6

I am trying to write a port scanner in C#. I did some research on port scanning methods.

If you are interested, these are the links I found useful:

  1. http://www.cs.wright.edu/~pmateti/InternetSecurity/Lectures/Probing/index.html ^PPT Presentation^
  2. http://www.auditmypc.com/freescan/readingroom/port_scanning.asp
  3. (old) NMAP - The Art of Port Scanning : http://nmap.org/nmap_doc.html
  4. Port Scanning Techniques : http://nmap.org/book/man-port-scanning-techniques.html
  5. Port Scanning Interactive Example : http://www.osischool.com/concept/communication/port-scanning

Coming to my question. These are the port scanning methods:

  1. TCP Connect() Scan
  2. TCP SYN Scan
  3. TCP FIN Scan
  4. TCP XMAS Scan
  5. TCP NULL Scan
  6. TCP Window Scan
  7. UDP Scan

But I implemented only TCP Connect() Scan(shown here). But this is dead slow (taking >0.5sec to test each port). For implementing rest of the methods, I need the packet level access. I need to create raw packets. Is it possible to do that in C#? If so how to do that?

claws
  • 52,236
  • 58
  • 146
  • 195

2 Answers2

2

This seemed like a good wrapper around the great WinPCap library when I used it a long time ago:

http://sourceforge.net/projects/sharppcap/

I'm sure it's better now.

Ioan
  • 2,382
  • 18
  • 32
  • It's much better now. The API finally hit maturity so it's methods are pretty much set in stone and the parsing was moved out of SharpPcap to the Packet.Net project. It's much much easier to use now than it was before. – Evan Plaice Nov 10 '10 at 08:29
1

You'll have to have a driver (NDIS) or something like that to access raw packets. You might also need to use Native Win32 API and use P/Invoke.

Here's something to help: http://www.codeproject.com/KB/IP/sendrawpacket.aspx

Tony The Lion
  • 61,704
  • 67
  • 242
  • 415