Open In App

Network Scanner in Python

Improve
Improve
Like Article
Like
Save
Share
Report

A network scanner is one major tool for analyzing the hosts that are available on the network. A network scanner is an IP scanner that is used for scanning the networks that are connected to several computers.

To get the list of the available hosts on a network, there are two basic methods –

  • ICMP Echo Request

    It is also known by using ‘ping command’. An ICMP packet is sent to a host using the IP address and if the ICMP echo is received, that means that the host is online and is receiving the signals. For this, it necessary to get all the IP addresses for which you wish to test that the host is connected or not. This method works on the assumption that network devices have ICMP enabled.




    import subprocess
      
    for ping in range(1,10):
        address = "127.0.0." + str(ping)
        res = subprocess.call(['ping', '-c', '3', address])
        if res == 0:
            print( "ping to", address, "OK")
        elif res == 2:
            print("no response from", address)
        else:
            print("ping to", address, "failed!")

    
    

    Output:

    This code iterates over all the available IP addresses, ping them and check for the reply. If the echo is received, that means the host is connected and in case, no echo is received, then it looks like that the host is down.
    Note: Personal firewalls or general firewalls are often set to so called “stealth mode” which is used not to react to ICMP echo requests.

  • TCP Scan

    To overcome the demerits of echo request method, TCP scan method is introduced which works on three-way handshake method. This method has a pre-assumption that the hosts on the networks are open ports and we have to guess which port is open or not. The ports differ in the operating system in which you are using. Different OS has open dependent ports listed below.

    • linux: [20, 21, 22, 23, 25, 80, 111, 443, 445, 631, 993, 995]
    • windows: [135, 137, 138, 139, 445]
    • mac: [22, 445, 548, 631]

    3-way-Handshake method

    A three-way handshake is a method used in a TCP/IP network to create a connection between a local host/client and server. It is a three-step method that requires both the client and server to exchange SYN and ACK (acknowledgment) packets before actual data communication begins.
    A three-way handshake is primarily used to create a TCP socket connection. It works when:

    • A client node sends an SYN data packet over an IP network to a server on the same or an external network. The objective of this packet is to ask/infer if the server is open for new connections.
    • The target server must have open ports that can accept and initiate new connections. When the server receives the SYN packet from the client node, it responds and returns a confirmation receipt – the ACK packet or SYN/ACK packet.
    • The client node receives the SYN/ACK from the server and responds with an ACK packet.

    Upon completion of this process, the connection is created and the host and server can communicate.




    #importing socket module
    import socket
      
    #creates a new socket using the given address family.
    socket_obj = socket.socket(socket.AF_INET,socket.SOCK_STREAM)
      
    #setting up the default timeout in seconds for new socket object
    socket.setdefaulttimeout(1)
      
    #returns 0 if connection succeeds else raises error
    result = socket_obj.connect_ex((addr,port)) #address and port in the tuple format
      
    #closes te object
    socket_obj.close()

    
    



  • Last Updated : 23 Jul, 2018
    Like Article
    Save Article
    Previous
    Next
    Share your thoughts in the comments
Similar Reads