Port Scanner Homework --------------------- Your mission is to make a port scanner. A port scanner is a piece of software that checks a range of ports and says which can be opened. It's basically this ... main { for r in range-of-ports-to-check p = open_socket(r) if p != error print "Port p is openable" } Points ------ 30 - Can tell which ports from 1 ... 2^16-1 are openeable 25 - Uses fork() to have many processes so it goes faster 25 - The fork is controlled by a loop, so I can change the number of children. 10 - Make sure to harvest zombies using waitpid 10 - Can take the hostname to check on the command line. (If no hostname is provide, must default to euclid.nmu.edu) 100 - Total Due the day of the final exam. How to speed thing up with fork() --------------------------------- Fork off many children. Maybe 10 or 100. Have each one check some of the ports. Make sure you do not have a run-a-way fork-bomb. Make sure each child checks it's own ports. Multiple children should not check the same port. Leave no port in the range unchecked. How to waitpid -------------- This is not like the web server, where children come and go semi-randomly. Start all the children with fork. Then wait for all the children to die. Don't use the WNOHANG option. You want to wait for the children to die. The you're done. Closing sockets --------------- Every socket should be closed when you're done checking. There is a limit to the number of sockets that can be open at one time, and if you don't close sockets you will for sure hit the limit. Symptoms of hitting the limit are 1) The program produces the wrong answers 2) Lots of errors about how gethostbyname fails (it needs a socket to convert a hostname to an IP#) 3) No points from me. What's the right answer? ------------------------ It changes depending on what's running. Right now I get Port 21 Port 22 Port 25 Port 80 Port 111 Port 139 Port 445 Port 42909 Port 2049 Port 1337 Port 5942 Port 6042 Port 33069 Port 33666 Port 51573 Port 44444 Port 8080 Port 8882 Port 54018 Port 54060 Port 37021 Port 3306 How ro I tell if some port is openable? --------------------------------------- Just telnet to it. Type "telnet euclid.nmu.edu 33069". Note: You can quit telnet by typing control-] and then 'q'. Random ordering --------------- If you have lots of children processes, each one might run slower or faster than the others. Therefore the ordering of the output might change. That's cool. Is this ethical? ---------------- It's good network security tool when you check your own computer. Smart people can argue ethic if you do it to others. But I give you explicit permission to do this on euclid for this assignment. This version of makesocket has two advantages --------------------------------------------- 1) It takes the port to be opened as an int. 2) It returns -1 if the port cannot be opened. int MakeSocket(const char *host, const int port) { int s; int len; struct sockaddr_in sa; struct hostent *hp; struct servent *sp; int ret; hp = gethostbyname(host); ErrorCheck(hp==0, "Gethostbyname"); bcopy((char *)hp->h_addr, (char *)&sa.sin_addr, hp->h_length); sa.sin_family = hp->h_addrtype; sa.sin_port = htons(port); s = socket(hp->h_addrtype, SOCK_STREAM, 0); ErrorCheck(s == -1, "Could not make socket"); ret = connect(s, (struct sockaddr *)&sa, sizeof(sa)); if (ret != -1) return s; else { close(s); return -1; } }