NETWORK AND PORT SCANNER - A TOOL FOR GOOD OR BAD

Abstract

In this paper we examine and compare several custom-made implementations of a network and port scanner that are written in Python programming language as a part of a Information systems security course teaching material. Network scanning tools play an important role in network information gathering, which is the first step in penetration testing. First version of network and port scanner comes in two sub versions: for Windows and Linux operating systems, and a slightly modified version to address specifics of Android devices. Both varieties of first version use ping command to see if a device with a certain IP address will respond to them and then uses TCP sockets to scan range of ports on a device that responded. Second version of network and port scanner uses ARP Protocol to scan a network for connected devices and then uses TCP sockets to scan range of ports on a device that responded to broadcasted package. In the late section of this paper, we emphasize advantages, disadvantages, performances and ease of usage of previously mentioned implementations. We also discuss ethical dilemmas of using such tools from the aspect of security professionals, programmers, common computer users and IT students.