Page 1 of 2 12 LastLast
Results 1 to 10 of 14

Thread: how to write an undetectable port scanner of my own..

  1. #1
    Junior Member
    Join Date
    Jan 2004
    Posts
    26

    how to write an undetectable port scanner of my own..

    hi geeks,

    hello frens.....i want to know tips and directions towards developing a port scanner of my own....
    i want to know this as purely for an edu purpose..plz help me

    thanx
    ram

  2. #2
    Senior Member
    Join Date
    Nov 2003
    Posts
    247
    I'd say the first thing you need to do is study up on the basics of TCP/IP. Learn about the different kinds of packets, the different protocols. I'd also study up some on how the ping and nmap command works.
    www.ADigitalPimp.com
    There is a ghost in the machine, and he is my friend.

  3. #3
    Member
    Join Date
    Nov 2003
    Posts
    88
    An extremely good book to read is "A Complete H@Cker's Handbook: Everything You Need to Know About Hacking in the Age of the Web" writen by Dr. K (ISBN: 1858684064). It doesn't directly teach you how to hack but the theory of it (in terms of protocols and packets). The port scanning section was very good, it doesn't tell you how to make your own port scanner directly but is a good guide.
    -HDD

  4. #4
    Senior Member
    Join Date
    Dec 2003
    Posts
    121
    1)no geeks here
    2)do you know any programming,networking? I mean making a scanner is not such an easy task...
    3)read a lot
    4)google
    5)read a lot again
    6)nmap is always there and it is pretty good
    anyway good luck
    Is that the place where I am supposed to say sth clever and brilliant so that everybody understands how clever nice guy I am????
    Screw you guys I am going home!-Kartman

  5. #5
    Junior Member
    Join Date
    Jan 2004
    Posts
    9
    You can find all the info to make a port scanner at the msdn [microsoft devolpers network] they have a lot of scripts on the subject in vb.

  6. #6
    Senior Member nihil's Avatar
    Join Date
    Jul 2003
    Location
    United Kingdom: Bridlington
    Posts
    17,188
    how to write an undetectable port scanner of my own

    Totally impossible..............if you scan a port you attempt to make contact....if you attempt contact, you can be detected?

    Sure you can write a port scanner..follow the sound advice already given.......but the only "undetectable" port scanner that I know of is one that doesn't work

    Cheers

  7. #7
    Trumpet-Eared Gentoo Freak
    Join Date
    Jan 2003
    Posts
    992
    Why writing a new one, while you can have good coverage from and with nmap...
    Come and check out our wargame-site @ http://www.rootcontest.org
    We chat @ irc.smdc-network.org #lobby

  8. #8
    Senior Member
    Join Date
    Jan 2003
    Posts
    100
    An extremely good book to read is "A Complete H@Cker's Handbook: Everything You Need to Know About Hacking in the Age of the Web" writen by Dr. K (ISBN: 1858684064). It doesn't directly teach you how to hack but the theory of it (in terms of protocols and packets). The port scanning section was very good, it doesn't tell you how to make your own port scanner directly but is a good guide.
    Got the book in my hand right now, it doesnt have a section on port scanning. But throughout the book it shows you how to manually portscan using telnet. (lol guess and test). But i would recomend it to people with little experience to want a grip on this stuff (whether white or black hat). but medium to experienced users forget it.

  9. #9
    Senior Member
    Join Date
    Jan 2002
    Posts
    1,207
    There are several method to make a TCP port scan less detectable:

    1. Use half-open connections or other badly sequenced packets
    2. Use some kind of "bounce" attack

    In the latter case, you protect your IP because the victim (?) does not see your real IP.

    However, 1. is much better for general usage, example scanning internal networks or pen testing. Half-open (SYN) scanning is ideal, because it only finds truly open ports (no false negatives), and causes minimum disruption - in most OSs the application does not even "see" the connections.

    Of course IDS can detect just about any type of scan, but the "stealth" scans only defend against application-level logging.

    Note that all the above pertains to TCP port scanning only, UDP scanning (or other protocols) do not have "syn" flags, hence cannot be masked from the application in this way.

    In order to even *think* about coding this, you will need to be competent in TCP and IP. You will need to know the structure of a TCP packet and have a routine to calculate TCP checksums (I think).

    If you are thinking you can write this in 20 lines of VB, you are totally mistaken.

    Slarty

  10. #10
    Senior Member
    Join Date
    Sep 2003
    Posts
    161
    Originally posted here by nihil
    Totally impossible..............if you scan a port you attempt to make contact....if you attempt contact, you can be detected?

    Sure you can write a port scanner..follow the sound advice already given.......but the only "undetectable" port scanner that I know of is one that doesn't work

    Cheers
    using a passive scanning you are able to be invisable, look at tools such as p0f and as said, READ ALOT.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •