Browse wiki
This entry published by the Free Software Foundation.
| Scanlogd |
| Computer languages | C + |
|---|---|
| Documentation note | User manpage included and available in HTML format from http://www.openwall.com/scanlogd/scanlogd.8.shtml |
| Full description | 'scanlogd' is a TCP port scan detection to … 'scanlogd' is a TCP port scan detection tool which attempts to log all portscans of a host to the syslog, in a secure fashion. It was designed to illustrate various attacks an IDS developer has to deal with; thus, unlike some other port scan detection tools, 'scanlogd' is designed to be totally safe to use. The current released can be built with support for one of several packet capture interfaces. In addition to the raw socket interface on Gnu/Linux, scanlogd is now aware of libnids and libpcap. The author discourages the use of libpcap. If you're on a system other than GNU/Linux and/or want to monitor the traffic of an entire network at once, he suggests using libnids in order to handle fragmented IP packets. in order to handle fragmented IP packets. |
| Homepage URL | http://www.openwall.com/scanlogd/ + |
| Interface | daemon + |
| Is GNU | false + |
| Keywords | TCP + , packet + , capture + , log + , detection + , libpcap + , syslog + , port scan + , libnids + |
| Last review by | Janet Casey + |
| Last review date | 3 June 2004 + |
| License | SimplePermissiveNoNonWarranty + |
| License verified by | Janet Casey + |
| License verified date | 3 June 2004 + |
| Name | scanlogd + |
| Paid support | services at openwall.com + |
| Prerequisite description | libnids + , libpcap + |
| Prerequisite kind | Weak prerequisite + |
| Real name | Solar Designer + |
| Related projects | SNORT + , Port Scan Attack Detector + , Tiger + , Gtk-nocker + , Knocker + , AIDE + , Firestorm + , Multiscan + , