Recipe 16.9. Use Sockets to Scan the Ports on a MachineProblemYou want to determine the open ports on a machine to see where the security risks are. SolutionUse the CheapoPortScanner class constructed for your use; its code is shown in Example 16-11. CheapoPortScanner uses the Socket class to attempt to open a socket and connect to an address on a given port. The OpenPortFound event is available for a callback when an open port is found in the range supplied to the CheapoPortScanner constructor or in the default range (1 to 65535). By default, CheapoPortScanner will scan the local machine. Example 16-11. CheapoPortScanner class
There are two properties on CheapoPortScanner that bear mentioning. The OpenPorts and ClosedPorts properties return a ReadOnlyCollection of type int that is a list of the ports that are open and closed, respectively. Their code is shown in Example 16-12. Example 16-12. OpenPorts and ClosedPorts properties
The trigger method for the CheapoPortScanner is Scan. Scan will check all of the ports in the range specified in the constructor. The ReportToConsole method will dump the pertinent information about the last scan to the console output stream: #region Public Methods public void Scan() { for (int port = _minPort; port <= _maxPort; port++) { CheckPort(port); } } public void ReportToConsole() { Console.WriteLine("Port Scan for host at {0}:", _host.ToString()); Console.WriteLine("\tStarting Port: {0}; Ending Port: {1}", _minPort, _maxPort); Console.WriteLine("\tOpen ports:"); foreach (int port in _openPorts) { Console.WriteLine("\t\tPort {0}", port); } Console.WriteLine("\tClosed ports:"); foreach (int port in _closedPorts) { Console.WriteLine("\t\tPort {0}", port); } } #endregion // Public Methods } The PortScan method demonstrates how to use CheapoPortScanner by scanning ports 130 on the local machine. It first subscribes to the OpenPortFound event. The handler method for this event, cps_OpenPortFound, writes out the number of any port found open. Next, PortScan calls the Scan method. Finally, it calls ReportToConsole to show the full results of the scan, including the closed ports as well as the open ones. public static void PortScan () { // Do a specific range Console.WriteLine("Checking ports 1-30 on localhost…"); CheapoPortScanner cps = new CheapoPortScanner("127.0.0.1",1,30); cps.OpenPortFound += new CheapoPortScanner.OpenPortFoundEventHandler(cps_OpenPortFound); cps.Scan(); Console.WriteLine("Found {0} ports open and {1} ports closed", cps.OpenPorts.Count, cps.ClosedPorts.Count); // Do the local machine, whole port range 1-65535 cps = new CheapoPortScanner(); cps.Scan(); cps.ReportToConsole(); } static void cps_OpenPortFound(object sender, CheapoPortScanner.OpenPortEventArgs args) { Console.WriteLine("OpenPortFound reported port {0} was open",args.PPortNumP); } The output for the port scanner as shown appears here: Checking ports 1-30 on localhost… OpenPortFound reported port 22 was open OpenPortFound reported port 26 was open Found 2 ports open and 28 ports closed DiscussionOpen ports on a machine are significant because they indicate the presence of a program listening on those ports. Hackers look for "open" ports as ways to enter your systems without permission. CheapoPortScanner is an admittedly rudimentary mechanism for checking for open ports, but it demonstrates the principle well enough to provide a good starting point.
See AlsoSee the "Socket Class" and "Sockets" topics in the MSDN documentation. |