How to scan whole network quickly

In this tutorial , I am going to show you how to scan your whole network quickly with ” masscan ” . masscan is little , tiny TCP port scanner , written by “Robert David Graham “ .

masscan spews SYN packets asynchronously up-to millions of packets per/seconds , To get beyond 2 million packets/second, you need an Intel 10-gbps Ethernet adapter and a special driver known as “PF_RING DNA”

“This is the fastest Internet port scanner. It can scan the entire Internet in under 6 minutes, transmitting 10 million packets per second.”

build

sudo apt-get install git gcc make libpcap-dev
git clone https://github.com/robertdavidgraham/masscan
cd masscan
make

it will generate and put binaries in masscan/bin sub-directory .

Usage

masscan use similar arguments as nmap so if you are familiar with NMAP then its no more big deal . major difference in argument is that , you have to set port to scan because there is no default port is set for scanning .

Example

okay lets assume you want to scan all the addresses of 192.168.100.1/24 range use following command .

# masscan -p80,443,445,443 192.168.100.1/24 --rate 100000000

you can adjust rate according to you network card speed etc . if you have gb/s network card then its fine to more than 100 thousand packets per second .

sample output :

masscan result

you can try to scan whole internet ( yes whole Internet ) with masscan ,

# masscan 0.0.0.0/0 -p0-65535

read more about this feature on masscan github page : https://github.com/robertdavidgraham/masscan#how-to-scan-the-entire-internet

you can print output in various formats , like list or xml formats : https://github.com/robertdavidgraham/masscan#getting-output

Github Link :https://github.com/robertdavidgraham/masscan

Tagged With : - -
Add Comment