Community discussions

 
jo2jo
Forum Veteran
Forum Veteran
Topic Author
Posts: 956
Joined: Fri May 26, 2006 1:25 am

Please add basic portScan tool ( port scanner scan )

Sun Mar 18, 2018 5:57 pm

Hi, I’ve been using routerOS since v 2.x (and LOVE IT), and have hundreds of mt s deployed, a feature I’m constantly in need of is even a bare-bones/basic built in port scanner:
/tool portscan (or /tool portScanner)

It doesn’t have to be powerful or advanced like nmap, nor fast, just a tool that can help admins identify/recall private IPs or other internal network uses ( ie, which ip is running the Web server on this office network? Or which ip is running the SQL Server on this network?) - this could be very helpful versus having to keep a Linux VM attached to a VPN, strictly for port scanning my internal networks when I can’t remember the private IP of a customers VNC server , and when I need to remote-in support their PC) - or which private subnet, DHCP-server provided ip (192.168..) is running XYZ service, so I can quickly set up this Dst-nat rule for them)

I’m not sure how tools like a built-in SMB server (or built in tftp/ftp server) made it into routerOS before a useful, network-centric tool like portscan ( but I’m happy to have both/all three).

Please strongly consider adding a basic (even if only TCP only, 1 port per second limit, if needed) port scan tool to ROS 7 ROS 6.X.

Thanks
Last edited by jo2jo on Fri Jul 06, 2018 5:07 pm, edited 3 times in total.
:beep :beep :beep
 
User avatar
honzam
Forum Guru
Forum Guru
Posts: 2272
Joined: Wed Feb 27, 2008 10:27 pm
Location: Czech Republic

Re: Please add basic portScan tool

Sun Mar 18, 2018 7:42 pm

+ 1
LAN, FTTx, Wireless. ISP operator
 
MayestroPW
newbie
Posts: 47
Joined: Wed Oct 26, 2016 3:28 pm

Re: Please add basic portScan tool

Mon Mar 19, 2018 3:56 am

+ 1
 
emikrotik
Frequent Visitor
Frequent Visitor
Posts: 71
Joined: Fri Jun 19, 2015 9:30 am

Re: Please add basic portScan tool

Mon Mar 26, 2018 3:59 am

+ 1
 
User avatar
Steveocee
Forum Guru
Forum Guru
Posts: 1034
Joined: Tue Jul 21, 2015 10:09 pm
Location: UK
Contact:

Re: Please add basic portScan tool

Wed Mar 28, 2018 12:47 pm

+1 to this as well.
Steve "Steveocee" Carter
PC Gamer, Airsofter, MikroTik Nerd
My Website - My MikroTik Tutorials
 
User avatar
soulflyhigh
Member Candidate
Member Candidate
Posts: 171
Joined: Wed Sep 08, 2010 11:20 am

Re: Please add basic portScan tool

Wed Mar 28, 2018 1:13 pm

Yes, please.
+1
MTCRE, MTCTCE
 
User avatar
jspool
Member
Member
Posts: 386
Joined: Sun Oct 04, 2009 4:06 am
Location: Oregon

Re: Please add basic portScan tool

Wed Mar 28, 2018 7:19 pm

+1 Please
 
boxpik
just joined
Posts: 7
Joined: Fri Jul 29, 2016 1:28 am

Re: Please add basic portScan tool

Wed Mar 28, 2018 10:36 pm

+1 for such a useful tool
 
poizzon
Member Candidate
Member Candidate
Posts: 112
Joined: Fri Jun 21, 2013 12:53 pm

Re: Please add basic portScan tool

Sun Apr 01, 2018 5:22 pm

Will TheDude not save the situation?
--
poi
 
jo2jo
Forum Veteran
Forum Veteran
Topic Author
Posts: 956
Joined: Fri May 26, 2006 1:25 am

Re: Please add basic portScan tool

Mon Apr 02, 2018 1:24 am

Will TheDude not save the situation?
Not sure how theDude is relevant to this ( or thedude is just as relevant/irrelevant as manually running nmap outside ros ) , we are looking for a port scan utility to be added to routerOS, this way it is accessible directly from/on our various routerboards/rOSdevices directly.
Tks
:beep :beep :beep
 
User avatar
vipe
Member Candidate
Member Candidate
Posts: 166
Joined: Thu Sep 14, 2006 10:05 pm

Re: Please add basic portScan tool

Tue May 01, 2018 6:51 pm

+1 xpon
 
Cal5582
just joined
Posts: 14
Joined: Wed Feb 28, 2018 5:04 pm

Re: Please add basic portScan tool

Tue May 01, 2018 7:44 pm

+1 on this
 
thobias
just joined
Posts: 22
Joined: Thu Nov 30, 2017 8:45 pm

Re: Please add basic portScan tool

Wed May 02, 2018 10:05 am

Yes, this would be great to be able to identify what is a printer or a web server in a network.
Combined with a MAC-address vendor list (in winbox) to show the manufacturer of all devices.
 
