PYTHON SECURITY: SIMPLE NETWORK PORT SCANNER

By Devon Greene

ALL ACTIONS HAVE CONSEQUENCES

What you are about to be taught is to be used for educational purposes only within a controlled environment.

Anything you scan today with the tools you write should only be done with permission of the owner.

Scanning a machine online that you do not own or have written consent to conduct such activities against is ILLEGAL.

If you are not sure if it is legal, don’t do it. It’s that simple.

PLEASE REPEAT AFTER ME…

I WILL NOT DO ANYTHING STUPID WITH THE KNOWLEDGE I AM ABOUT TO RECEIVE. I DON’T WANT TO GO TO JAIL AND NEITHER DOES DEVON.

THE DIGITAL TELEPHONE SYSTEM

Name: Dakota State University

Phone: (605) 256-5111

Found in: Telephone Book

Name: dsu.edu

Phone: 138.247.65.57

Found In: Domain Name Server

Real Life Teh Internet

THE WORLD’S INTERNET PHONE BOOK

The Domain Name System Protocol Translates “hostnames” like “dsu.edu” into

138.247.65.57 Let’s try it.

COMMON DIGITAL TELEPHONE COURIERS

Connection Oriented Reliabile Ordered Packets Built-in features

make this a slower protocol than UDP.

65535 Ports

Connectionless Protocol

Unreliable Unordered Packets Very lean protocol

makes this a much faster protocol than TCP.

65535 Ports

Transmission Control Protocol (TCP)

User Datagram Protocol (UDP)

TCP 3 WAY HANDSHAKE ILLUSTRATED

Salesman rings

doorbell

Home owner

opens up the door

Salesman can now

talk

Home owner talks

with Salesman

3

1

2

SYN FLAG == TCP DOORBELL

Computer Server

Computer ServerACK

SYN

SYN-ACK

EXAMPLE WITH NETCAT

Wireshark View:

NETWORK COMMUNICATION

IPAddress:Port 138.247.65.57:80 138.247.65.57:443

Windows: netstat –nao | findstr “EST”

Linux: netstat –nt | grep “EST”

SocketsWhat’s talking right now?

SOCKETS FURTHER EXPLORED

Address Types AF_INET (IPv4)

AF_INET6 (IPv6)

UNIX (Special)Socket Types STREAM (TCP)

DGRAM (UDP)

RAW (Special)

WHAT IS A PORT SCAN?

The process of identifying what ports are listening on a machine. Port scanning is typically conducted against both TCP and UDP ports..

There are approximately 65535 TCP ports and 65535 UDP ports.

This is taken a step further with “Service Identification”.

PORT SCANNING USES

Identifying Open Ports

Enumerating Services running on a machine

Identifying Open Ports

Compare listening ports locally on the machine versus what you see from the outside.

Offensive Security Defensive Security

TIME TO BUILD A SCANNER!

Open up the SimpleNetworkScanner_Skele.py file included on your flash drive.

We will test our scanner on machines ONLY given by the instructor. No Exceptions!