The SYNplescan Tool Source Code

Example 11-9 provides the full source code to the SYNplescan tool. This should compile on most Linux distributions as follows:

gcc -o synplescan synplescan.c -lnet -lpcap

If that does not work, libnet provides a tool called libnet-config that contains definitions and library references that might be required for your libnet installation. You can use this with back quotes as follows:

gcc -o synplescan synplescan.c `libnet-config -defines` \
     `libnet-config -libs` `libnet-config -cflags` -lpcap

This tool was written on Gentoo Linux. It should work on most Linux installations; however, some tweaking might be necessary to get this working on other Unix and Unix-like environments.

Example 11-9. Source code to the SYNplescan tool

#define _BSD_SOURCE 1 #include <stdio.h> #include <unistd.h> #include <time.h> #include <libnet.h> #include <pcap.h> int answer = 0; /* flag for scan timeout */ /* usage */ void usage (char *name) { printf ("%s - Simple SYN scan\n", name); printf ("Usage: %s -i ip_address\n", name); printf (" -i IP address to scan\n"); exit (1); } void packet_handler (u_char * user, const struct pcap_pkthdr *header, const u_char * packet) { struct tcphdr *tcp = (struct tcphdr *) (packet + LIBNET_IPV4_H + LIBNET_ETH_H); if (tcp->th_flags == 0x14) { printf ("Port %d appears to be closed\n", ntohs (tcp->th_sport)); answer = 0; } else { if (tcp->th_flags == 0x12) { printf ("Port %d appears to be open\n", ntohs (tcp->th_sport)); answer = 0; } } } int main ...

Get Network Security Tools now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.