Port Scanning Question- probably not what you are thinking
Results 1 to 8 of 8

Thread: Port Scanning Question- probably not what you are thinking

  1. #1
    Senior Member
    Join Date
    Dec 2001
    Posts
    304

    Port Scanning Question- probably not what you are thinking

    Ok first off and I cant stress this enough.. THIS IS NOT INTENDED FOR MALICIOUS PURPOUSES!!!!

    I am doing some research on common open ports as well as the statistics of those ports. especially with the microsoft OS. I am wondering if their is a way to port scan visitors of my website, not the index page but a seperate page that they would have to agree to let the scan go threw after explaining to them what it is for. Kindof like a privacy policy kindof thing. And then after the scan or during it have it log to a text file for later viewing. Having the IP address in the log is not important. just the ports arranged by per visitor basis

    I have a apache server on redhat so I would like to use nmap to do this. I assume that maybe it can be accomplished threw a php script or some other means. I am pretty sure it can be done as my firewall if i remember correctly has told me that I was being portscanned and I ran a whois on it and it was the website I was currently visiting.

    Please if anyone knows how to do this let me know. I have been searching google but find nothing about having a server auto scan its visitors.

    Thanks in advance
    Violence breeds violence
    we need a world court
    not a republican with his hands covered in oil and military hardware lecturing us on world security!

  2. #2
    Senior Member
    Join Date
    Jan 2003
    Posts
    274
    Well, this is a little off of what you were asking for, but have you looked here? They collect statistics on the ports most commonly exploited and where those attacks come from. It *may* be worth a look to you. Hope so at least. It's interesting reading though, even if it doesn't help.

  3. #3
    Senior Member
    Join Date
    Dec 2001
    Posts
    304
    Interesting, not what I need but defenatly a source I can use thanks.
    Anyone know how they get that information?
    Violence breeds violence
    we need a world court
    not a republican with his hands covered in oil and military hardware lecturing us on world security!

  4. #4
    Senior Member tampabay420's Avatar
    Join Date
    Aug 2002
    Posts
    953

    perl

    just use the ENV (environment hash)
    the "REMOTE_ADDR" key will return the remote IP address...

    either run the port scan from that server (i've written/posted a perl portscanner in the tutorials forum) or pass it on to another server (this would be advisable as Perl scripts tend to take up some resources )

    i'm at the library right now, i'll write/post an example for you tomorrow morning (us, est)...

    hope this helps
    -take it easy!

    [edit]
    btw- I'd do it in perl, and that's the lang i'll use...
    [/edit]
    yeah, I\'m gonna need that by friday...

  5. #5
    Senior Member
    Join Date
    Dec 2001
    Posts
    304
    Thank you tampabay420 I will be waiting for your post. Untill then I will check your tutorial...

    As for the how do they get that info for the d-sheild site I found that info on my own.. should have waited before I posted..

    [edit] Also I am interested in putting a port scan option on my site. The only problem is I dont want users to try and scan whitehouse.gov or 127.0.0.1 or do their dirty work for them. I would only like it to scan their IP... Is that something that can be done. [edit]


    Violence breeds violence
    we need a world court
    not a republican with his hands covered in oil and military hardware lecturing us on world security!

  6. #6
    Senior Member
    Join Date
    Jul 2002
    Posts
    339
    Apache + nmap on redhat, eh? As tampabay420 said, you can use the REMOTE_ADDR env value. Currently i don't have a redhat box to play with, but it works on apache + nmapwin on my W2K box. It could be as simple as this on redhat.

    Put this scanme.sh script in your cgi-bin directory:
    #
    echo "content-type: text/html"
    echo
    echo "Scanning...
    "
    echo "
    "
    echo "<pre>"
    /path/to/your/nmap/nmap -P0 $REMOTE_ADDR
    echo "</pre>"
    echo "
    "
    echo "Scanning complete.
    "
    #

    Then point your browser to http://yourserver/cgi-bin/scanme.sh to test it. You can of course change the nmap options to suit your need and add some header/explanation.

    One caveat, depending on your hardware, any skiddies can DOS your server by running this scan script thousand times concurrently.

    Peace always,
    <jdenny>
    Always listen to experts. They\'ll tell you what can\'t be done and why. Then go and do it. -- Robert Heinlein
    I\'m basically a very lazy person who likes to get credit for things other people actually do. -- Linus Torvalds


  7. #7
    Senior Member tampabay420's Avatar
    Join Date
    Aug 2002
    Posts
    953
    jdenny has great point, might just want to use nmap...

    but if you still want to write your own
    Code:
        use IO::Socket;
        my ($line, $port, $sock, @servers);
        my $VERSION='1.0';
        $server = $ENV{'REMOTE_ADDR'};
        $begin = 1
        $maxport = 31337;
        for ($port=$begin;$port<=$maxport;$port++)     {
        	$sock = IO::Socket::INET->new(PeerAddr => $server,
        				 	PeerPort => $port,
        				 	Proto => 'tcp');
        	if ($sock)	{
    		#might want to log this?
                    print "::$port passed::\n";
        	} else {
                    print "::$port failed::\n";
        	}
        } # End for
    i have not tested it (my server is down)... tell me how it goes?
    yeah, I\'m gonna need that by friday...

  8. #8
    Jaded Network Admin nebulus200's Avatar
    Join Date
    Jun 2002
    Posts
    1,356
    By the way, grc already offers something like this:

    http://grc.com/default.htm

    Lots of good stuff there, shields up! is the part that does the port scans of your computer....
    Can also be a good place to visit if you are behind a NAT'ing firewall/router to check your IP/reverse lookup.

    Check it out, its pretty cool.

    /nebulus
    There is only one constant, one universal, it is the only real truth: causality. Action. Reaction. Cause and effect...There is no escape from it, we are forever slaves to it. Our only hope, our only peace is to understand it, to understand the 'why'. 'Why' is what separates us from them, you from me. 'Why' is the only real social power, without it you are powerless.

    (Merovingian - Matrix Reloaded)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •