If you are trying to connect to a remote host using a particular port, sometimes you get the message saying that Connection is refused. The reason for this is that, most likely, the server is down on the remote host. In such a situation, you can try to see whether the port is open or in the listening state. You can scan multiple ports to identify the available services in a machine.
Using Python's standard socket library, we can accomplish this port-scanning task. We can take three command-line arguments: target host, and start and end port numbers.
Listing 9.4 gives the code for scanning the ports of a remote host, as follows:
#!/usr/bin/env python
# Python Network Programming Cookbook -- Chapter - 9
# This program is optimized for Python 2.7.
# It may run on any other version with/without modifications.
import argparse
import socket
import sys
def scan_ports(host, start_port, end_port):
""" Scan remote hosts """
#Create socket
try:
sock = socket.socket(socket.AF_INET,socket.SOCK_STREAM)
except socket.error,err_msg:
print 'Socket creation failed. Error code: '+ str(err_msg[0])
+ ' Error mesage: ' + err_msg[1]
sys.exit()
#Get IP of remote host
try:
remote_ip = socket.gethostbyname(host)
except socket.error,error_msg:
print error_msg
sys.exit()
#Scan ports
end_port += 1
for port in range(start_port,end_port):
try:
sock.connect((remote_ip,port))
print 'Port ' + str(port) + ' is open'
sock.close()
sock = socket.socket(socket.AF_INET,socket.SOCK_STREAM)
except socket.error:
pass # skip various socket errors
if __name__ == '__main__':
# setup commandline arguments
parser = argparse.ArgumentParser(description='Remote Port
Scanner')
parser.add_argument('--host', action="store", dest="host",
default='localhost')
parser.add_argument('--start-port', action="store",
dest="start_port", default=1, type=int)
parser.add_argument('--end-port', action="store",
dest="end_port", default=100, type=int)
# parse arguments
given_args = parser.parse_args()
host, start_port, end_port = given_args.host,
given_args.start_port, given_args.end_port
scan_ports(host, start_port, end_port)If you run this recipe to scan your local machine's port 1 to 100 to detect open ports, you will get an output similar to the following:
# python 9_4_scan_port_of_a_remote_host.py --host=localhost --start-port=1 --end-port=100 Port 21 is open Port 22 is open Port 23 is open Port 25 is open Port 80 is open
This recipe demonstrates how to scan open ports of a machine using Python's standard socket library. The scan_port() function takes three arguments: hostname, start port, and end port. Then, it scans the entire port range in three steps.
Create a TCP socket using the socket() function.
If the socket is created successfully, then resolve the IP address of the remote host using the gethostbyname() function.
If the target host's IP address is found, try to connect to the IP using the connect() function. If that's successful, then it implies that the port is open. Now, close the port with the close() function and repeat the first step for the next port.