Ping sweep and threads

Ruby
1

Dear Sir(s),

I’m looking for a quick to scan the local network (/24). I choose to use
‘net-ping’ gem, since I’m working under Ruby 1.9 and ‘ping’ is not
available by default.
I use the ‘external’ ping because it’s way faster but still very slow.
It takes like 2 minutes to ‘ping’ 254 addresses with a 2 hosts ‘up’. So
I decided to make it a bit faster by using threads. Since I have no
prior experience with Threads, I’ve read a couple of articles about ruby
threads and here is the code that I came up with:

require ‘net/ping’

network = ‘192.168.1.’
list = []
host_up = []
host_down = []
x = 1
while x < 255
ip = network + x.to_s
list.push(ip)
x += 1
end
list.each { |x|
t = Thread.new {
pt = Net::Ping::External.new(x)
if pt.ping
host_up.push(x)
else
host_down.push(x)
end
}
}

puts host_up

First thing, do I use Threads the right way?

Second, Trying to find out whats going on from ‘lsof -i’, I counted 155
simultaneous connections but not more. It should be 254 in theory?

Third, do you think that is there any faster way in scanning weather a
host is up or not? I understand that this is a more general question,
but tools like ‘ettercap’ scan a /24 network in less than 10 seconds on
the same machine same network, which makes me thing that I’m doing
something wrong. I’m not experienced programmer, neither experienced
with computer networks at that level, like Alor and Naga (author’s of
ettercap) but then again, why the difference is so big? :-/

Thanks for your time.

Panagiotis A.

Pharmacy Student at VFU, Brno
mailing lists: [email protected]

personal mail: [email protected]
personal info: http://about.me/atmosx

The wise man said: “Never argue with an idiot, he brings you down to his
level and beat you with experience.”

2

On Tue, Sep 27, 2011 at 2:11 PM, Panagiotis A.
[email protected] wrote:

x = 1
else
host_down.push(x)

You need to properly synchronize since host_up and host_down are
shared between threads. But in your case you can get rid of them
completely and just output x if pt.ping returns true.

end
}
}

puts host_up

First thing, do I use Threads the right way?

You should at least wait for all threads to finish (i.e. by joining).

threads = list.map { |x|
Thread.new {

}
}

threads.each {|th| th.join}

Second, Trying to find out whats going on from ‘lsof -i’, I counted 155
simultaneous connections but not more. It should be 254 in theory?

Maybe some ulimit getting in the way. Try

$ ulimit -a

You should probably also do this at the top to see errors:

Thread.abort_on_exception = true

Third, do you think that is there any faster way in scanning weather a host is
up or not? I understand that this is a more general question, but tools like
‘ettercap’ scan a /24 network in less than 10 seconds on the same machine same
network, which makes me thing that I’m doing something wrong. I’m not experienced
programmer, neither experienced with computer networks at that level, like Alor
and Naga (author’s of ettercap) but then again, why the difference is so big? :-/

Threads should be OK. What Ruby version are you using?

Kind regards

robert

3

Hello,

thanks for the reply,

Here are my specs:

GreyJewel:~ atma$ ulimit -a|grep proc
max user processes (-u) 709
GreyJewel:~ atma$ ruby --version
ruby 1.9.2p290 (2011-07-09 revision 32553) [x86_64-darwin11]

I will do some tests later on and let you know if I have some further
questions. Thanks for the hints on threads.