1

I am trying to write a program that will detect open ports across multiple flavors of UNIX and Linux on all interfaces on the system. Research on this site and others led me to code similar to:

try {
    SocketServer s = new SocketServer(port, 0, host).close();
} catch ( Exception ex ) {
    do something here...
}

And similar for:

DatagramSocket d = new DatagramSocket(port, host).close();

The code worked great on RHEL 6. On AIX 7, HP-UX 11.31 and Solaris 10 and 11, however, some open ports were not detected. For example, the code did not report SSH (TCP 22) open and there was a SSH daemon running on each system (it is how I was connected to the systems). But the SSH daemon was not the only open port that was not reported.

I came across a remark in one thread stating that using SocketServer did not seem to work well on Java 7 and later and suggested converting the code to a client socket connection:

Socket s = new Socket(host, port);

This code worked better but was much slower (due to waiting for connections on closed/inactive ports). It also was not 100% accurate. (I can understand this being a situation where a program has claimed a port but is not accepting connections on that port.)

I should note that I am using netstat output as my comparison base. For example, on Linux:

# netstat --protocol=inet -aln

Similar on the others:

# netstat -f inet -an

I would love to use Java's native networking to solve this problem because it should work across all target platforms. But I have not found a solution that works 100% across all the platforms.

So, my questions. Has someone experienced this before and found a methodology that works across multiple platforms? And if so, would you please point me in its direction?

Thank you.

john

Update 05/05/2015

Found some additional information (thanks to a coworker who uncovered a lot of this).

1) All of the systems I am running on (except for the RHEL 6 system) have dual stacks (IPv4 and IPv6). The JVM networking property that controls this is the java.net.preferIPv4Stack property. An explanation can be found in the Oracle documentation found here.

2) There can also be some interaction involved with the SO_REUSEADDR and SO_REUSEPORT socket options. There is a good StackOverflow thread on it here.

3) Finally, there was a bug in the JDK that has been resolved. The bug only mentions Windows 7 and 2008. I am including it here for reference in case someone stumbles across this thread. Link is here.

j

Community
  • 1
  • 1
luvunix
  • 27
  • 3
  • `new SocketServer(port, 0, host)` What value are you using for `host` in these calls? – Kenster Apr 28 '15 at 19:27
  • Pure speculation: you can evaluate techniques used by port scanners (such as netmap) using some Java interface to 'raw sockets' (I've just googled up 'rocksaw java'). – Victor Sorokin Apr 28 '15 at 19:50
  • Spring comes with a class that has methods to find available sockets: https://github.com/spring-projects/spring-framework/blob/master/spring-core/src/main/java/org/springframework/util/SocketUtils.java – Mark Apr 28 '15 at 21:35
  • What is `SocketServer`? – user207421 Apr 28 '15 at 22:44
  • In response to @Kenster, the code mentioned runs within a loop that tests every interface address on the server (including localhost). – luvunix Apr 29 '15 at 00:22
  • I also experimented with various values of the backlog argument (0 in my example). Regarding RockSaw and Spring I am pretty much limited to what is included with Java. I have to go through a pretty extensive internal process at work to use additional products (including libraries, unfortunately), and more often than not the answer is "no". – luvunix Apr 29 '15 at 00:28

0 Answers0