would have to agree to let the scan go threw after explaining to them what it is for. Kindof like a privacy policy kindof thing. And then after the scan or during it have it log to a text file for later viewing. Having the IP address in the log is not important. just the ports arranged by per visitor basis

I have a apache server on redhat so I would like to use nmap to do this. I assume that maybe it can be accomplished threw a php script or some other means. I am pretty sure it can be done as my firewall if i remember correctly has told me that I was being portscanned and I ran a whois on it and it was the website I was currently visiting.

Please if anyone knows how to do this let me know. I have been searching google but find nothing about having a server auto scan its visitors.

Thanks in advance

Interesting, not what I need but defenatly a source I can use thanks.
Anyone know how they get that information?

just use the ENV (environment hash)
the "REMOTE_ADDR" key will return the remote IP address...

either run the port scan from that server (i've written/posted a perl portscanner in the tutorials forum) or pass it on to another server (this would be advisable as Perl scripts tend to take up some resources )

i'm at the library right now, i'll write/post an example for you tomorrow morning (us, est)...

hope this helps
-take it easy!

[edit]
btw- I'd do it in perl, and that's the lang i'll use...
[/edit]

Thank you tampabay420 I will be waiting for your post. Untill then I will check your tutorial...

As for the how do they get that info for the d-sheild site I found that info on my own.. should have waited before I posted..

[edit] Also I am interested in putting a port scan option on my site. The only problem is I dont want users to try and scan whitehouse.gov or 127.0.0.1 or do their dirty work for them. I would only like it to scan their IP... Is that something that can be done. [edit]

Apache + nmap on redhat, eh? As tampabay420 said, you can use the REMOTE_ADDR env value. Currently i don't have a redhat box to play with, but it works on apache + nmapwin on my W2K box. It could be as simple as this on redhat.

Put this scanme.sh script in your cgi-bin directory:
#
echo "content-type: text/html"
echo
echo "Scanning...
"
echo "
"
echo "<pre>"
/path/to/your/nmap/nmap -P0 $REMOTE_ADDR
echo "</pre>"
echo "
"
echo "Scanning complete.
"
#

Then point your browser to http://yourserver/cgi-bin/scanme.sh to test it. You can of course change the nmap options to suit your need and add some header/explanation.

One caveat, depending on your hardware, any skiddies can DOS your server by running this scan script thousand times concurrently.

Peace always,
<jdenny>

jdenny has great point, might just want to use nmap...

but if you still want to write your own

Code:

    use IO::Socket;
    my ($line, $port, $sock, @servers);
    my $VERSION='1.0';
    $server = $ENV{'REMOTE_ADDR'};
    $begin = 1
    $maxport = 31337;
    for ($port=$begin;$port<=$maxport;$port++)     {
    	$sock = IO::Socket::INET->new(PeerAddr => $server,
    				 	PeerPort => $port,
    				 	Proto => 'tcp');
    	if ($sock)	{
		#might want to log this?
                print "::$port passed::\n";
    	} else {
                print "::$port failed::\n";
    	}
    } # End for

i have not tested it (my server is down)... tell me how it goes?

By the way, grc already offers something like this:

http://grc.com/default.htm

Lots of good stuff there, shields up! is the part that does the port scans of your computer....
Can also be a good place to visit if you are behind a NAT'ing firewall/router to check your IP/reverse lookup.

Check it out, its pretty cool.

/nebulus