home
***
CD-ROM
|
disk
|
FTP
|
other
***
search
/
OS/2 Shareware BBS: 35 Internet
/
35-Internet.zip
/
prtscn18.zip
/
PORTSCAN.DOC
next >
Wrap
Text File
|
1998-04-02
|
7KB
|
151 lines
-------------------------------------
TCP/IP Portscanner - Version 1.8
(c) Copyright Ralf Christen 1997,1998
-------------------------------------
YOU MAY USE AND DISTRIBUTE THIS PROGRAM FREELY AS LONG AS YOU DON'T MODIFY
ANY OF ITS PARTS.
What this software does
-----------------------
This software scans well known TCP/IP ports of one or more servers for active
services. You can specify a single server name (e.g. www.myserver.com) or a
range of IP-Addresses (e.g. from 192.85.184.12 to 192.85.184.66). You can
even put a list of IP-Adresses into a simple ASCII file (one IP-Address per
line) and process this list. Be aware that hostnames are not allowed in an
IP-Address file. Active port numbers are being listed with the name of the
service commonly used on this port.
What you need
-------------
You need Warp V3 or Warp V4 with TCP/IP or the IBM Internet Access Kit (IAK)
(ICS) installed to run this software.
IMPORTANT: This package needs a DLL named RXSOCK.DLL. If you have Warp V3
WITHOUT TCP/IP installed (Internet Access Kit only), you must get the
DLL mentioned above from the following source and copy it to your /tcpip/dll
directory:
http://www.horgen.net/rem/software/RXSOCK.DLL
Scanned ports - Recognized services
-----------------------------------
The TCP/IP Portscanner scans all ports listed in the SERVICES file stored in
the ETC directory of your local workstation. While Warp V4 has a usable
SERVICES file, Warp V3 still has a very old version without important services
like HTTP (WWW) or POP. Thus, Warp V3 users MUST update their SERVICES file
with a newer version from a Warp V4 machine or downloaded one from the
Portscanner Homepage at http://www.horgen.net/rem/software/
The SERVICES file contains all commonly known ports which point to a certain
protocol (port 80 = HTTP etc).
However, there are many (proprietary) services which do not have a fixed port-
number. They often use a service called RPC Portmapper (RPC = Remote Procedure
Call) to determine the portnumber to be used. One good example is the Network
File System (NFS). This portscanner software can also connect to an active
portmapper and query all active services controlled by this portmapper.
There is a special checkbox on the OPTIONS window to enable this function.
Be sure to have the RPCINFO program installed as well as a RPC file in your
ETC path. If you do not have a RPC file, you can get one from the Portscanner
homepage at http://www.horgen.net/rem/software/
If you try to scan a server which is not powered on, the TCP/IP portscanner
stops scanning after 15 seconds (default).
Missed services
---------------
It is not necessary to run a server using the default port; it is also possible
to have a server using a different port number. This is usually done when
running more than one server (of the same type) on the same machine (such as
two HTTP-Servers on the same system). One of those two servers must switch from
the default HTTP-Port 80 to a different number (let's say to 1234). Users can
still access this server using an URL such as "http://www.myserver.com:1234".
Since 1234 is not a standard port number, it is not listed in the SERVICES file
and will not be detected.
Even if you manually add port 1234 to the SERVICES file, we still can't detect
the type of server. This could be a HTTP-Server (moved from port 80), a NNTP-
Server (moved from port 119) or even a Time-Server (moved from port 37).
Purpose
-------
This is not a hacker tool! It is unfriendly (and maybe even unlawful) to scan
other people's servers. This software tries to CONNECT to the target server
using various TCP/IP port numbers. Be aware that your IP-Address is being
logged on the target system.
The purpose of this software is to scan your OWN systems to have an overview
on what servers are running and therefore need surveillance or additional
protection. This is very important if you aren't behind a firewall: One single
(commonly unknown) TELNET- or REXEC-Server could grant access to your entire
network, including non-TCP/IP services such as NETBIOS, using the authority
of the workstation user the server is running on.
Options
-------
There is an additional 'Options' page where you can
- select if you only want to ping the destination server and/or perform
a full port check
- enable the portmapper function
- select you own SERVICES file if you do not want to use the OS/2 delivered
file in the ETC directory. There is an additional checkbox if you want
to override the portnumbers to be scanned at runtime.
- Define your own timeout (in seconds) for port scanning
Commandline parameters
----------------------
The following commandline parameters are available:
/H=hostname Single hostname to be scanned
/I=ipaddress Single IP-Address to be scanned
/I=fromip-toip Range of IP-Addresses to be scanned
/F=infile.dat File containing a list of IP-Addresses to be scanned
/S=outfile.dat Save PORTSCAN output in the specified output file
/P Print the PORTSCAN output
/Q Automatically quit PORTSCAN after processing the above steps.
Example 1:
Scan the host www.myhost.com, print the output and exit the program
PORTSCAN /H=www.myhost.com /P /Q
Example 2:
Scan the IP-Address range 123.001.001.001 to 123.001.001.128
PORTSCAN /I=123.001.001.001-123.001.001.128
Example 3:
Scan the IP-Addres 123.001.001.001, save the output in OUT.DAT and exit.
PORTSCAN /I=123.001.001.001 /S=OUT.DAT /Q
What's new in this release
--------------------------
- There is a new checkbox on the Settings page to override the port
numbers to be scanned at runtime
- Changed font from 'Helvetica' to 'Helv' for better visibility
- Portmapper continues scanning even if there is an active service
which refuses a correct connection.
- Removed RXSOCK.DLL from the distribution package
What's new in the last release
------------------------------
- New function to query an active RPC portmapper (1.7)
- Changed sizable window type to scrollable window (1.7)
- Ability to export data to an ASCII file (SAVE button) (1.6)
- A full set of commandline parameters (see chapter above) (1.6)
- Buttons are disabled while scan is running (1.6)
- Fix: The IP-filename overrided the name of the SERVICES file. Maybe you
have to re-enter the name of your SERVICES file. (1.6)
News about this software
------------------------
You can get the latest release of this software at:
http://www.horgen.net/rem/software/
If you have questions or suggestions, mail to:
ralf.christen@ibm.net