Welcome to the Parallell Network Scanner!

Copyright (c) 2002 Peter Eriksson <peter@ifm.liu.se>


Pnscan is a tool that can be used to survey TCP network
services.

For example, it can be used to survey the installed versions of
SSH, FTP, SMTP, Web, IDENT and possibly other services.

INSTALLATION

Edit "Makefile" and the run "make".


USAGE

pnscan defaults to start one thread per host and service to
probe - up to a maximum either as specified with the "-n"
command line option, or 8 minus the maximum number of
available file descriptors (pnscan tries to increase
it to the max limit automatically).

Host ranges can be specified both as a CIDR - network
name or IP address / mask bit length. For example:

	192.168.0.0/24
	arpanet/8

The CIDR names are looked up in "networks" (/etc/networks
or the YP/NIS+/whatever equivalent).

The host ranges can also be specified as a range (or
a single address) of hostnames or IP addresses:

	some.where.com:otherplace.where.com
	192.168.10.27:192.168.11.194
	localhost


Port ranges can be specified both via symbolic names
looked up in "services" (/etc/services or YP/NIS+/whatever
equivalent) or as numbers:

	ssh:telnet
	22:23
	113


EXAMPLES

# Scan network 192.168.0.0/24 for SSH daemons on port 22
pnscan 192.168.0.0/24 22
pnscan 192.168.0.1:192.168.0.254 ssh

# Scan hosts 192.168.10.34 ... 98 for IDENT servers
pnscan -n8 -w"VERSION" 192.168.10.34:192.168.10.98 113

# Scan host 127.0.0.1 for WWW servers on all ports
pnscan -m -w"HEAD / HTTP/1.0" -r"Server:" 192.168.0.32 1:65525
pnscan -m -w"HEAD / HTTP/1.0" -r"Server:" localhost 1:65525

# Scan network arpanet/24 for daytime servers and sort them IP-numerically
pnscan arpanet/10 daytime | ipsort

# Read host/port pairs from stdin and scan the selected hosts
echo '192.160.10.11 ssh' | pnscan -v


Start pnscan with "-h" for online help.

The latest version of pnscan can always be downloaded
from:

	ftp://ftp.lysator.liu.se/pub/unix/pnscan
