Navigation Menu

Skip to content

Home

Jump to bottom Edit New page
ofalk edited this page Apr 4, 2013 · 7 revisions

ScanSSH

ScanSSH supports scanning a list of addresses and networks for open proxies, SSH protocol servers, Web and SMTP servers. Where possible ScanSSH, displays the version number of the running services. ScanSSH protocol scanner supports random selection of IP addresses from large network ranges and is useful for gathering statistics on the deployment of SSH protocol servers in a company or the Internet as whole.

The first version of the ScanSSH protocol scanner was released in September 2000. You can download the current version below.

Example

$ scanssh -p -e excludes 10.0.0.0/24

[...]
10.0.0.17:23 <refused>
10.0.0.5:6588 <refused>
10.0.0.5:1080 SOCKS v5
10.0.0.5:8080 http proxy
10.0.0.2:23 <timeout>
10.0.0.141:23 <timeout>
10.0.0.17:23 <timeout>
10.0.0.23:22 SSH-1.99-OpenSSH_3.8
10.0.0.195:80 Apache/2.0.30 (Unix) mod_ssl/2.2
10.0.0.5:22 SSH-1.99-OpenSSH_3.6.1
[...]

Download

To build ScanSSH, you need to install libevent and libdnet.

The ScanSSH protocol scanner is distributed under a 4-clause BSD-license and completely free for any use including commercial.

Features

ScanSSH supports the following features:

  • Variable scanning speed. Per default, ScanSSH sends out 100 probes per second. The -r flag can be used to change the number of probes sent per second.
  • Open proxy detection. The -p flag initializes scan modules to detect open proxies on common ports.
  • Random sampling. It is possible to randomly sample hosts on the Internet, for example, by specifying 'random(1000)/0.0.0.0/0' as address parameter.

For more features, please check the man page.

References

People

Links

Add a custom footer
Add a custom sidebar
Clone this wiki locally