We will be using netcat to create a simple port scanner. Essentially what we need to do is connect to the host we are scanning, and check if the port is open.

# portscan without nmap, using netcat
# usage ./ <ip> <startport> <endport>

# flags we are using
# -v verbose
# -n numeric-only IP, no dns
# -r randomize local and remote ports
# -z zero-I/O mode [used for scanning]
# -w timeout in seconds for connects

nc -v -n -r -z -w1 $1 $2-$3

output of the script:

[root@kadi bash]# ./ 1-4000
(UNKNOWN) [] 4000 (?) open
(UNKNOWN) [] 3306 (mysql) open
(UNKNOWN) [] 80 (http) open
(UNKNOWN) [] 22 (ssh) open