Hi.

For scripting purposes (using autoit, to check the host up/ down and
port open/closed status for TCP ports, 3389 e.g.) I’m looking for a
command line tool, similar to nmap, but it should offer the following
options:

• Exit Code represents the scan result,
  e.g. Exit code 0=up and port is open, 1=up + closed, 3=host down

• full functionality in ONE SINGLE EXE file (nmap needs a bunch of
  files and pcap)

the 2nd one is the more important one, if I can pipe the output to a
file and analyse that one later (like possible for NMAP) it’s fine.

The reason is, that all tools using the Win Net APIs seem to always
wait, until a timeout occurres after several seconds, no matter, what’s
the timeout setting of that tool was set, e.g. 50ms.

Any suggestions appreciated, regards, Rudi.

Hi
Portqry.exe command-line
utility: http://support.microsoft.com/default.aspx?scid=kb;en-us;310099
Version 2.0 is the current version by the looks…
http://www.softpedia.com/get/Network-Tools/Network-IP-Scanner/PortQry-Command-Line-Port-Scanner.shtml

–
Cheers Malcolm °¿° (Linux Counter #276890)
openSUSE 12.2 (x86_64) Kernel 3.4.11-2.16-desktop
up 3 days 13:28, 7 users, load average: 0.11, 0.09, 0.07
CPU Intel i5 CPU M520@2.40GHz | Intel Arrandale GPU

Why not just use AutoIt for everything?

The TCPConnect and PING should tell you if the port device is up.
For Up Status, you likely will want to use PING connect to other known
unblocked ports.

On 11/27/2012 5:58 AM, Rudolf Thilo wrote:[color=blue]

Hi.

For scripting purposes (using autoit, to check the host up/ down and
port open/closed status for TCP ports, 3389 e.g.) I’m looking for a
command line tool, similar to nmap, but it should offer the following
options:

• Exit Code represents the scan result,
  e.g. Exit code 0=up and port is open, 1=up + closed, 3=host down

• full functionality in ONE SINGLE EXE file (nmap needs a bunch of
  files and pcap)

the 2nd one is the more important one, if I can pipe the output to a
file and analyse that one later (like possible for NMAP) it’s fine.

The reason is, that all tools using the Win Net APIs seem to always
wait, until a timeout occurres after several seconds, no matter, what’s
the timeout setting of that tool was set, e.g. 50ms.

Any suggestions appreciated, regards, Rudi.
[/color]

–
Craig Wilson - MCNE, MCSE, CCNA
Novell Knowledge Partner

Novell does not officially monitor these forums.

Suggestions/Opinions/Statements made by me are solely my own.
These thoughts may not be shared by either Novell or any rational human.

Hi.
[color=blue]

Why not just use AutoIt for everything?[/color]

As I wrote, the tcptimeout() function doesn’t help. It takes seconds
(per device) to get a “down”. As long as everything is up, no issue,
but as soon as one, or worse, several devices / ports are down, the
script will render to be “un-usable”.

same thing is fact for Microsoft’s PortQry.exe. So I suspect, that this
is a constraint of the Windows Network APIs.

Regards, Rudi.

Hi.
[color=blue]

Portqry.exe command-line[/color]

same behaviour as the autoit buildin functions: when the port is closed
/ host is down, it takes several seconds, until the result is returned.

Thanks for your answer, regards, Rudi.

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Out of curiosity, why does the NMAP option (with multiple files on
there) NOT work? I know you said it doesn’t, but that seems like a
pretty arbitrary requirement and I’m sure there’s something more
substantial than “just 'cuz” behind that, so perhaps mentioning it would
help find other alternatives.

Worst case nmap and pcap are both OSS… compile them as one big static
binary.

