IP Hole Finder and Port Scanner

Disclaimer

The techniques discussed in this article are meant to aid Network Administrators in finding security holes in their own sysmtes in order to close potential points of weakness. These techniques must not be used to gain illegal eentry to remote servers.

Introduction

Internet world is full of exciting tricks and mysteries. This giant world can be more attractive when a computer programmer knows the Internet protocols and how to write codes to handle connections. We, computer programmers, know that TCP/IP protocol claims "All Hard Disks of online computers through the world are mine!" and this idea leads hackers to intrude our valuable information from any Holes on our PCs. Their hacking applications can interpret TCP/IP-based protocols such as FTP, HTTP, etc. and that is why they can do whatever with our servers. 

What are we supposed to do to prevent their attack? If you are a network administrator, you will say that we should close unneeded ports as the first solution. In the other hand, we must find IP Holes and then close them.

This article can give you some helpful ideas to detect these holes. The submitted code and application can be the bases of Port Scanners.

How does it work?

This application uses class CTheSocket inherited from class CSocket. I could use a CSocket object instead but I preferred to inherit from this class to override any desired events in the future. The member function CPortScanView::TestConnection(CString IP, UINT nPort) is the heart of port scanning. Please see the following code:

BOOL CPortScanView::TestConnection(CString IP, UINT nPort)
{
	CTheSocket* pSocket;
	pSocket = new CTheSocket;
	ASSERT(pSocket);

	if (!pSocket->Create())
	{
		delete pSocket;
		pSocket = NULL;
		return FALSE;
	}

	while (!pSocket->Connect(IP , nPort))
	{
		delete pSocket;
		pSocket = NULL;
		return FALSE;
	}

	pSocket->Close();
	delete pSocket;
	return TRUE;
}

In the above code if connection with the specified socket on port nPort is established, the member function will return TRUE, otherwise FALSE. This member function does not have to know Internet services protocols like HTTP, FTP, etc. to interpret them to find out whether or not the port is open. As a matter of fact the member function checks which ports are listening to establish connection. As soon as the state of socket changes from mode 'Listening' to mode 'Established' the value TRUE is reported and status 'open' is detected.

The submitted application is a single-thread one and I used ::PeekMessage(...) at the end of the outer loop by which a range of ports can be scanned to handle windows messages in order to stop scanning process, moving windows around the screen and so on. Here, This is the code segment:

for (m_nCounter = minPort; m_nCounter <= maxPort; m_nCounter++)
{
	.
	.
	.
	while(nAttempt <= m_nMaxAttempts && !bIsOpen)
	{
		.
		.
	}
	.
	.
	.
	MSG message;
	if (::PeekMessage(&message,NULL,0,0,PM_REMOVE))
	{
		::TranslateMessage(&message);
		::DispatchMessage(&message);
	}
	.
   }

To make sure that CPortScanView::OnButtonScan() is not reentered, I disabled the corresponding button CPortScanView::m_cBtnScan by invoking m_cBtnScan.EnableWindow(FALSE) member function. Also, to stop the above loop and make it exit while clicking on button CPortScanView::m_cBtnStop, I got CPortScanView::m_nCounter value to one unit more than CPortScanView::m_maxPort in message handler CPortScanView::OnButtonStop().

Since the results of port scanning are saved in a CPtrList object member variable called CPortScanView::*m_pStatusList as a linked list, the contents of each node is not only visible in object CListCtrl::m_cResult but also accessible to save in a text file.

The submitted code can also support UNICODE by adjusting the options and settings as described in MSDN.