#!/usr/bin/perl
#  -NSS Portscan v0.1-

use Socket;

# Too lame to read them from /etc/services ...
# Anyone free to add more, like: <port number> => "port name"
%ports=(
1 => "tcpmux", 7 => "echo", 9 => "discard", 11 => "systat", 13 => "daytime",
15 => "netstat", 19 => "chargen", 21 => "ftp", 22 => "ssh", 23 => "telnet",
25 => "smtp", 37 => "time", 43 => "whois", 53 => "domain", 69 => "tftp",
70 => "gopher", 79 => "finger", 80 => "www", 98 => "linuxconf", 109 => "pop-2",
110 => "pop-3", 111 => "sunrpc", 139 => "netbios-ssn", 143 => "imap2",
161 => "snmp", 443 => "https", 512 => "exec", 513 => "login", 514 => "shell",
515 => "printer", 540 => "uucp", 1524 => "ingreslock", 3306 => "mysql",
1080 => "socks", 2003 => "cfinger", 3001 => "nessusd", 6667 => "ircd",
8080 => "webcache", 12345 => "netbus", 6000 => "X11"
);

system("clear");
print "\t\t\t\tNSS Portscan v0.1\n\t\t\t\t~~~~~~~~~~~~~~~~~\n";
if(!$ARGV[0]) {
	print "Usage: (perl) $0 <host> <start on port> <stop on port>\n\n";
	exit(0);
}

print "Checking if host is alive ... ";
if(inet_aton($ARGV[0])) {
	print "[ALIVE]\n";
} else {
	print "[DEAD]\n";
	exit(0);
}

$iaddr = inet_aton($ARGV[0]);
for $port ($ARGV[1] .. $ARGV[2]) {
$SIG{"ALRM"} = sub { close net; };
alarm(1);
$paddr = sockaddr_in($port, $iaddr);
$proto = getprotobyname('tcp');
socket(net, PF_INET, SOCK_STREAM, $proto) || close net;
if(connect(net, $paddr)) {
	if(!$ports{$port}) { $ports{$port} = "unknow"; }
	print "[Port: $port] - [$ports{$port}]\n";
} else {
	close net;
}
}