------------------------- Languard Scanner Readme http://www.gfi.com ------------------------- UI functionality : The UI will have following options. 1. Scan Type: o TCP o UDP o ICMP In the current build, only TCP option is implemented. 2. Scan Options: o Ping only o Ping and Scan o Show Host Responses User can decide to perform only ‘ping’ or ‘ping and scan’. When user selects ‘Ping only’. All the given hosts will only be pinged to check if they are up. The method used for ping is ICMP echo ping. The hosts will not be scanned for open ports and hence option of ‘Show Host Responces’ will be disabled. When user selects ‘Ping and Scan’, the option of ‘Show Host Responces’ is enabled. In this option, the application will first perform ‘ping’ on the given host and then scan the given list of ports. If ‘Show Host Responces’ option is checked, then the host responces ( if any ) will be displayed to the user for each port being scanned. 3. IP Range: Here, the user can specify the hosts to be scanned and/or pinged. The options for specifying hosts are as follows, a. Define Range: The user can specify the start and end IP addresses of the range to be scanned. e.g. Start = 1.0.0.1 and End = 1.0.0.10 b. Import Range: The user can specify a txt file from which the application will pick up the hosts. The user will have to click on the ‘->’ button to invoke the dialog box for selecting hosts from a txt file. In this dialog box, the user can ‘Browse’ for the file, then ‘Exatract’ the host names, select the hosts and ‘Resolve’ the host names and click on ‘Done’ to complete the host selection from file. Eg: File will have entries as shown below. www.cgynetsoft.com www.microsoft.com, www.netscape.com 1.0.0.1 c. Multiple Range: User can specify complex ranges using this option. User can make use of the wild cards like ‘*’ and ‘-‘ to specify ranges. Thus the user can specify “1.0.0.1-5, 1.0.0.10” to scan hosts from 1.0.0.1 through 1.0.0.5 and host 1.0.0.10. Eg 1.0.0.1-5, 2.1-5.0.1, 1.0.0.* 4. Port Range: a. Multiple Range: Using this option, user can specify multiple ports to be scanned. Thus user can specify “1-150, 443, 500-700” to scan ports from 1 through 150 and port 443 and ports from 500 through 700. Eg 1-50,78,79,80-120 b. Import Range: User can select list of ports from a file. The dialog box for port list selection will pick up ‘.lst’ file from the current directory and list out the valid ‘port- description’ entries from a file. The user can select different file using ‘Load’. Different files can be merged and saved using ‘Merge’ and ‘Save’ buttons. User can select the ports by ‘checking’ the ports from the list. The File will look some like this +,21,FTP -,23,telnet +,25,smtp 5. Menu Options: a. ‘Options’ | ‘Advanced’ The user can configure the ‘TCP Connect Timeout’ and ‘Ping Timeout’. The default values will be 3000 and 2000 milli seconds. b. ‘Logs’ | ‘Logging’ User can toggle this option to specify if log file is to be generated for the scanning. This should be on when using the compare feature. c. Compare port scan dialog The Compare port scan dialog allows you to select 2 port scans as shown in attachment A, using a browse button. You can then select OK or Cancel. The scheduled compare dialog - attachment B - will allow you to specify which port scan should be run automatically when a program the program starts or is triggered using a command line option /compare. e. The Schedule port scan dialog This dialog is very similar. However it should be noted that the top port scan (1) file will only be used to read the port scan options, and perform a current port scan before it compares. After it runs a port scan it then compares the port scan with the comparison file in the same way as above. In this schedule port sacn you can specify a file to save the comparison to, or you can send the results to an email address. Alert setup This dialog allows you to specify the email address and the smtp server for the alerts. Port scanner comparison The point of this function is to find new ports compared to an earlier port scan. There should be 2 versions of this - one where you can specify 2 port scan files to compare, and one in which you compare the current port scan to a stored port scan automatically. The last comparison is useful to run the port scan on a scheduled basis and compare it to a stored port scan list for a particular network. The port scan will store the port scan options and also the port scan results. The port scan options (i.e port range, ip range) will be stored for the scheduled compare. Running GFI Port Scanner: The User should select the required ‘Scan Options’, ‘IP Range’, ‘Port Range’ and click on ‘Scan’ button to start the scannin and/or Pinging process. The status of the Scan will be displayed in the second and third split panes. The second pane will display the list of hosts in tree format. It will display the open ports as children of the host node. The user can ‘Pause’ or ‘Stop’ the scanning/Ping by pressing the required buttons. To compare a port scan, you simply select 'compare port scans' from the menu. New additions to the program: 1. Save port scan in file menu 2. Compare menu: Compare port scan dialog and scheduled compare Note: Only one instance of Port Scanner is allowed to be executed.