tpscan.c is a thread portscanner--some more proof of concept/socket practice.
As expected, it speeds things up nicely:
dennis@ipa:~/projects/sockets/tpscan$ time ./tpscan x.x.x.x
25/smtp is open.
80/www is open.
995/pop3s is open.
0m28.40s real 0m0.00s user 0m0.00s system
dennis@ipa:~/projects/sockets/portscan$ time ./portscan x.x.x.x
Portscanning x.x.x.x (x.x.com)
25/smtp
80/www
995/pop3s
2m15.71s real 0m0.00s user 0m0.01s system
As expected, it speeds things up nicely:
dennis@ipa:~/projects/sockets/tpscan$ time ./tpscan x.x.x.x
25/smtp is open.
80/www is open.
995/pop3s is open.
0m28.40s real 0m0.00s user 0m0.00s system
dennis@ipa:~/projects/sockets/portscan$ time ./portscan x.x.x.x
Portscanning x.x.x.x (x.x.com)
25/smtp
80/www
995/pop3s
2m15.71s real 0m0.00s user 0m0.01s system
That's a pretty good improvement!
ReplyDeleteYou should take a look at Kaminsky's Scanrand technique. One thread fires out SYNs, another thread listens for SYN/ACKs. No need to track state = blazing fast.