How do I trigger a port_scan sig using ksh?

by Leave a Comment

I used the following script to trigger a port_scan signature on a RealSecure (IDS) Network Sensor to test it was working.

#!/bin/ksh
outfile=~/live_ips.txt
scanfile=~/scan.out
iprange=192.168
maxip=254
 
# Clear previous output
> $outfile
> $scanfile
 
ip_scan()
{
# This routine collect valid IP's
for subnet in 40
do
        countip=1
        while [[ $countip -lt $maxip ]]
        do
                echo "Trying ${iprange}.${subnet}.${countip}..."
                ping -c 1 ${iprange}.${subnet}.${countip} > /dev/null 2&>1
                rc=$?
                if [[ $rc = 0 ]];then
                        echo "${iprange}.${subnet}.${addr} is alive" |tee -a $outfile
                fi
                (( countip = countip + 1 ))
        done
done
}
 
port_scan()
{
# This routine collect valid ports
cat $outfile | awk '{print $1}' | while read ip
do
        port=1
        while [[ $port -lt 2000 ]]
        do
                echo "Trying port $port on $ip"
                ssh -np $port $ip "date" 2>/dev/null &
                sleep 3
                kill %1 2>/dev/null
                rc=$?
                if [[ $rc = 0 ]];then
                        echo "Port open at $port on $ip" >> $scanfile
                fi
                (( port = port + 1 ))
        done
done
}
 
# Script starts here
ip_scan
port_scan

Of course, you could use the nmap utility to do port_scans much quicker.

Posted in: KSH

About troyski

I'm a freelance UNIX engineer working in the UK. I'm married to Tina and between us we have six children. I'm a bit of an Apple fan boy, and all the Windows machines in the house are a thing of the past now.

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Post navigation