If you are trying to connect to a remote host using a particular port, sometimes you get the message saying that Connection is refused
. The reason for this is that, most likely, the server is down on the remote host. In such a situation, you can try to see whether the port is open or in the listening state. You can scan multiple ports to identify the available services in a machine.
Using Python's standard socket library, we can accomplish this port-scanning task. We can take three command-line arguments: target host, and start and end port numbers.
Listing 9.4 gives the code for scanning the ports of a remote host, as follows:
#!/usr/bin/env python # Python Network Programming Cookbook -- Chapter - 9 # This program is optimized for Python 2.7. # It may run on any other version with/without modifications. import argparse import socket import sys def scan_ports(host, start_port, end_port): """ Scan remote hosts """ #Create socket try: sock = socket.socket(socket.AF_INET,socket.SOCK_STREAM) except socket.error,err_msg: print 'Socket creation failed. Error code: '+ str(err_msg[0]) + ' Error mesage: ' + err_msg[1] sys.exit() #Get IP of remote host try: remote_ip = socket.gethostbyname(host) except socket.error,error_msg: print error_msg sys.exit() #Scan ports end_port += 1 for port in range(start_port,end_port): try: sock.connect((remote_ip,port)) print 'Port ' + str(port) + ' is open' sock.close() sock = socket.socket(socket.AF_INET,socket.SOCK_STREAM) except socket.error: pass # skip various socket errors if __name__ == '__main__': # setup commandline arguments parser = argparse.ArgumentParser(description='Remote Port Scanner') parser.add_argument('--host', action="store", dest="host", default='localhost') parser.add_argument('--start-port', action="store", dest="start_port", default=1, type=int) parser.add_argument('--end-port', action="store", dest="end_port", default=100, type=int) # parse arguments given_args = parser.parse_args() host, start_port, end_port = given_args.host, given_args.start_port, given_args.end_port scan_ports(host, start_port, end_port)
If you run this recipe to scan your local machine's port 1
to 100
to detect open ports, you will get an output similar to the following:
# python 9_4_scan_port_of_a_remote_host.py --host=localhost --start-port=1 --end-port=100 Port 21 is open Port 22 is open Port 23 is open Port 25 is open Port 80 is open
This recipe demonstrates how to scan open ports of a machine using Python's standard socket library. The scan_port()
function takes three arguments: hostname, start port, and end port. Then, it scans the entire port range in three steps.
Create a TCP socket using the socket()
function.
If the socket is created successfully, then resolve the IP address of the remote host using the gethostbyname()
function.
If the target host's IP address is found, try to connect to the IP using the connect()
function. If that's successful, then it implies that the port is open. Now, close the port with the close()
function and repeat the first step for the next port.
3.136.18.141