Dick Manual

A user-friendly network/port scanner

Introduction ^

Dick is a highly configurable, user friendly network/port scanner. It was named for the gum shoes of old. It can scan up to two octets of network segment in search of active hosts. Dick uses either ICMP pings or TCP/IP port discoveries to locate hosts. It switches seamlessly between the protocols. It can also scan a single host in search of open ports.

A scanner such as this can be used by network / systems administrators to test the security of their networks and by crackers to comprimise them. I’m not sure which category applies to you, but if you improve the program please send the patches.

Yet another scanner? Yes. The one I like is hopefully out-of-date and hard to compile on newer systems. Since I had already written most of the code necessary to build a scanner, dick materialized in very little time. Naming it was more difficult than writing it. I like short names that are easy to type. d-i-c-k flows nicely from the left hand to the right on a QWERTY keyboard. It’s not the first thing that comes to mind when some one says “You dick!” but the term once applied to detectives. It now has potential for a verb: “dick that network and see what you find…”

Invocation ^

The format for invoking dick is:
dick [options] HOST
dick [options] -n NETWORK

HOST is either an IP address or an RFC1178 hostname.Р’ВВ

NETWORK is the first two or three octets of a network, i.e., 172.16 or 172.16.24

Dick is built with GNU’s long options. Each option may be invoked with either a long or a short option. Both can be used in the same startup. The program supports the following options:

-V, –version

Display dick’s version and exit

-h, –help

Print a help message describing all of dick’s command-line options and exit.

-C, –config

Prints the default values for all configurable settings. Values are read from the active resource file and command line arguements.

-t NUM, –timeout=NUM

This option sets the socket timeout to NUM seconds. The default value is 1 second. Increasing this number will increase the likelihood of finding hosts or open ports but it will also increase the time of the scan.

-R /path/file, –rcfile/path/file

This option can be used to set an alternate resource file (see RESOURCE FILE below). A resource file specified at the command line takes precedent over any default files. Thus, if this is set $HOME/.dickrc is ignored. Example:

$ dick -R /home/jeff/dick.txt -n 172.16.24

-R generate, –rcfile=generate

The option -R, –rcfile may also be used to generate a new resource file. To generate a new file, set the option to “generate” like this:

$ dick -R generate > /home/jeff/.dickrc

-n NETWORK, –network=NETWORK

Instructs search NETWORK for active hosts. NETWORK is the first two or three octets of a network address, i.e., -n 172.16 or -n 172.16.24 By default a netscan is conducted with ICMP pings. In order to utilize pings, $_PROGRAM must either be run as root or setuid root (see ERRORS below)

$ dick -T -n 10.12.66

-I, –icmp

Sets the network protocol to ICMP. During a netscan, dick can use either ICMP echo (default) or TCP/IP connect for discovery. This option sets the protocol to ICMP. This option is like pinging hosts on a network with the ping utility. ICMP requires raw sockets. Therefore, dick must either be run as root or setuid root.

-T, –tcpip

Sets the default network protocol to TCP/IP. By default, dick uses ICMP pings to discover hosts on a network. You may use this option to use TCP/IP port discovery. As $_PROGRAM loops through a network, it tries to open socket connections on commonly used ports. By default it checks the following: 7, 21, 22, 23, 25, 37, 80, 110, 387, 443 You may override the default ports in the resource file.

-l NUM, –lower=NUM

Sets the lower range of a portscan to NUM. On a portscan, dick scans a range of ports on a single host from lower to upper. By default, lower is set to 1.

-u NUM, –upper=NUM

Sets the upper range of a portscan to NUM. On a portscan, $_PROGRAM scans a range of ports on a single host from lower to upper. By default, upper is set to 1024.

Resource File and Configuration Settings ^

Dick relies on both command line options and a resource file for its run time configuration. Command line options take precedent over the resource file. The default resource file is $HOME/.dickrc. As noted above, you can override this option with -R /path/to/file. You may also generate a new resource file with the following command:

$ dick -R /home/jeff/dick.txt -n 172.16.24

As the banner indicates, we’ve been on the Internets since 1999. And in that we’ve learned one thing: Many of you don’t bother to read instructions. For you, here’s a sample resource file that we generated with the command you never bothered to learn:

# Updated by dick 0.95, Thu Dec 18 09:40:29 EST 2008
# Copyright (C) 2008 by Jeffrey Fulmer, et al. , et al.
# This is free software; see the source for copying conditions.
# There is NO warranty; not even for MERCHANTABILITY or FITNESS

# debug – this directive turns on debugging information.
# values: true or false
# example: debug = true
debug = false

# timeout – this value sets the socket timeout in seconds. High values will
# increase chances of connecting with hosts but they will also lengthen the
# duration of the scan.
# values: number from 1 to N (default: 1)
timeout = 1

# protocol – set the network protocol for for network scans. Your options are
# icmp which is essentially a ping and tcpip which relies on socket discovery.
# You must be root or the program must be setuid root in order to leverage icmp
# protocol. It is must faster than tcpip
# values: icmp or tcpip
protocol = icmp

# ports – set the port numbers you want to explore during network discovery.
# This option applies only to tcpip protocol. When that protocol is set, the
# the scan attempts to create a socket with each of the ports on this list. It
# it continues until it opens a connection or exhausts the list.
# values: a comma separated list of numbers, i.e., 7,21,25,80,443
# ports = 7, 21, 22, 23, 25, 37, 80, 110, 387, 443

# lower – on ports scans, the program scans a range of ports from ‘lower’ to
# ‘upper’ incrementally. This option sets the lower range of the portscan.
# values: number (default: 1)
# lower = 1

# upper – set the upper range of a portscan
# values: number (default: 1024)
# upper = 1024



Platforms ^

Dick was written and developed on GNU/Linux. If you call it “GNU/Linux” you’ll keep Richard Stallman happy. You don’t want to anger him, do you? He won’t visit your user group. Dick was tested on Solaris and HP/UX. It should run on any platform that supports the UNIX socket library.

License ^

Please consult the file, COPYING for complete license information. Copyright (C) 2000-2009 Jeffrey Fulmer, et al. Permission is granted to anyone to make or distribute verbatim copies of this document as received, in any medium, provided that the copyright notice and this permission notice are preserved, thus giving the recipient permission to redistribute in turn. Permission is granted to distribute modified versions of this document, or of portions of it, under the above conditions, provided also that they carry prominent notices stating who last changed them.

Posted in | Leave a comment

Leave a Reply

Recent Comments

  • Jeff Fulmer: I love that there’s an end bracket surround by a sea of comments. That really aids its...
  • Tim: The more I read that code – the more wtf it becomes. Its a work of beauty that you appreciate the longer...
  • Mike: I just now saw you know DK effect already. Whoops.
  • Mike: “he lacks the skill to recognize his ineptitude” I believe it’s recognized as the...
  • Mirko: Wow! This trick saved my day :) thanks a lot