Development And Implementation Of A Custom Port Scanner And Network Mapping Tool For Enhanced Network Security

The rapid expansion of computer networks and internet-connected devices has significantly increased the attack surface for malicious actors. Network security professionals constantly strive to identify and mitigate vulnerabilities before they can be exploited. One of the foundational techniques in vulnerability assessment is port scanning — the process of systematically probing a network host to identify open ports and active services. Port scanning serves as the first step in network reconnaissance, enabling administrators to understand what services are exposed, assess potential risks, and apply necessary security patches or access controls.

Traditional commercial port scanning tools such as Nmap, Nessus, and OpenVAS are powerful but often come with limitations, including high resource consumption, lack of customization for specific organizational needs, and potential legal or licensing constraints. Moreover, in academic environments like Sahyadri Valley College of Engineering and Technology, there is a growing need for educational tools that allow students and researchers to understand the underlying mechanics of network scanning rather than merely using black-box solutions.

This research addresses these gaps by developing a custom port scanner and network mapping tool tailored for educational and small-scale enterprise use. The tool is designed to be lightweight, transparent, and extensible, allowing users to modify scanning techniques, timeouts, and reporting formats according to their specific requirements. By implementing core scanning methods such as TCP connect and SYN scanning, along with banner grabbing for service version detection, the proposed tool provides a comprehensive solution for network enumeration.

The primary motivation behind this work is to bridge the gap between theoretical knowledge of network protocols and practical security assessment skills. Students and network administrators can use this tool to learn how packets are crafted, sent, and analyzed, thereby gaining deeper insights into network defense mechanisms.

Significance of Custom Network Security Tools

Network security has become indispensable for protecting sensitive data, ensuring service availability, and maintaining user privacy. Port scanning is often the first phase of both defensive audits and offensive penetration testing. Without proper scanning tools, organizations remain blind to open ports, outdated services, and misconfigured firewalls.

Custom port scanning tools offer several advantages over generic solutions. First, they provide complete control over scanning parameters such as timeout values, retransmission attempts, and port ranges, enabling fine-tuned assessments. Second, they eliminate dependency on third-party software that may contain undisclosed vulnerabilities or telemetry features. Third, custom tools can be integrated into larger security orchestration platforms, allowing automated responses to detected open ports.

In educational contexts, building a custom scanner reinforces fundamental networking concepts including TCP/IP handshakes, socket programming, packet headers, and stateful vs. stateless scanning. Students gain hands-on experience with low-level network interactions, which is invaluable for careers in cybersecurity, network administration, and software development.

Furthermore, lightweight custom scanners are particularly useful in resource-constrained environments such as small colleges, startup companies, or remote offices where commercial solutions may be prohibitively expensive or operationally heavy. The tool developed in this research operates efficiently on standard hardware and produces human-readable reports suitable for further analysis.

OBJECTIVES OF THE STUDY

The specific objectives of this research are:

1. To design and implement a custom port scanner capable of performing TCP connect scans and SYN scans on target IPv4 addresses and ranges.
2. To integrate network mapping functionality that identifies active hosts, open ports, running services, and operating system fingerprints.
3. To evaluate the performance of the custom scanner in terms of scan speed, accuracy, and false positive rate compared to standard tools like Nmap.
4. To demonstrate the educational value of building custom scanning tools for computer engineering students at Sahyadri Valley College of Engineering and Technology.

1. Methodology and Implementation

The development of the custom port scanner and network mapping tool followed a modular architecture consisting of three core components: a host discovery module, a port scanning engine, and a service detection module. The tool was written in Python using the socket, scapy, and threading libraries to achieve concurrency and efficiency.

Host Discovery Module: This module sends ICMP echo requests (ping) and TCP SYN packets to common ports (80 and 443) to determine which hosts in a given IP range are alive. Responses are processed asynchronously to reduce waiting time.

Port Scanning Engine: Two scanning techniques were implemented:

• TCP Connect Scan: The scanner attempts a full TCP three-way handshake with each target port. If the connection succeeds, the port is marked as open. This method is reliable but easily logged by firewalls.
• SYN Scan (Half-Open): The scanner sends a SYN packet and waits for a SYN-ACK response. Upon receiving SYN-ACK, the scanner responds with a RST packet instead of completing the handshake, making it stealthier.

Service Detection and Banner Grabbing: For open ports, the tool connects and reads up to 1024 bytes of banner data, which often reveals service names and version numbers (e.g., "Apache/2.4.41", "OpenSSH 8.2p1"). This information is critical for vulnerability mapping.

Network Mapping: The tool generates a graphical network map using Python's networkx and matplotlib libraries, showing live hosts, their open ports, and interconnections.

Table 1: Scanning techniques implemented in the custom tool

Experimental Setup: Testing was conducted on a controlled laboratory network at Sahyadri Valley College of Engineering and Technology. The test environment included 25 virtual machines running Windows 10, Ubuntu 20.04, and CentOS 8, configured with various open ports (22, 80, 443, 3306, 8080). The scanner was executed from a dedicated Kali Linux machine with 8 GB RAM and an Intel i5 processor. Performance metrics were recorded for full port scans (1–65535) and common port scans (top 100 ports).

2. Data Analysis and Interpretation

Objective 1: To design and implement a custom port scanner with TCP connect and SYN scanning capabilities.

The implementation was successfully completed. The TCP connect scanner achieved 100% accuracy on open ports but was detected by the test network's simple firewall in all 50 scan attempts. The SYN scanner remained undetected in 92% of cases (46 out of 50 scans) while maintaining 98.7% accuracy compared to a verified port list. The SYN scanner's false negatives occurred primarily on ports with stateful inspection rules.

Table 2: Performance comparison of scanning methods