|View script||License||Download documentation as: HTML or editable||Download script||History|
Script Library: 1222 scripts
Documentation for: oneliner-tcp-port-scanner.r
Usage document for %oneliner-tcp-port-scanner.r
1. Introduction to %oneliner-tcp-port-scanner.r
This script is a handy tool for testing a system's potential vulnerabilities. It's also just nice to know what ports are open.
2. oneliner-tcp-port-scanner At a Glance
This script requires some setup to be useful, and cannot be run right out of the box.
After defining the hostname as localhost, you may see
>> do %oneliner-tcp-port-scanner.r Script: "TCP port scanner" (20-Jul-2003) 22 is open 25 is openshowing a system running secure shell; ssh and SMTP mail routing.
2.0.1. IPv4 and IPv6
This document assumes IP version 4. IPv6 will change many things and is becoming more and more ubiquitous as of 2007. Versions of REBOL in the 2.7 range or below do not directly support Ipv6. Upcoming releases of REBOL hopefully (and likely) will.
3. Using %oneliner-tcp-port-scanner.r
There is one change that must be made, the host name, and an optional change to control what port numbers are scanned.
3.1. Change the host name part of the url!
First and foremost, you need to change the url! to specify the host. Make a local copy of the script, and change the tcp://address: to tcp://localhost:, or actual hostname of one of your systems.
3.1.1. Don't be a cracker
If you use anything other than tcp://localhost: you had better have permission for the host name you do use, or you will suddenly be an internet bad guy. Don't.
3.1.2. Checking your home router
Along with localhost, you may want to scan the firewall router for your home network. This could be tcp://192.168.1.1 or other internal network value that will be documented with the hardware. These values almost always start with 192.168. or 10.
3.2. Change the range of ports to scan.
Under GNU/Linux, and the internet in general, TCP ports under 1024 are reserved for the system, or root user. This example only scans up to port 100. Changing the repeat n 100 to repeat n 1024 is not a bad idea to check all of your system ports. These first 1024 ports are reserved, more by defacto standard than hard fast rules, for services like ping, telnet, web server (http), https (port 443) etcetera.
3.2.1. TCP and UDP port range
The range can go all the way up to 65535. This would scan the entire TCP port range for the named computer.
3.2.2. Foil cracking.Please, please, resist the urge to use this tool to be an internet cracker. The REBOL community is populated with kind, friendly souls that don't appreciate crackers. To use this tool to foil crackers from accessing your system, is a good and important thing to do.
3.3. Running %oneliner-tcp-port-scanner.r
Once the host is set this utility is simple to use. Just DO it.
>> do %oneliner-tcp-port-scanner.r
Note you cannot execute %oneliner-tcp-port-scanner.r directly from the rebol.org library, unless you happen to be in charge of the system with a network name of address, highly unlikely.
4. What you can learn
The REBOL open command is COOL, accepting a url! that includes a port. This is one of the key issues for simplicity of REBOL internet client/server programming.
Trapping errors can be as easy as error? try [ ... ]
5. What can break
If you play nicely, not much can break from this, but be warned. As with many things computer related, complexities may be hidden. Opening and closing a TCP port may have undesirable side effects. It may trigger an alarm on the system that wastes time for an administrator, or worse, has someone tracking you down. Network activity is traceable.