Linux: create your own TCP port scanner!

Imagine the following situation, you have to check TCP services running on remote hosts in a subnet but you don't have any tools like nmap and you are not allowed to install, what you do? an easy and built in solution is to use bash to create a scanner tool!

Create the following file and name it as port_scan.sh

i will not explain how this works since you can find excellent in depth articles for how to access resources under the /dev virtual file system, this article purpose is just how to make a tool to fill your needs.#!/bin/bash
(echo > /dev/tcp/$1/$2) >/dev/null 2>&1 && echo "Host: "$1" Port: "$2" UP" || echo "Host: "$1" Port: "$2" DOWN"

Make the file executablechmod +x ./port_scan.sh

To scan a host the syntax is./port_scan.sh <ip> <port>

Example: scan one host and one port

In this example we can see how we can test a single host and portkpatronas@prometheus:~$ ./check_port.sh server1 22
Host: server1 Port: 22 UP
kpatronas@prometheus:~$ ./check_port.sh server2 22
Host: server2 Port: 22 DOWN

Example: scan multiple hosts and ports

I have created the following file tests_hosts.txtserver1 22
server1 80
server2 22
server2 80

Executing the following allow us to scan all hosts ports in the file in parallel manner

• -P the number of parallel tasks
• -n number of xargs parameterscat ./test_hosts.txt | xargs -P8 -n2 ./check_port.sh $1 $2
  Host: server1 Port: 80 DOWN
  Host: server1 Port: 22 UP
  Host: server2 Port: 22 DOWN
  Host: server2 Port: 80 DOWN

I hope you found this article easy to use :)