hardscan Utility to detect open ports if netstat may be compromised
Download

hardscan Ranking & Summary

hardscan Tags

scan scanner port scanner open port detect open port open port detection

hardscan Description

Utility to detect open ports if netstat may be compromised Hardscan is a local netstat replacement that scans for open ports the hard way: by binding to each of them and attempting to handshake with itself. Hardscan is meant to be useful in a situation where you may have been rooted, rendering the output of netstat and other security tools untrustworthy.If the program is unable to handshake with itself, for whatever reason (perhaps something intercepted the handshake, perhaps something was already running on that port, etc) it is an indicator that tcp or udp port being checked is already in use. Although this could be a trojan, virus, or hacker connection, it is also quite possible that it is a legitimate connection. As the "Ephemeral" high-numbered ports are scanned as well, there is a chance that any outgoing activity (for instance browsing the web while the scan is running) will be picked up.Of particular note in this program is "--fast" mode. In this state, the scanner does not attempt to handshake with itself, and thusly is not detecting as rigorously. In theory the OS could be lying to the scanner and simply saying that the socket was opened succesfully, but in practice most trojans are not going to be that sophisticated. Fast mode trades off this verification in order to run much, much, much faster. Requirements: · Python

hardscan Related Software