Good luck.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.19 (GNU/Linux)
Comment: Using GnuPG with undefined - http://www.enigmail.net/

iQIcBAEBAgAGBQJQtMnaAAoJEF+XTK08PnB5v30P/RcU0Wni18n6sJsxdZKS0hyS
VbzgZUY8s8qURyKmB+WeXKL1urW1Pw2auwiEWK1TpPT/rtVgaLXxeecu2xexLJrX
RSrKmlvb4UzLSVlGciI+m9pTKrwhE509OhgfqRCwmtAAdgY/QXDIq22B1qhoOrgZ
eoARKffhLAWD6E1h1yu+fmbU++XxvjlFOYdOl1gZk44hQdyFlehOoXY4flkOgBKO
K8u17muC0AJcwsWC9k5cpTulWmMB6bI0gsmyaXDo+Me3fY6RVeCpC/XTQKHnYLX7
l1moVsrSrM+ziR9KNeDSvOKm29VNYx1+s3C84CPddH2RgzNvvzDblyzyJOlZPJZd
wb1LOZK/nVAUfZPBUioK5Y3RechaPydtwPPKFwA85nbe50+o0bAiOXVmOj/PD7OC
DIasPBSLe/f7PsnIqCNYM8EWsKwwuUQ2sbF0DopRC3VJLSOhTofZxc8bCPzmmwVK
P+XLqqeLjPpCUaNK4oq8bagDu+Vfum7XtWDRz4TfyeVTvhQASpH+Rkav8PXGjvWI
CJP83312AqiIxGC9yBBsLy2ZD2Gx7NvH0NivUWQ5zW6thZLGfiAMoa4GHfcEF5kh
38yX0bbM9PKCXUtrgBF1mFNWD5KAuV+MJvAXu1LH8b5fCSp6TAfPgltbt2lqAwUC
xhQaCm/TSAIRo50WINBs
=johZ
-----END PGP SIGNATURE-----

While AutoIt is not really Multi-Threaded you could achieve that.

Create One AutoIt app that does all the testing and has the “Timeout”
issue and pipes its own results to a file or set of files.

Create a 2nd App that Calls the 1st App and tells it which IP(s) to scan
using the Run feature so as to not wait, but then loops and creates “n”
instances of the 1st app.

The 2nd app will also monitor the total number of copies of the 1st app
are running so that only X number are running since I suspect you do not
want hundreds but perhaps even 10 or 20 would do.

Not Elegant but would likely work.

On 11/27/2012 8:42 AM, Rudolf Thilo wrote:[color=blue]

Hi.
[color=green]

Why not just use AutoIt for everything?[/color]

As I wrote, the tcptimeout() function doesn’t help. It takes seconds
(per device) to get a “down”. As long as everything is up, no issue,
but as soon as one, or worse, several devices / ports are down, the
script will render to be “un-usable”.

same thing is fact for Microsoft’s PortQry.exe. So I suspect, that this
is a constraint of the Windows Network APIs.

Regards, Rudi.
[/color]

–
Craig Wilson - MCNE, MCSE, CCNA
Novell Knowledge Partner

Novell does not officially monitor these forums.

Suggestions/Opinions/Statements made by me are solely my own.
These thoughts may not be shared by either Novell or any rational human.

Hi ab.

thanks for your reply.
[color=blue]

Out of curiosity, why does the NMAP option (with multiple files on
there) NOT work?[/color]

OK, I’ll describe my approach more detailed:

Situation:

This is a company, that has ~20 retail outlet in several cities in
Germany, Austria, Swizerland.

Due to budget limitations a “real” load balancing solutions is not an
oportunity. (Citrix is on the list for years…)

So they work with several standard Terminal Servers (Win2008-R2-x64).
Currently the clients “outside” have an RDP definition file, that
arranges a “fix” combination “this PC” ↔ “TS1/2/…/n”. Login name for
the TS session = hostname of the client PC. Host names are 01,
02,…, 16

My idea:

a default mapping, according to the PC numbers:
set1: PC1, PC5, PC9, PC13 → TS1
set2: PC2, PC6, PC10, PC14 → TS2
and so on.

Then check, if TS for “my set” is up and 3389 is open: Then connect.
Otherwise try the next set, with a wrap from the last set to set1.

Autoit, as well as portqry.exe and other tools, I’ve tried all have the
issue, that in case the host is down / port is closed, it takes several
seconds, until (the Win Net API?) timeout occures. Some of the tools
(including Autoit: Opt(“TCPTimeout”,50)) allow to define a timeout in
ms, but it doesn’t seem to have any effect.

nmap would be fine, but it needs WinPcap, and several DLLs. I do not
want to install it on all the client PCs. Just using the Autoit
function “fileinstall(“C:\…
map.exe”,@tempdir & "
map.exe”,1)
doesn’t help, as nmap.exe is NOT a standalone EXE program. Beside
this, nmap doesn’t provide exit codes, that reflect the result of a
single host + single port query (that’s not the purpose, nmap was
written for)

My question:

Does anybody know a way to do a FAST check for host / port status,
that can be (ab)used for this purpose?

