I am trying to write a port scanner in C#. I did some research on port scanning methods.
If you are interested, these are the links I found useful:
- http://www.cs.wright.edu/~pmateti/InternetSecurity/Lectures/Probing/index.html ^PPT Presentation^
- http://www.auditmypc.com/freescan/readingroom/port_scanning.asp
- (old) NMAP - The Art of Port Scanning : http://nmap.org/nmap_doc.html
- Port Scanning Techniques : http://nmap.org/book/man-port-scanning-techniques.html
- Port Scanning Interactive Example : http://www.osischool.com/concept/communication/port-scanning
Coming to my question. These are the port scanning methods:
- TCP Connect() Scan
- TCP SYN Scan
- TCP FIN Scan
- TCP XMAS Scan
- TCP NULL Scan
- TCP Window Scan
- UDP Scan
But I implemented only TCP Connect() Scan
(shown here). But this is dead slow (taking >0.5sec to test each port). For implementing rest of the methods, I need the packet level access. I need to create raw packets. Is it possible to do that in C#? If so how to do that?
This seemed like a good wrapper around the great WinPCap library when I used it a long time ago:
http://sourceforge.net/projects/sharppcap/
I'm sure it's better now.
You'll have to have a driver (NDIS) or something like that to access raw packets. You might also need to use Native Win32 API and use P/Invoke.
Here's something to help: http://www.codeproject.com/KB/IP/sendrawpacket.aspx
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With