A network scanner is one major tool for analyzing the hosts that are available on the network. A network scanner is an IP scanner that is used for scanning the networks that are connected to several computers.
To get the list of the available hosts on a network, there are two basic methods –
ICMP Echo Request
It is also known by using ‘ping command’. An ICMP packet is sent to a host using the IP address and if the ICMP echo is received, that means that the host is online and is receiving the signals. For this, it necessary to get all the IP addresses for which you wish to test that the host is connected or not. This method works on the assumption that network devices have ICMP enabled.
"no response from"
This code iterates over all the available IP addresses, ping them and check for the reply. If the echo is received, that means the host is connected and in case, no echo is received, then it looks like that the host is down.
Note: Personal firewalls or general firewalls are often set to so called “stealth mode” which is used not to react to ICMP echo requests.
To overcome the demerits of echo request method, TCP scan method is introduced which works on three-way handshake method. This method has a pre-assumption that the hosts on the networks are open ports and we have to guess which port is open or not. The ports differ in the operating system in which you are using. Different OS has open dependent ports listed below.
- linux: [20, 21, 22, 23, 25, 80, 111, 443, 445, 631, 993, 995]
- windows: [135, 137, 138, 139, 445]
- mac: [22, 445, 548, 631]
A three-way handshake is a method used in a TCP/IP network to create a connection between a local host/client and server. It is a three-step method that requires both the client and server to exchange SYN and ACK (acknowledgment) packets before actual data communication begins.
A three-way handshake is primarily used to create a TCP socket connection. It works when:
- A client node sends an SYN data packet over an IP network to a server on the same or an external network. The objective of this packet is to ask/infer if the server is open for new connections.
- The target server must have open ports that can accept and initiate new connections. When the server receives the SYN packet from the client node, it responds and returns a confirmation receipt – the ACK packet or SYN/ACK packet.
- The client node receives the SYN/ACK from the server and responds with an ACK packet.
Upon completion of this process, the connection is created and the host and server can communicate.
#importing socket module
#creates a new socket using the given address family.
#setting up the default timeout in seconds for new socket object
#returns 0 if connection succeeds else raises error
#address and port in the tuple format
#closes te object
This article is contributed by Rishabh Bansal. If you like GeeksforGeeks and would like to contribute, you can also write an article using contribute.geeksforgeeks.org or mail your article to firstname.lastname@example.org. See your article appearing on the GeeksforGeeks main page and help other Geeks.
Please write comments if you find anything incorrect, or you want to share more information about the topic discussed above.
Attention geek! Strengthen your foundations with the Python Programming Foundation Course and learn the basics.
To begin with, your interview preparations Enhance your Data Structures concepts with the Python DS Course. And to begin with your Machine Learning Journey, join the Machine Learning – Basic Level CourseMy Personal Notes arrow_drop_up