#!/usr/bin/env python
'''
Script to check open ports
Creation date: 19/01/2017
Date last updated: 19/03/2017
*
* License: GPL
* Copyright (c) 2017 DI-FCUL
*
* Description:
*
* This file contains the check_open_port plugin
*
* Use the nrpe program to check request on remote server.
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* You should have received a copy of the GNU General Public License
* along with this program. If not, see .
'''
# import modules
import socket
import subprocess
import sys
from optparse import OptionParser
__author__ = "\nAuthor: Raimundo Henrique da Silva Chipongue\nE-mail: fc48807@alunos.fc.ul.pt, chipongue1@gmail.com\nInstitution: Faculty of Science of the University of Lisbon\n"
__version__= "1.0.0"
# define exit codes
ExitOK = 0
ExitWarning = 1
ExitCritical = 2
ExitUnknown = 3
def scan(opts):
listfound = []
try:
for port in range(1,7000):
sock = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
result = sock.connect_ex((opts.host, port))
if result == 0:
listfound.extend([int(i) for i in ("{}".format(port)).split(" ")])
return listfound
except:
print("Error, unable to scan")
sys.exit(ExitUnknown)
def getopenport(opts):
try:
authorized_ports = [int(i) for i in opts.port.split(",")]
authorized_ports = sorted(authorized_ports)
except:
print("Error, check list of authorized ports, i.e.: -p 500,21,23,80,3333")
sys.exit(ExitUnknown)
all_open_ports = scan(opts)
unauthorized_ports = sorted((list(set(all_open_ports) - (set(authorized_ports)))))
num_anauth_open_ports = len(unauthorized_ports)
if num_anauth_open_ports == 0:
print("Not found any anauthorized port open.")
sys.exit(ExitOK)
else:
unauthorized_ports = ", ".join(str(x) for x in unauthorized_ports)
print("Were found the following %s unauthorized open ports: %s!" %(num_anauth_open_ports, unauthorized_ports))
sys.exit(ExitCritical)
def main():
parser = OptionParser("usage: %prog -H and -p , that have been authorized to are open, e.i. <-p 500,21,23,80,3333>")
parser.add_option("-H","--hostaddress", dest="host", help="Specify the IP address you want to check")
parser.add_option("-p","--port", dest="port", default="0", help="Specify the ports or list of allowed ports to be open, i.e.: <-p 500,21,23,80,3333>")
parser.add_option("-V","--version", action="store_true", dest="version", help="This option show the current version number of the program and exit")
parser.add_option("-A","--author", action="store_true", dest="author", help="This option show author information and exit")
(opts, args) = parser.parse_args()
if opts.author:
print(__author__)
sys.exit()
if opts.version:
print("check_open_port.py %s"%__version__)
sys.exit()
if opts.host and opts.port:
try:
ServerIP = socket.gethostbyname(opts.host)
except:
parser.error("Incorrect IP Address.")
getopenport(opts)
else:
parser.error(" This program requires at least one argument.")
if __name__ == '__main__':
main()