• FAST! Not like Autoit functions, WMI calls,
• single exe or or DLL that could be called
• no local installation (like nmap winpcap)
• nice to have: Exit code, reflecting status. outtext to be analyzed,
  like NMAP is doing, is acceptable.

I also tried to search a powershell solution, with no luck so far.
http://poshcode.org/2455 was promising, but here it returns for each
and every ip / port parameter pair “false”.

Regards, Rudi.

Hi.

Thanks for your reply.
[color=blue]

Create One AutoIt app that does all the testing and has the “Timeout”
issue and pipes its own results to a file or set of files.[/color]

[snip]
[color=blue]

The 2nd app will also monitor the total number of copies of the 1st
app are running so that only X number are running since I suspect you
do not want hundreds but perhaps even 10 or 20 would do.

Not Elegant but would likely work.[/color]

that’s quite close to the interim solution, I’m not happy with.

it’s just one app, calling itself with “IP:TCP:PORT” of the TS server
to be checked next. When called with a param1 matching that syntax, the
up/down open/close status is checked and written as an entry in an INI
file.

--------- INI -----------
[TS-status]
TS1=3389
TS2=up
TS3=down
TS4=not checked so far
…

But I dislike this approach.

regards, Rudi.

Hi
If it’s just one port the just use telnet to check…?

–
Cheers Malcolm °¿° (Linux Counter #276890)
openSUSE 12.2 (x86_64) Kernel 3.4.11-2.16-desktop
up 3 days 15:30, 7 users, load average: 0.08, 0.13, 0.10
CPU Intel i5 CPU M520@2.40GHz | Intel Arrandale GPU

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

[resend]

Wildly guessing:

1. telnet still has the timeout issue like everything else.

2. Recent versions of the inferior OS on which he is stuck doesn’t even
   have telnet. Of course, maybe he’s using XP which does have it, or
   vista (hahahaha) which might, but seven didn’t ship it and for that I
   must give the evil empire credit.

Good luck.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.19 (GNU/Linux)
Comment: Using GnuPG with undefined - http://www.enigmail.net/

iQIcBAEBAgAGBQJQtNz/AAoJEF+XTK08PnB5rb8P/Ar90Hz0tk+aVDRbo2q9O7Uy
T6FO7lmZwx1JiUBryydEC6ZZLUAuZqZlkFfrqH79gDzwkm5b3yuohWsugg1fqUKT
SEwR6aq9R8LJbaObGC33f/Nzas+aeVFtOrG+bwEbbIORw5s5+QpREK+pTl4UQkNM
F1gWNDeSeh+PQg4gc3RzKxOu4LVVndxHEqlEapZLk2OCZHJUYeM+xQyNL0ARD7je
q81qU28+H3JVxpCrjQKKp9JUGYBenNlZwVOQNcBWs1dRbNXmlStL8VurULJBRH2n
7pZRvn3F02NSVIKqHy/KGRIhz3R2+ovIft/xIW0PdobaZRgG5/nFWNvPpniiVtYb
O9y/G3kTqL0H8LuYmUmRPMOw/oPQ4hOGcUFIhQiwDl7R4LIRgvEpc0ql4LQrDKGX
VDeN9pb+8P0YJOdgstP3Nq6pYQDQwYa7RnQzEb+5GZ/sTrrOlH15KWO3+2Cp16GP
hSpxK976+1ua4lrwPpXDb6AB0p4UfdzlvqmRJPyHDS4pIp1WXAu3mfWZD079if0f
i97kO6PvLRQbgmn25vqNlYElmCqp5ahs5CxXPTeS3oLHdqfZ4BZY/ia+M9xcqEzh
7YnG7yduzi01moTnkGvapsMykdfBuT/yOILlqlcXfX8k75Z9q3nTnwWAWjD4w+sI
y2yEdH2QVvvmnbvrxg47
=SFBS
-----END PGP SIGNATURE-----

