

A TCP Port Scanner in Bash - pkrumins
http://www.catonmat.net/blog/tcp-port-scanner-in-bash/

======
daniellockard
This requires your bash have networking support compiled in (some distros
don't, or didn't in the past), I'm not sure why you wouldn't use nmap, or even
netcat: `nc -z $my_host_to_scan 1-1023`

~~~
pkrumins
Just playing around with bash. Great remark about networking support!

------
RickHull
Why do these checks sequentially? I'd be interested to see the opportunities
for parallel requests in bash.

~~~
pkrumins
Didn't think of that. Pretty good idea!

------
rakiru
It's kind of cheating to use perl for some of it, don't you think? I know this
was just an experiment, and the actual networking part is pure bash, but the
title is still misleading. Still, this is certainly interesting and not
something I'd considered.

~~~
icebraining
That bothered me too, so I implemented alarm(2) in bash. Beware of bugs,
though:

    
    
      function alarm() {
        timeout=$1; shift;
        bash -c "$@" &
        pid=$!
        {
          sleep $timeout
          kill $pid 2> /dev/null
        } &
        wait $pid 2> /dev/null
        return $?
      }
    
    
      alarm 1 "echo >/dev/tcp/google.com/230" && echo "Y" || echo "N"
    
      //this prints 'N' in ~1s
    
      alarm 60 "echo >/dev/tcp/google.com/80" && echo "Y" || echo "N"
    
      //this still returns almost immediately and prints "Y"

~~~
kill-9-1
backgrounding a job to sleep/kill a pid isn't necessarily a great idea imho.
here, if the port in question is open then then you will pass the wait
relatively quickly, but you still have a timer set to kill the pid. A short
timer probably won't cause an issue, but the longer you wait the more likely
it becomes that the kernel will assign that pid to a new process that you
probably don't want killed. especially if you are launching two new pids for
each possible port.

~~~
icebraining
I considered that, but didn't have time to think about a proper solution.
Using bash's own job control instead of regular kill would probably be better.

------
jebblue
This is very cool, thanks for sharing!

