Introduction
Network security is one of the most crucial aspects of modern information technology. One of the fundamental ways to identify security vulnerabilities is to understand which ports are open on the systems in a network. In this article, we will explain how to write a simple port scanning tool using the Ruby programming language and discuss its basic usage.
Ruby and Network Programming
Ruby is a high-level programming language with extensive libraries for network programming. In this article, we will develop a port scanning tool using the socket
and timeout
libraries.
Structure of the Port Scanning Tool
Our port scanning tool will consist of two main functions:
port_open?
: Checks if a specific port on a specific IP address is open.scan_ports
: Uses theport_open?
function to scan a range of ports on an IP address.
port_open?
Function
This function checks the status of a specific port by establishing a TCP connection. If the connection is successful, the port is open. If the connection fails or cannot be established within a certain time, the port is considered closed.
require 'socket'
require 'timeout'
def port_open?(ip, port, seconds=1)
Timeout::timeout(seconds) do
begin
TCPSocket.new(ip, port).close
return true
rescue StandardError
return false
end
end
rescue Timeout::Error
return false
end
scan_ports
Function
This function scans a specified range of ports on a given IP address and lists the open ports.
def scan_ports(ip, start_port, end_port)
open_ports = []
(start_port..end_port).each do |port|
if port_open?(ip, port)
open_ports << port
puts "Port #{port}: OPEN"
end
end
if open_ports.empty?
puts "No open ports found in the range #{start_port}-#{end_port}."
end
end
Usage
To use our tool, simply specify the target IP address and the range of ports you want to scan:
scan_ports("<ip address>", 20, 1024)
Compiling and Running the Tool on Linux
To run the port scanning tool written in Ruby in a Linux environment, first, ensure that Ruby is installed on your system. You can follow these steps to check for Ruby’s presence and install it if necessary.
- Checking if Ruby is Installed: Open the terminal and check if Ruby is installed by typing:
$ ruby -v
This command will display the installed version of Ruby. If Ruby is not installed, you will receive an error message.
- Installing Ruby: If Ruby is not installed, you can install it using the following commands. For Debian-based systems (like Ubuntu):
$ sudo apt-get update
$ sudo apt-get install ruby-full
For Red Hat-based systems (like Fedora, CentOS):
$ sudo yum install ruby
- Saving the Port Scanning Tool: First, save the Ruby code provided above using a text editor. You can name the file something meaningful like
port_scanner.rb
- Running the Tool: In the terminal, navigate to the directory where the file is saved and run the tool using:
ruby port_scanner.rb
This command will execute the Ruby script named port_scanner.rb
.
Conclusion
Writing a simple port scanning tool with Ruby is an excellent way to enhance your network security and programming skills. This tool allows you to understand basic network security concepts and explore Ruby’s capabilities in network programming.