• RSS
  • Twitter
  • FaceBook

Security Forums

Log in

FAQ | Search | Usergroups | Profile | Register | RSS | Posting Guidelines | Recent Posts

half-open scanning

Users browsing this topic:0 Security Fans, 0 Stealth Security Fans
Registered Security Fans: None
Post new topic   Reply to topic   Printer-friendly version    Networking/Security Forums Index -> Programming and More

View previous topic :: View next topic  
Author Message
static_-x-_
Just Arrived
Just Arrived


Joined: 09 May 2005
Posts: 1
Location: south wales

Offline

PostPosted: Wed Jan 11, 2006 4:02 pm    Post subject: half-open scanning Reply with quote

does anyone know where i may find an example of a port scanner using the half-open technique. I know that nmap has it but its very confusing on looking up the code.

I've created a simple port scanner and now i'm looking to add more functionality to it by implementing the half-open scanning. I think i need to use libpcap and libnet, so if you know of any port scanners that uses these will also be a big help. The language is c by the way. Cheers!
Back to top
View user's profile Send private message Visit poster's website MSN Messenger
hugo
Forum Fanatic
Forum Fanatic


Joined: 14 Jun 2003
Posts: 16777215
Location: Netherlands, Europe

Offline

PostPosted: Fri Jan 13, 2006 3:12 pm    Post subject: Re: half-open scanning Reply with quote

static_-x-_ wrote:
I've created a simple port scanner and now i'm looking to add more functionality to it by implementing the half-open scanning. I think i need to use libpcap and libnet, so if you know of any port scanners that uses these will also be a big help.

I don't think those libraries are even necessary.

As half-open scanning implies not making a real connection to a socket, but only sending a SYN, and wait for a SYN-ACK, I believe this could be accomplished with 'standard' C code.

I have to say that I have never done this myself, but I do remember a utility called hping that can do this. I am sure that code can help you out a bit.

Hope this helps.
Back to top
View user's profile Send private message
capi
SF Senior Mod
SF Senior Mod


Joined: 21 Sep 2003
Posts: 16777097
Location: Portugal

Offline

PostPosted: Fri Jan 13, 2006 5:00 pm    Post subject: Reply with quote

To send a SYN without going through the protocol stack (i.e. without spending kernel resources on the open connection, and without the kernel later reacting to an incoming SYN/ACK) you need to use raw sockets. You can do it yourself with C standard code, if you have good knowledge of TCP/IP. The point is, however, that libraries such as libnet and libpcap have already taken care of implementing all the header generation, portability, etc.

All depends on what you want to do. If you're in it for the sake of learning, go grab yourself RFC791 and RFC793 and start coding from scratch. If you're in it for more practical reasons, go get them libraries Wink
Back to top
View user's profile Send private message
CabTRR
Just Arrived
Just Arrived


Joined: 12 Jan 2006
Posts: 0
Location: Istanbul/Turkey

Offline

PostPosted: Fri Jan 13, 2006 7:50 pm    Post subject: Reply with quote

first, you should learn TCP/IP then write your program using rawsocket.Because you have to know about TCP/IP to program with rawsocket..Maybe you can study source codes about port scanners..
Search on the internet..
Back to top
View user's profile Send private message Send e-mail MSN Messenger
Display posts from previous:   

Post new topic   Reply to topic   Printer-friendly version    Networking/Security Forums Index -> Programming and More All times are GMT + 2 Hours
Page 1 of 1


 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum

Community Area

Log in | Register