jo2jo
Forum Veteran
Forum Veteran
Topic Author
Posts: 956
Joined: Fri May 26, 2006 1:25 am

Re: Please add basic portScan tool ( port scanner scan )

Fri Jul 06, 2018 5:01 pm

while i know it is wrong to " bump" your own thread, but on a weekly basis ( weekly is a bare minimum, sometimes daily basis) i need a portscan tool on ros. Its ridiculous having to look up mac-address OIDs and/or use /sys telnet port=x as a rough port scan tool to ID devices.
Often when i come into a new , existing network to begin managing (or clean up / improve) there will be a managed switch somewhere on the network (but the prior admin either has not ID'd / noted it or it has grabbed a dhcp IP like the 100s of other random client devices , wo a readable dhcp client id. Ofcourse a ros built-in portscan tool would help in this scenario tremendously ( even slowed/restricted ps tool). But incase it helps others, here is a rough work around i use. ( you will need to change the mac addresses to which ever vendor's device you are trying to locate, i usually grab the OIDs from a website like "Wireshark · OUI Lookup Tool" (google search) and type into that site the vendor (netgear / ruckus in this case). then use linux cli tools, or an app like notepad +++ (w regex find/replace) to modify this command to paste in the list of macs.

(also note, you may need to search /ip arp if you are not using ros bridges, or this may not work at all depending upon your network layout):

(ex. to find IP of a netgear managed switch)
/int bridge host print where mac-address~"00:09:5B" || mac-address~"00:0F:B5" || mac-address~"00:14:6C" || mac-address~"00:18:4D" || mac-address~"00:1B:2F" || mac-address~"00:1E:2A" || mac-address~"00:1F:33" || mac-address~"00:22:3F" || mac-address~"00:24:B2" || mac-address~"00:26:F2" || mac-address~"00:8E:F2" || mac-address~"04:A1:51" || mac-address~"08:02:8E" || mac-address~"08:BD:43" || mac-address~"10:0D:7F" || mac-address~"10:DA:43" || mac-address~"20:0C:C8" || mac-address~"20:4E:7F" || mac-address~"20:E5:2A" || mac-address~"28:C6:8E" || mac-address~"2C:30:33" || mac-address~"2C:B0:5D" || mac-address~"30:46:9A" || mac-address~"40:5D:82" || mac-address~"44:94:FC" || mac-address~"4C:60:DE" || mac-address~"50:4A:6E" || mac-address~"50:6A:03" || mac-address~"6C:B0:CE" || mac-address~"74:44:01" || mac-address~"78:D2:94" || mac-address~"80:37:73" || mac-address~"84:1B:5E" || mac-address~"8C:3B:AD" || mac-address~"9C:3D:CF" || mac-address~"9C:D3:6D" || mac-address~"A0:04:60" || mac-address~"A0:21:B7" || mac-address~"A0:40:A0" || mac-address~"A0:63:91" || mac-address~"A4:2B:8C" || mac-address~"B0:39:56" || mac-address~"B0:7F:B9" || mac-address~"B0:B9:8A" || mac-address~"C0:3F:0E" || mac-address~"C0:FF:D4" || mac-address~"C4:04:15" || mac-address~"C4:3D:C7" || mac-address~"CC:40:D0" || mac-address~"DC:EF:09" || mac-address~"E0:46:9A" || mac-address~"E0:91:F5" || mac-address~"E4:F4:C6" || mac-address~"E8:FC:AF" || mac-address~"F8:73:94"


