calin radoni's humble web presence

home

docs

toolbox

about

CHScanner

CHScanner's history
Short description
Features
Quick start
Documentation
Download
Third-Party contributions
Copyright and License
Disclaimer
F.A.Q

CHScanner's history

For version changes and a little history read THIS document.

Short description

CHScanner is a network scanner provided for FREE !

The main differences between CHScanner and other similar tools are:

CHScanner use an Operating System Mimic Tehnology;
CHScanner has a lot more scanning methods compared with many other scanners, starting from the Layer 2 of the OSI model. It does not only scans IPv4 addresses, it also uses ARP, IGMP, IPv6 and some higher level protocols like NetBIOS, SNMP and WMI;
It is very flexible, scanning being done based on user defined configuration files, and quite fast;
Besides the skinnable graphical interface, CHScanner can be used from command line to automate the scans;

Operating System Mimic Tehnology short description:
Basically, this means that the packets it sends emulates the comportament of various operating systems and/or their native tools (where is the case).
Currently it emulates the following :

Windows XP Professional SP2
Windows 2003 Server
Linux kernel 2.4 (Adamantix based)
Linux kernel 2.6 (Fedora Core based)
Solaris 8
OpenSolaris (Nevada 35)

There is also a "random" mode where the packets have the identification data random generated.
The Solaris 8 emulation may not be continued and emulation for OpenSolaris (Nevada 35) may be added.

It is designed to run under Microsoft Windows XP and higher operating systems but, until now, I have been tested the application only in Windows XP Professional Service Pack 2 and in Windows Vista.
CHScanner needs WinPcap ("The Windows Packet Capture Library"). It has been developed and tested with WinPcap version 3.1 but, it is upgraded to work with WinPcap version 4.0.2.

Features

Scanning types

IGMP

ARP Ping
ICMP Ping sweep
DNS - Find DNS names (for both IP and IPv6 addresses)
TCP Syn
TCP Fin
TCP Null
TCP Xmas
TCP Ack
UDP Send
IpProtocols - Find what IP protocols a host is running
NetBIOS - Find NetBIOS informations
Wake On LAN
SNMP - Get basic SNMP informations
Find DHCP Servers from your local network
Find Promiscuous Nodes
IPv4 "Ping Broadcast"

Neighbor Discovery
IPv6 "Ping Broadcast"
IPv6 Multicast Listener Discovery
IPv6 ICMP Ping Sweep
IPv6 TCP SYN
IPv6 TCP FIN
IPv6 TCP NULL
IPv6 TCP XMAS
IPv6 TCP ACK
IPv6 TCP UDP Send
IPv6 Protocols - Find what IPv6 protocols a host is running

Windows Management Instrumentation (the Microsoft implementation of WBEM)
Shutdown or Restart for Windows hosts

More informations about the scanning types could be found in the documentation that comes with the application.

Operating System Mimic Tehnology

I will write a separate document for this...

Scanning modes

CHScanner have the following scanning modes:

Normal mode: this is the common mode used by most of the scanners today;
Passive mode: in this mode NO packet is sent, CHScanner only listen to the network traffic and decodes the packets received, similar to a sniffer;
Hunt mode: introduced with version 0.9.7.2, in this mode CHScanner will scan any host that tries to communicate with the host machine. The scan is triggered by received one of the following packets destined to the local machine: ARP Request, ICMP ECHO Request, TCP SYN.
By using geolocation data provided by MaxMind you can find the country associated with a specific IPv4 Address;
Automatic, scriptable, mode: if instructed so, by command line parameters, CHScanner will do his job based on the configuration file supplied as one of the parameters, save the result and close.

To find more information about those modes of operation read the provided documentation.

Others

CHScanner is designed to use a minimum number of packets to do his job;
Check for updates;
The user can update the geolocation data;
Skinable, why it should not be? I know that the provided skin needs a designer touch but if you do not like it just change it, it should be easy...

Quick start

in the application's main window hit the Scan button. The Select window should appear;
in the Select window, if you press the Examples button some example scan configurations will be created. The newly created example configuration files should be ready to run on your local network;
in the Select window, by double-clicking a scan configuration, the scan process will start;
after the scanning is completed, by clicking the Export XML button, the results will be saved in an XML file. The XML file will be named CHScanResult_<date>_<time>.xml. There is a corresponding XSL file that helps you to view the exported file with a web-browser (tested with IE6, IE7 and Firefox).

Documentation

The documentation is far from beeing completed. It is in the application's package as a set of html files and can be called from inside the application by pressing the F1 key.

Download

Again, CHScanner needs WinPcap version 4.0.2. Download it here.

Version 0.9.7.4:

CHScanner 0.9.7.4 - 25 January 2009 (2173 KB)
MD5: 6BDB5B8342DB96903784A755AB4043FC
SHA1: 47C71994A9B7198F55D2043E0DDF9BF8F90FFF47

Older versions:

CHScanner 0.9.7.4, released 24 March 2008
CHScanner 0.9.6.3, released 12 October 2007
CHScanner 0.9.6.2, released 02 February 2007
CHScanner 0.9.5.4, released 03 November 2006
CHScanner 0.9.5.2, released 27 October 2006
CHScanner 0.9.4.12, released 31 August 2006
CHScanner 0.9.3.17, released 26 July 2006
CHScanner 0.9.2.3, released 01 June 2006
CHScanner 0.8.1.983, released 19 May 2006
CHScanner 0.8.1.980, released 18 May 2006
CHScanner 0.8.1.961, released 05 May 2006
CHScanner 0.8.1.960, released 03 May 2006

Third-Party contributions

CHScanner does NOT use code and data from other applications, except for:

the "Mersenne Twister" random number generator MT19937 public code, modified as a C++ class by the CHScanner's author;
geolocation data for IPv4 addresses from MaxMind.

Informations about used algorithms were gathered from public sources (i.e. Internet search and RFC collection).

Data files are builded from public available sources like IANA (Internet Assigned Numbers Authority) and from "personal" discovery.

Copyright and License

Disclaimer

CHScanner is provided "as-is" WITHOUT ANY WARRANTY !
No liability for the behaviour of this application can be accepted. Use the application at your own risk ! There may be errors and inaccuracies that could be damaging to your system and/or network. Proceed with caution, the author do not take any responsibility. The usage of this application in your country/region may be illegal !

All copyrights are held by their respective owners, unless specifically noted otherwise. Use of a term in this document OR in application OR in the documentation that accompanies the application should not be regarded as affecting the validity of any trademark or service mark. Naming of particular products or brands should not be seen as endorsements.

F.A.Q

Q: Where the name CHScanner is comming from?
A: CHScanner stands from Calin's Humble Scanner.

Hosted on http://www.oocities.org/calinradoni

Last page modification is 25 January 2009