Jan. 25, 2011, 6:49 a.m.
posted by newmy
IpEye is a command-line port scanner for Windows 2000 and XP that does some of the same TCP stealth scans as nmap, including SYN, FIN, Xmas tree, and null scans. The tool is small, lightweight, free, and available for download from http://ntsecurity.nu/tool-box/ipeye/. It works on Windows 2000 and XP, but users with Windows XP Service Pack 2 may run into problems.
IpEye's options are similar to those of the other port scanners we've covered. You can spread out the timing of your scans. It can also spoof packets with the –sip and –sp options. Keep in mind that spoofed packets will not be returned to your host, so you're not likely to be able to observe the results unless you can sniff their destination.
To show how it compares to other port scanners we've covered, we'll run a scan similar to the one we've been running throughout the chapter: a SYN scan against 10.0.1.2 on ports 20 through 25. The execution and output of the command is illustrated here:
C:\>ipeye 10.0.1.2 -syn -p 20 25 ipEye 1.2-(c) 2000-2001, Arne Vidstrom ([email protected]) - http://ntsecurity.nu/toolbox/ipeye/ 1-19 [not scanned] 20-21 [closed or reject] 22 [open] 23-25 [closed or reject] 26-65535 [not scanned]
IpEye gives us a summary of its activity. It finds port 22 and reports the others as closed (or rejected by a security policy). It doesn't include fancy output options associated with nmap, but IpEye gets the stealth job done. A SYN scan will not appear in logs managed by TCP wrappers or many other services. For added stealth against IDSs, the –d flag lets the user set the delay between port probes. The default is 750 milliseconds.