(find IPs of ruckus APs - i use /ip arp here just to show 2nd command option, /int bridge host print where , may work better depending upon your network layout ) :
/ip arp print where mac-address~"00:13:92" || mac-address~"00:1D:2E" || mac-address~"00:1F:41" || mac-address~"00:22:7F" || mac-address~"00:24:82" || mac-address~"00:25:C4" || mac-address~"04:4F:AA" || mac-address~"0C:F4:D5" || mac-address~"1C:B9:C4" || mac-address~"24:79:2A" || mac-address~"24:C9:A1" || mac-address~"2C:5D:93" || mac-address~"2C:C5:D3" || mac-address~"2C:E6:CC" || mac-address~"30:87:D9" || mac-address~"34:8F:27" || mac-address~"34:FA:9F" || mac-address~"38:FF:36" || mac-address~"44:1E:98" || mac-address~"50:A7:33" || mac-address~"54:3D:37" || mac-address~"58:93:96" || mac-address~"58:B6:33" || mac-address~"60:D0:2C" || mac-address~"68:92:34" || mac-address~"6C:AA:B3" || mac-address~"74:3E:2B" || mac-address~"74:91:1A" || mac-address~"84:18:3A" || mac-address~"8C:0C:90" || mac-address~"90:3A:72" || mac-address~"94:F6:65" || mac-address~"AC:67:06" || mac-address~"C0:8A:DE" || mac-address~"C0:C5:20" || mac-address~"C4:01:7C" || mac-address~"C4:10:8A" || mac-address~"D4:68:4D" || mac-address~"D4:C1:9E" || mac-address~"D8:38:FC" || mac-address~"E0:10:7F" || mac-address~"E8:1D:A8" || mac-address~"EC:58:EA" || mac-address~"EC:8C:A2" || mac-address~"F0:3E:90" || mac-address~"F0:B0:52" || mac-address~"F8:E7:1E"
(also it may help to run an /tool ip-scan of your entire subnet, before running these commands, if device you are trying to find has not pushed any traffic for awhile, and thus is not in the arp/hosts tables)
:beep :beep :beep
 
DotTest37
newbie
Posts: 49
Joined: Sun Oct 06, 2013 10:01 pm

Re: Please add basic portScan tool ( port scanner scan )

Thu Sep 06, 2018 3:52 am

+1 from me
 
dagelf
just joined
Posts: 7
Joined: Thu Dec 24, 2015 5:25 pm

Re: Please add basic portScan tool ( port scanner scan )

Thu Nov 01, 2018 10:19 pm

Until then, here you go: (This conforms to your "it doesn't have to be advanced" request :-)
:for p from=1 to=65535 do={put $p;/sys telnet 192.168.1.1 port=$p}
 
User avatar
vecernik87
Long time Member
Long time Member
Posts: 640
Joined: Fri Nov 10, 2017 8:19 am

Re: Please add basic portScan tool ( port scanner scan )

Thu Nov 01, 2018 10:39 pm

@dagelf
Originally I thought you just came with miracle, but it does not really work. Firstly, it would take huge amount of time as it does not work in parallel and you have to interrupt each connection which gets established, secondly, it actually crashed my winbox and produced autosupout.rif ... Not really sure what happened in there and i was unable to replicate it.
 
mitzone
just joined
Posts: 15
Joined: Mon Jan 02, 2012 1:17 pm

Re: Please add basic portScan tool ( port scanner scan )

Mon Nov 26, 2018 12:47 pm

+1 .
 
kc7aad
just joined
Posts: 2
Joined: Fri Jun 15, 2007 9:33 pm

Re: Please add basic portScan tool ( port scanner scan )

Tue Feb 12, 2019 5:03 pm

+1 +1 +1 +1 +1 +1!!
 
vitich
just joined
Posts: 2
Joined: Thu Jan 10, 2019 11:31 am

Re: Please add basic portScan tool ( port scanner scan )

Sun Feb 17, 2019 9:09 pm

+1 pls!
 
User avatar
Kamaz
newbie
Posts: 26
Joined: Sun Apr 30, 2017 9:35 am

Re: Please add basic portScan tool ( port scanner scan )

Mon Feb 18, 2019 9:36 am

+++1
 
jo2jo
Forum Veteran
Forum Veteran
Topic Author
Posts: 956
Joined: Fri May 26, 2006 1:25 am

Re: Please add basic portScan tool ( port scanner scan )

Sat Mar 02, 2019 3:35 am

@dagelf
Originally I thought you just came with miracle, but it does not really work. Firstly, it would take huge amount of time as it does not work in parallel and you have to interrupt each connection which gets established, secondly, it actually crashed my winbox and produced autosupout.rif ... Not really sure what happened in there and i was unable to replicate it.
(note; quote above is refering to a reply above, where a cleaver user suggests a script with a loop across all ports using /telnet port=i )

I could see this causing problems, as telnet in winbox def. was not made to work like this. (however we often use telnet on the cli as a rough, poor mans tool for a single port, port scan).

i would say the script/loop using telnet across all ports should not be used, as i have often seen some issues with telnet in winbox. (ie i often see a RB will show 100% cpu usage, only to find that profile shows either mgmt or telnet as the 100% reason. The cause/fix is that a disconnected telnet window was left open in winbox, once you close that telnet window, the cpu immediately goes back down). (i have seen this on RBs of all types and cpu power). not a big deal, but possibly the source of your RB crash/supout when running that 1 to 65555 telnet loop.

