Jump to content

  • Log In with Google      Sign In   
  • Create Account

Interested in a FREE copy of HTML5 game maker Construct 2?

We'll be giving away three Personal Edition licences in next Tuesday's GDNet Direct email newsletter!

Sign up from the right-hand sidebar on our homepage and read Tuesday's newsletter for details!


We're also offering banner ads on our site from just $5! 1. Details HERE. 2. GDNet+ Subscriptions HERE. 3. Ad upload HERE.


Retrieving Port Banners? (C# .NET)


Old topic!
Guest, the last post of this topic is over 60 days old and at this point you may not reply in this topic. If you wish to continue this conversation start a new topic.

  • You cannot reply to this topic
5 replies to this topic

#1 coderWalker   Members   -  Reputation: 127

Like
0Likes
Like

Posted 11 April 2012 - 09:51 PM

How do I get a ports banner?

I have tried the WebResponse class (HTTP):
WebRequest wrq = WebRequest.Create("127.0.0.1:3306/");
WebResponse wrs = wrq.GetResponse();
I have also tried the TcpClient class:
TcpClient Client = new TcpClient();
Client.Connect("127.0.0.1", 3306);
NetworkStream ClientStream = Client.GetStream();

Do one of these classes contain the ports banner? Am I over looking it?

Just for clearification, what exactly are port banners?
It's a message that describes how the ports used, sent by the server to the client right?

Google really turns up nothing about this, so any help is greatly appreciated.

Thanks a ton!
CoderWalker
If this post was helpful please +1 or like it !

Webstrand

Sponsor:

#2 rip-off   Moderators   -  Reputation: 8515

Like
0Likes
Like

Posted 12 April 2012 - 03:06 AM

In some protocols, on a successful client connection the server will send some information immediately to the client. Mysql (the most common service running on port 3306) sends some text when first connected to. This often includes some kind of protocol identifier, protocol version number and occasionally a string identifying the server's implementation name and / or version number. This can be considered a "banner". As a counter example, HTTP does not do this - it requires the client to submit some data before a response is given.

Assuming you do not have a web server running on port 3306, then using a "WebRequest" probably will not work. It expects a HTTP capable server, and will fail if it is pointed at something else. If you have a service that has this "banner" property (i.e. opening a TCP connection results in data being returned), then a TCP client class should work. Have you tried reading data from the "ClientStream" variable?

Before spending time on the code, I'd recommend you ensure that you'll get a result by using the networking tools on your operating system of choice (e.g. telnet or netcat).

#3 hplus0603   Moderators   -  Reputation: 5514

Like
0Likes
Like

Posted 12 April 2012 - 10:51 AM

Port banners are separate from the actual communications.
Some protocols will send "banner text" when you connect to their ports, but those protocols are in the minority.
Another option is /etc/services on UNIX systems, which lists port numbers and the name of the service usually bound to that port.
Also, each protocol you may want to use is probably described in an RFC, so you can go look up the appropriate RFC to know what the protocol is.

If you're wondering about utilities that, for example, look at the open ports on a machine, and say "hey, port 80 is open, and this usually means a web server running HTTP" then the mapping from port to service is done in the utility, not by the networking system. There are a number of "port to protocol description" services on the internet, of various quality.
enum Bool { True, False, FileNotFound };

#4 coderWalker   Members   -  Reputation: 127

Like
0Likes
Like

Posted 14 April 2012 - 06:52 PM

In some protocols, on a successful client connection the server will send some information immediately to the client. Mysql (the most common service running on port 3306) sends some text when first connected to. This often includes some kind of protocol identifier, protocol version number and occasionally a string identifying the server's implementation name and / or version number. This can be considered a "banner". As a counter example, HTTP does not do this - it requires the client to submit some data before a response is given.

Assuming you do not have a web server running on port 3306, then using a "WebRequest" probably will not work. It expects a HTTP capable server, and will fail if it is pointed at something else. If you have a service that has this "banner" property (i.e. opening a TCP connection results in data being returned), then a TCP client class should work. Have you tried reading data from the "ClientStream" variable?

Before spending time on the code, I'd recommend you ensure that you'll get a result by using the networking tools on your operating system of choice (e.g. telnet or netcat).


Thanks for all this :)
I saw a page online of a program that does retrieve the banners like so:

Port 80:

HTTP/1.1 302 Found
Date: 7 Apr 2010 00:48:22 GMT
Server: Apache/2.2.21 (Win32) mod_ssl/2.2.21 OpenSSL/1.0.0e PHP/5.3.8 mod_perl/2.0.4 Perl/v5.10.1
X-Powered-By: PHP/5.3.8
Location: http:///xampp/
Content-Length: 109
Connection: close
Content-Type: text/html


Port 3306:

Host 'localhost' is not allowed to connect to this MySQL server


I checked the Clientstream and it has no information at all.
I wonder if I have to manually send something to the server, kinda like a ping but for Server Information?
If this post was helpful please +1 or like it !

Webstrand

#5 hplus0603   Moderators   -  Reputation: 5514

Like
0Likes
Like

Posted 14 April 2012 - 07:17 PM

I wonder if I have to manually send something to the server, kinda like a ping but for Server Information?


Each protocol is different.


enum Bool { True, False, FileNotFound };

#6 rip-off   Moderators   -  Reputation: 8515

Like
0Likes
Like

Posted 15 April 2012 - 05:35 AM

If you want to get a response from a HTTP server, you'll have to send a valid HTTP request. There is no way to determine in advance if the service on a particular port is actually a HTTP server. There are good heuristics, such as common port numbers (80, 8080, 443 for HTTPS), but there are no guarantees. If you want to reliably determine the type of service sitting on a port, you must be able to probe it using multiple protocols, and you must understand the protocol responses to see if they make sense.

Others who have written such software will do something like this.

Another important note is that not all services will respond, some will require valid authentication to be sent up front, others might be hidden with port-knocking routines.

What are you trying to do? To repeat, I'm not sure you know what you are trying to do, because I'm not convinced you understand how these services and protocols work.




Old topic!
Guest, the last post of this topic is over 60 days old and at this point you may not reply in this topic. If you wish to continue this conversation start a new topic.



PARTNERS