Coding Challenge #45 - Port Scanner
John Crickett
Helping you become a better software engineer by building real-world applications.
This challenge is to build your own version of a port scanner like nmap .
A port scanner is an program that probes a host to identify open network ports. Bad actors use port scanners to find network services running on a host in order to find and exploit vulnerabilities. Security analysts and network administrators use port scanners to confirm network security policies are being complied with.
Nmap (short for Network Mapper) is probably the most widely used port scanner. It is a free open source tool written in C. You can find the source in the Nmap GitHub repo if you’re interested in digging into it.
If You Enjoy Coding Challenges Here Are Five Ways You Can Help Support It
The Challenge - Building A Network Port Scanner
In this challenge we’re going to build a command line tool to scan a network or range of host looking for open ports.
How a Port Scanner Works
Running a port scan on a network or server reveals which ports are open and listening as well as revealing the presence of devices, such as?firewalls.
Port scanning is a valuable technique for both testing?network security?and the strength of the system’s firewall. For the same reason it is also a popular starting point for bad actors seeking a point of access to break into a network or server.
Ports vary in their services offered. They are numbered from 0 to 65535, but certain ranges are more frequently used. Ports 0 to 1023 are identified as the “well-known ports” and have been assigned services by the Internet Assigned Numbers Authority (IANA). Some of the most prominent ports and their assigned services include:
There are standard services offered on ports above 1023 too - for example, as we saw in the build your own Redis challenge, the default Redis port is 6379.
There are other ports that, if open, may indicate a system that has been compromised. Thus a port scanner can be an incredibly useful tool for system administrators, security engineers and anyone responsible for securing a network.
Step Zero
As always, before we tackle Step 1 of the Coding Challenge , you’re going to set your environment up ready to begin developing and testing your solution.
领英推荐
I’ll leave you to choose your target platform, setup your editor and programming language of choice. I’d encourage you to pick a tech stack that you’re comfortable doing network programming with - we’re building a network tool after all! ??
??WARNING - Only run a port scanner against a host that you have permission to scan??
??The good folks behind Nmap provide a public host you can scan, please read and respect their fair usage policy, details here: https://scanme.nmap.org/
Step 1
In this step your goal is to create a CLI program that will accept two command line arguments:
It will then try to open a TCP connection to the port and will report back if the port is open. For example if you have a service running locally on port 5000 and you run you port scanner it should look something like this:
% ccscan -host=localhost -port=5000
Scanning host: localhost port: 5000
Port: 5000 is open
If a port is open you’ll be able to make a full TCP connection to it.
Continued...
You can find Step 2 and beyond on the Coding Challenges website as build your own port scanner .
Or if you'd rather get the whole challenge delivered to you inbox every week, you can subscribe on the Coding Challenges Substack .
2 Other Ways I Can Help You:
Senior Software Engineer
10 个月I just finished the wc implementation in Go. It was quite fun! Go is great! ??