Being able to schedule scans directly with the port scanner, without using custom scripting such as bash. (I am not familiar with a default feature within the commandline package that allows this. But the Windows package should have a service that can do this, Inprotect probably has it too: http://inprotect.sourceforge.net/ )

MaXe, excellent idea thanks

I think you should learn more about NMAP, as it has been possible to scan multiple hosts in that tool, since the beginning I assume, as I have been able to do it for the last 10 years.  

Scheduling scans, is possible with Nessus, Qualys, Burp (pro version only afaik), Acunetix, and a variety of other tools. I can schedule almost anything natively in each program, except for NMAP in the command line as far as I am concerned.


No it won't overload the network interface if you do it with e.g. NMAP. If you use hping and send a syn flood with no timeout, you will most likely overload it, because you will be sending a million packets in a few seconds, while NMAP, even with -T5 (timing: aggressive), will probably never do that for good reasons. Same thing with scanrand.

There is no slowing down of the scanning process, only waiting for the final results. (i.e. it would take longer.)

Plus, what else should you be doing on your own computer, or your dedicated computer having a network purpose, while you scan for open services? Nothing. If you don't know what is available to you, the ethical hacker / penetration tester, there is nothing to attack server-side, so naturally like any other hacker do, you do the scans, even if it's just a simple port scan, and then you dive in further. (See Penetration Testing Frameworks, such as NIST SP800-42, PTES, etc. There's a reason why port scanning, is one of the first (not the very first), process of penetration testing, before you even think about anything else.)

Try:


Or whatever your local IP-address range is. /24 is a CIDR notation, which I won't explain in detail, but in this case it means "192.168.1.0-192.168.1.255". So, you would be scanning multiple hosts with NMAP, and I don't see any problems with that  


Exactly how do you think penetration testers, etc., work when they have to attack a network of 300, 1000, or 10000 hosts? Do you think they specify each single scan manually, or do you think they specify ranges or hosts?  

Hi ZeroOne,

What language are you using for this? Because when you say "object oriented programming", you know you have to have lots of control over the TCP and/or UDP packets. Depending on which language you are using, this can prove to be quite a challenge, as OO languages are abstracting this layer completely. But that being said, it is always possible. That's why many developers use WinPcap or things like that to really control network communications at a fine level.

But I am sure you already know this, right? 

So what is exactly your goal? Are you trying to write a new tool? Are you working on an exploit? Or are you just playing around (I do that all the time!!)?

Good to see you have already made some progress ZeroOne!

I have been coding in Java for 14 years now and I am currently working on writing a web service scanner (part time) using this language. I have used JPCAP once in the past, but franckly, I don't remember anything...

And yes, I have done enough multithreading to understand your pain when trying to multithread 1000 hosts X 65000 ports. But really, if tools like nmap can't do it, it's for a reason... 

Scanning all ports of each host on an entire network is not practical. You will either exhaust the network, your RAM or your CPU. You have to take a statistical approach. It is like a survey, there is no need to ask the opinion of every single citizen in a given country. A few thousands "wisely picked" will be a close enough representation of the majority.

That being said, I strongly encourage you to continue with your project and multithread your scans. You will learn a lot and you will also find out that it is a viable solution for a single host or something like that. I would be very curious to see your results...

Good luck!