How to find UDP open ports on remote machine using JAVA

I had this question after viewing java.net.BindException: Cannot assign requested address: Cannot bind.


I'm trying to find UDP open ports in java using DatagramSocket class, but it seems not to be working/connecting to remote IPs. Can anyone please help ?
Umesh GodaraAsked:
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

x
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

CEHJCommented:
I want to create a UDP port scanner tool using java, but DatagramSocket class seems not to working/connecting to remote IPs. Can anyone please help ?
Please post code
Umesh GodaraAuthor Commented:
Hi
Below is my code. It's working fine if I write local IP address in textbox, but not working for remote IPs.

Thanks in advance.



class demo
{
public List<Integer> UDPPortsList;

private void scan()
{
UDPPortsList=Arrays.asList(2,3,7,9,13,17,19.....................,64590,64727,65024); //1000 UDP ports in list

String IpAddress = txt_Box1.getText(); //getting IP address from textbox

for (int b:UDPPortsList)
          {
              try
                {
                                             
                   DatagramSocket server = new DatagramSocket(b,InetAddress.getByName(IpAddress));
                   server.close();
                }
            catch(Exception ee)
                          {
                             model_result.addElement("Port: "+b+" Open  \n");   //adding result in jList
                                                   
                           }
                      }
}
}
CEHJCommented:
but not working for remote IPs.
What makes you think that firewalls are not blocking your access to those remote ports?
Rowby Goren Makes an Impact on Screen and Online

Learn about longtime user Rowby Goren and his great contributions to the site. We explore his method for posing questions that are likely to yield a solution, and take a look at how his career transformed from a Hollywood writer to a website entrepreneur.

Umesh GodaraAuthor Commented:
I'm testing/connecting to my VM, firewall is off, ping is working and nmap is giving results of open UDP ports
CEHJCommented:
I'm not sure what you're expecting that code to do. All you're doing is creating a socket. Let's say you were actually sending a packet to a specific address and port (which you're not) - what then? UDP is a connectionless protocol. You wouldn't know anything about the results unless it just so happened that you were speaking a particular correct protocol that would get something in return

All your code could do is find out which UDP sockets were already open on the address and port you were trying. But that's not port scanning in the normal sense, i.e. it's not normal or useful to scan one's own host

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
Umesh GodaraAuthor Commented:
Basically when I'm trying to create socket on different ports, if the port is already open/in use then the code throws "java.net.BindException: Address already in use : Cannot bind" and checking this exception I get to know which ports are open.

But it works this way only with local IP, for remote IP it throws  "java.net.BindException: Cannot assign requested address: Cannot bind" for every port (whether it's open or not)

"All your code could do is find out which UDP sockets were already open on the address and port you were trying" -Yes, by doing this I'm trying to get to know which UDP ports are open. Please suggest if there's any alternative way.
CEHJCommented:
Yes, by doing this I'm trying to get to know which UDP ports are open. Please suggest if there's any alternative way.
I'm not sure why you'd think that you could open a socket on a remote (say my) machine. What kind of security implications would that have? No, there's no alternative, for the reasons i gave in the first paragraph of my last reply.

Of course, TCP is a different matter, since an actual connection occurs between local and remote
Umesh GodaraAuthor Commented:
thanks for clarification. So how can I test what UDP ports are Open on a remote machine? like nmap does.
CEHJCommented:
Does it? Can you post sample nmap output for UDP?

Update: from man nmap (what i was saying above, though you might be lucky that a 'ping' could work):

-PU port list (UDP Ping)
           Another host discovery option is the UDP ping, which sends a UDP packet to the given ports. For most ports, the
           packet will be empty, though some use a protocol-specific payload that is more likely to elicit a response.
           The payload database is described at https://nmap.org/book/nmap-payloads.html.  --data, --data-string, and
           --data-length options.

Open in new window

Umesh GodaraAuthor Commented:
" -sU    UDP  scans:  This method is used to determine which
              UDP (User Datagram Protocol,  RFC  768)  ports  are
              open  on  a  host.  The technique is to send 0 byte
              UDP packets to each port on the target machine.  If
              we  receive  an ICMP port unreachable message, then
              the port is closed.   Otherwise  we  assume  it  is
              open.   Unfortunately,  firewalls  often  block the
              port unreachable  messages,  causing  the  port  to
              appear  open.
"
Nmap results (Firewall off), remote IP on LAN

 Nmap results
CEHJCommented:
I'm actually not knowledgeable about how a 'UDP ping' is actually done so can't say anything about how to implement it in Java. If you're working in your own LAN (as above) you might be lucky and get a result
krakatoaCommented:
You will not be able to guarantee identification of open UDP ports on remote systems, due in great part to what CEHJ has already explained to you. When a UDP packet is sent to a port that is not open the remote host will issue an ICMP "port unreachable" reponse. If a firewall is operational on the remote host, you will receive a false positive response back.

As has been mooted already, there is not a great deal of use in knowing about UDP remote port availability, except if DoS attacks are involved.
Umesh GodaraAuthor Commented:
"When a UDP packet is sent to a port that is not open the remote host will issue an ICMP "port unreachable" reponse" and when port is open it respond nothing...........I agree with this, and I just want to implement this in Java, that's my main query.

Agree with firewall false positives and I'm fine with that as long as I can get accurate results without firewall?

If nmap can do it using C/C++/Python......Java should also have something similar to do it.

Thanks again.
krakatoaCommented:
There is this, which I have never tried. ICMP Ping.
CEHJCommented:
"When a UDP packet is sent to a port that is not open the remote host will issue an ICMP "port unreachable" reponse" and when port is open it respond nothing...........I agree with this

I'd be interested in what standard is being adhered to there. If there is one, i'd be surprised if it is implemented across the board
krakatoaCommented:
@Umesh Godara
Where did i say this :

and when port is open it respond nothing

?

Also : Port scanner
krakatoaCommented:
Closed.
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
udp/ip

From novice to tech pro — start learning today.