views:

463

answers:

3

I am trying to write a port scanner in C#. I did some research on port scanning methods.

If you are interested, these are the links I found useful:

  1. http://www.cs.wright.edu/~pmateti/InternetSecurity/Lectures/Probing/index.html ^PPT Presentation^
  2. http://www.auditmypc.com/freescan/readingroom/port_scanning.asp
  3. (old) NMAP - The Art of Port Scanning : http://nmap.org/nmap_doc.html
  4. Port Scanning Techniques : http://nmap.org/book/man-port-scanning-techniques.html
  5. Port Scanning Interactive Example : http://www.osischool.com/concept/communication/port-scanning

Coming to my question. These are the port scanning methods:

  1. TCP Connect() Scan
  2. TCP SYN Scan
  3. TCP FIN Scan
  4. TCP XMAS Scan
  5. TCP NULL Scan
  6. TCP Window Scan
  7. UDP Scan

But I implemented only TCP Connect() Scan(shown here). But this is dead slow (taking >0.5sec to test each port). For implementing rest of the methods, I need the packet level access. I need to create raw packets. Is it possible to do that in C#? If so how to do that?

+2  A: 

A brief Google search for "reading and writing packets C#" yielded the following links that you may find useful:

Nathan Taylor
+1  A: 

You'll have to have a driver (NDIS) or something like that to access raw packets. You might also need to use Native Win32 API and use P/Invoke.

Here's something to help: http://www.codeproject.com/KB/IP/sendrawpacket.aspx

Tony
+1  A: 

This seemed like a good wrapper around the great WinPCap library when I used it a long time ago:

http://sourceforge.net/projects/sharppcap/

I'm sure it's better now.

Ioan