Sometimes, we box ourselves up in our HTTP-only world. Sometimes, Rails eclipses all other facets of Ruby.

In this article, we’ll build a simple port scanner in pure Ruby, using the sockets support that comes with the Ruby distribution.

Port scanners aren’t typically things we expect Rubyists create; that’s the kind of stuff that the C people deal with. A lot of people are surprised when they find out that Metasploit , an amazing penetration suite, is actually written in Ruby.

The truth is that Ruby has grown into an incredibly versatile language, making it a tool that can be used in a wide variety of things, including something as systems-y as a port scanner.

Let’s dive right in!

The Basics

First of all, what is a port scanner? It is exactly what it sounds like; it takes in an IP address, and tells you which ports are “open”, i.e. on which ports the computer is ready to communicate.

What is the point of scanning ports? Open ports can pose major security risks, especially if the administrator doesn’t know why exactly they have been left open. The program at the other end may be an ancient version of some server software that has a ton of publicized buffer overflow attacks, making the machine an easy target for attackers. So, knowing what ports you have open is important.

Finally, how do we know if ports are open or not? There’s actually a ton of ways to do this, because TCP/IP (the protocol that computers usually use to talk to one another) provides a lot of different ways (all with different advantages and disadvantages) to check a port. The simplest one (and the one we will be using) is called “TCP connect scanning”.

The idea is to try to connect to a host on a specified port, if the host responds, the port is open, otherwise it isn’t. This approach does have disadvantages. If you’re an attacker, the host will probably log the request. Secondly, it is much less efficient than some other methods (such as a TCP SYN scan).

Our port scanner will employ a simple technique; it will take a range of ports and a host, then try to connect to the host on each of the given ports. Ports are open on whichever connections are successful.

Let’s get into the code.

Written by Dhaivat Pandya. Read the full article here.