Hi
Java and just modify the script for the port in question?
http://www.coderanch.com/t/573479/sockets/java/check-open-ports-remote-computer
or VB?
http://bytes.com/topic/visual-basic/answers/736956-how-check-ports-status-remote-server-using-vb-script

@ab PS, telnet is still there… just not turned on

–
Cheers Malcolm °¿° (Linux Counter #276890)
openSUSE 12.2 (x86_64) Kernel 3.4.11-2.16-desktop
up 0:25, 3 users, load average: 0.01, 0.04, 0.09
CPU Intel i5 CPU M520@2.40GHz | Intel Arrandale GPU

Aaron,

On 27.11.2012 16:32, ab wrote:[color=blue]

2. Recent versions of the inferior OS on which he is stuck doesn’t even
   have telnet. Of course, maybe he’s using XP which does have it, or
   vista (hahahaha) which might, but seven didn’t ship it and for that I
   must give the evil empire credit.[/color]

Of course does Windows 7 ship with telnet, it’s merely not installed by
default.

CU,

Massimo Rosen
Novell Knowledge Partner
No emails please!
http://www.cfc-it.de

Hi,

I just took a fast look at your problem. Tehre was a aproach with
telnet. You can modify the timing sessions in the registry of the
machine.
Take a look here
http://technet.microsoft.com/en-us/library/cc771020(v=ws.10).aspx

Bye
n0m

Hi
[color=blue]

If it’s just one port the just use telnet to check…?[/color]

Hm, that would be the opposite approach. If the port is closed,
Telnet’s PID will die within one second. If it’s PID is still “alive”
after one second, the port is open, and the remaining job will simply
be to kill that PID.

I’ll give it a try,

thanks, Rudi.

Hi Massimo
[color=blue]

Of course does Windows 7 ship with telnet, it’s merely not installed
by default.[/color]

Both is unimportant: Telnet.exe is a standalone program, that can be
made available using Autoit’s “Fileinstall()” function.

But the disadvantage is the fact, that Telnet will ONLY die within a
second, when

1.) the host ist up
2.) the port in question is closed (RST)

Regards, Rudi.

Hi.

Thanks for your reply.

these values seem to admin the telnet SERVER, not client?

But the approach, to admin the timeout value might be a good one:
Propably the default time out of the Win Network APIs is adjustable
somehow. I’ll try to search in that direction.

Regards, Rudi.

Hi.

http://technet.microsoft.com/en-us/library/cc962453.aspx

looks like a good start, well, didn’t find a value that would do the
trick to reduce the general timout period.

http://technet.microsoft.com/en-us/library/cc938217.aspx is the “Reuse
closed connection delay”.

TcpMaxConnectRetransmissions and TcpInitialRTT might help, I’ll check
that.

Hm.

Regards, Rudi.

Hi
Not sure if you would want to deploy perl?

This works for sure (reduce the timeout to 1 second on line 54);
http://exchange.nagios.org/directory/Plugins/Network-Protocols/*-TCP-and-UDP-(Generic)/check_port-2Epl/details

–
Cheers Malcolm °¿° (Linux Counter #276890)
openSUSE 12.2 (x86_64) Kernel 3.4.11-2.16-desktop
up 3 days 0:15, 6 users, load average: 0.05, 0.09, 0.06
CPU Intel i5 CPU M520@2.40GHz | Intel Arrandale GPU

On 11/27/2012 4:58 AM, Rudolf Thilo wrote:[color=blue]

Hi.

For scripting purposes (using autoit, to check the host up/ down and
port open/closed status for TCP ports, 3389 e.g.) I’m looking for a
command line tool, similar to nmap, but it should offer the following
options:

• Exit Code represents the scan result,
  e.g. Exit code 0=up and port is open, 1=up + closed, 3=host down

• full functionality in ONE SINGLE EXE file (nmap needs a bunch of
  files and pcap)

the 2nd one is the more important one, if I can pipe the output to a
file and analyse that one later (like possible for NMAP) it’s fine.

The reason is, that all tools using the Win Net APIs seem to always
wait, until a timeout occurres after several seconds, no matter, what’s
the timeout setting of that tool was set, e.g. 50ms.[/color]

I have a utility to check if a port is open, but it waits for the
timeout that you’ve run into. I’ll see if I can re-do it as a
non-blocking socket - that should allow for user defined timneout.

H.