Port scanning is a useful technique for exploring network systems and gathering information about the services they offer. Often, security professionals and system administrators use port scanning for diagnosing network problems, auditing network security, or discovering vulnerabilities. In this article, we will go through the details of how to create a simple port scanning program using Python.
Python is an excellent language for this task due to its simplicity and the availability of several powerful libraries like socket that greatly simplify network-related tasks.
Prerequisites
Before we get started, make sure you have Python installed on your computer. You can download the latest version of Python from the official Python website. This program does not require any external Python packages or libraries. We will only use the built-in socket and concurrent.futures modules for this program.
Disclaimer: Please be aware that port scanning can be illegal in certain contexts. Always ask for permission before performing a port scan on any system. The information provided here is intended for educational purposes only.
Basic Concept
The basic concept of a port scanner is to attempt a connection to a specific port at an IP address. If the connection is successful, then we know that there’s a service listening on that port. If not, then the port is closed.
Python Script
Here’s an example of a simple Python script that will scan ports in a specified range. This script uses the socket and concurrent.futures module.
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 | import socket import concurrent.futures def scan_port(ip, port): with socket.socket(socket.AF_INET, socket.SOCK_STREAM) as s: s.settimeout(1) try: s.connect((ip, port)) return True except: return False def port_scanner(ip, start_port, end_port): ports = [] with concurrent.futures.ThreadPoolExecutor(max_workers=100) as executor: future_to_port = {executor.submit(scan_port, ip, port): port for port in range(start_port, end_port+1)} for future in concurrent.futures.as_completed(future_to_port): port = future_to_port[future] if future.result(): print(f'Port {port} is open!') ports.append(port) return ports # Test open_ports = port_scanner('localhost', 1, 100) print("Open ports:", open_ports) |
In the script above:
- We import the required modules, socket and concurrent.futures.
- We define a function scan_port that attempts to connect to a specific IP address and port.
- If the connection is successful, scan_port returns True. If not, it returns False.
- We then define a port_scanner function that uses a thread pool to speed up the scanning process by scanning multiple ports concurrently.
- This function scans ports in the range from start_port to end_port inclusive, and prints out any open ports it finds. It also returns a list of all open ports.
- You can adjust the max_workers argument to increase or decrease the number of threads (and thus the concurrency level). Just note that setting this value too high may lead to excessive network traffic and resource usage.
- You can call the port_scanner function with the IP address you want to scan, and the start and end of the range of ports to scan.
Conclusion
This article presents a simple Python program to perform a port range scan. It’s worth noting that while this script is handy for basic port scanning, more advanced tools like Nmap provide many more features and are more suited to professional network analysis. However, understanding how to create a basic port scanner can be a great introduction to Python network programming and computer networking concepts in general.