+1 - please add port scan to ros / winbox! thanks!
:beep :beep :beep
 
vili11
just joined
Posts: 1
Joined: Thu Mar 28, 2019 7:41 pm

Re: Please add basic portScan tool ( port scanner scan )

Thu Mar 28, 2019 7:42 pm

+1000
 
excession
just joined
Posts: 24
Joined: Mon May 11, 2015 8:16 pm

Re: Please add basic portScan tool ( port scanner scan )

Tue Apr 16, 2019 5:02 pm

yep + another 1
 
jo2jo
Forum Veteran
Forum Veteran
Topic Author
Posts: 956
Joined: Fri May 26, 2006 1:25 am

Re: Please add basic portScan tool ( port scanner scan )

Fri May 10, 2019 1:13 am

+1 (for own post), 2x times this week different customers needed us to find a cctv DVR on their system (which is behind our mikrotik). would have been so quick via port scan x/24 for port 80 via a ROS ps tool . but instead had to setup a MT + a VPN setup on both sides and a laptop with nmap (about 20-30min, each time).

MT- we REALLY need even a single port at a time, port scanner. pls! (i say single port at a time, as there was a menton of abuse of a portscan tool, while i disagree with this concern, even a single port at a time would address that concern, and still be very useful)

thanks!
:beep :beep :beep
 
EvgeniyV
just joined
Posts: 4
Joined: Sun Oct 28, 2018 5:49 pm

Re: Please add basic portScan tool ( port scanner scan )

Sun May 19, 2019 10:52 pm

+1 it would be very useful
 
User avatar
vecernik87
Long time Member
Long time Member
Posts: 640
Joined: Fri Nov 10, 2017 8:19 am

Re: Please add basic portScan tool ( port scanner scan )

Mon May 20, 2019 6:36 am

... 2x times this week different customers needed us to find a cctv DVR on their system (which is behind our mikrotik). would have been so quick via port scan x/24 for port 80 via a ROS ps tool . but instead had to setup a MT + a VPN setup on both sides and a laptop with nmap (about 20-30min, each time). ...
You could just make scan in TheDude and have results in no time. If you do this more than once per year, it is definitely worth it.
 
jo2jo
Forum Veteran
Forum Veteran
Topic Author
Posts: 956
Joined: Fri May 26, 2006 1:25 am

Re: Please add basic portScan tool ( port scanner scan )

Tue May 21, 2019 7:32 am

You could just make scan in TheDude and have results in no time. If you do this more than once per year, it is definitely worth it.
That is interesting idea, but when we often need to do this, its on random customers/routers , so using dude as a "port scan" tool, would take a fair amount of setup (and a router reboot/downtime - ie install dude pkg + configure it) just to do a portscan, one time.

tks
:beep :beep :beep
 
gotsprings
Forum Veteran
Forum Veteran
Posts: 735
Joined: Mon May 14, 2012 9:30 pm

Re: Please add basic portScan tool ( port scanner scan )

Thu Jul 11, 2019 1:46 pm

Bump.

This sounds like what I am trying to do.

I want to know if a device service is still running. Like checking a printer if 9100 is responding.

In my case I have a device that responds to pings.
Webserver works.
But a service on 51510 stops responding as confirmed by Digital Loggers autoping against a TCP Port or Domotz Eyes.
"It ain't what you don't know that gets you into trouble. It's what you know for sure that just ain't so."
Mark Twain
 
User avatar
ziegenberg
Frequent Visitor
Frequent Visitor
Posts: 50
Joined: Thu Mar 07, 2013 11:14 am
Location: Vienna
Contact:

Re: Please add basic portScan tool ( port scanner scan )

Thu Jul 11, 2019 10:01 pm

Hi!
I want to know if a device service is still running. Like checking a printer if 9100 is responding.

In my case I have a device that responds to pings.
Webserver works.
But a service on 51510 stops responding as confirmed by Digital Loggers autoping against a TCP Port or Domotz Eyes.
If you know the port, use
/system telnet host port
.
 
User avatar
ziegenberg
Frequent Visitor
Frequent Visitor
Posts: 50
Joined: Thu Mar 07, 2013 11:14 am
Location: Vienna
Contact:

Re: Please add basic portScan tool ( port scanner scan )

Thu Jul 11, 2019 10:10 pm

Hi!
while i know it is wrong to " bump" your own thread, but on a weekly basis (weekly is a bare minimum, sometimes daily basis) i need a portscan tool on ROs. It's ridiculous having to look up mac-address OIDs and/or use /sys telnet port=x as a rough port scan tool to ID devices.
... </snip>
For mac vendor look-up have a look at the scripts of eworm. He has a function called GetMacVendor in his global-functions file. I guess, you need to go through the setup of his scripts for it to work, but the are really great anyway: https://gitlab.com/eworm-de/routeros-scripts
Maybe you can come up with some new scripts for your port and network scanning. Use his repository of scripts as a source of inspiration.

Who is online

Users browsing this forum: Bing [Bot] and 14 guests