Short: TCP-UDP-PortScanner with stealth technics and identscan Author: cyborg@eanet.de Version: 0.5 Replaces: tcpscanner.lha Architecture: m68k-amigaos Path: comm/tcp *************************************************************** ** ** It`s illegal to hack foreign hosts! This software is not ** able to hack a site! And never will be! ** ** I`m not responseable for any use of this software !!! ** *************************************************************** *************************************************************** ** ** Use this software only to : - scan your host for security holes ** - check firewalls for holes ** - check portscandetectors ** *************************************************************** *##############################################################* #* *# # This is the fastest and most useful portscanner for AOS. # # # # It`s the only one with UDP , IDENT and Basic-Stealth-Scan # # # # And it`s legal and best of it,it`s FREE :-) # # # # 68040/33 1000 ports in 25 seconds => 40 p/s # # # #* *# *##############################################################* Usage: TCPScanner {Options} host_to_scan Options: -f Fastscan (50 ports a time) -fps ports to scan at the same time -l logfile -p from-to port -s known services only -t timeout in ticks ( 1/50 secs ) for FastScans -u UDP-scan -U UDP-scan but no TCP-scan -v more output -w wait-ticks between two tcpconnects -hls hostlistfilename -n only hosts with a nameserverentry -a from-to hosts d.c.b.x i.e. -a 100-120 d.c.b.100-120 -b from-to subnets d.c.x.a i.e. -b 10-20 d.c.10-20.a -r random tcpports -i identscan -P Ping before scan example: tcpscanner -n -b 1-100 -a 1-10 23.25.0.0 scan subnets 1-100 and in these subnets hosts 1-10 in NET 23.25.x.x A N D scan only hosts with valid nameserver entries. example: tcpscanner -p 1-10 www.amiga.kr this will scan the not existing host www.amiga.kr from ports 1 to 10. example: tcpsanner -v -u -f -t 10 -p 1-10 www.amiga.kr scans TCP&UDP ( 10 ticks timeout ) with massive paralell UDP packets If you just want a quick scan enter: tcpscanner www.amiga.kr By default tcpscanner scans only from port 1 to port 1024. If used the nmap-service-file, because its the greatest i have found. Option -P sends an icmp packet before scanning to check if host is online, if this ping does not return , the host won`t be scanned. IDENTSCAN: ---------- This works only if the scanned host has AUTH ( Port 113 ) enabled. You can try that for testing on any newsserver. It`s mainly based on Dave Goldsmith`s ident-scan v0.15 , with one important difference , it works!. Thx anyway Dave :-) STEALTH: -------- Nothing is undetectable, but it`s harder to find it. use -r to scan randomly in the given portrange and activate -w with *atleast* 2 minutes to avoid too much lines of specific traffic in the logs. FRAC-Scan and the other functions of nmap for stealth will (may)be added in the future. STEALTH-Scanning can be used to check portscandemons . Its just a simple randomness. Do not expect too much from it, because if you need a fast scan you will be detected anyway ! Modern NIDS use more advanced technics to detect this kind of stealth. *** FASTUDPSCANNING does not use STEALTH, because that`s NOT FAST *** *** FASTSCANNING für TCP does make use of random ports and it`s f*cking fast :) *** UDP PORTSCANNING does not work with Miami <= 3.2b *************** Cyborg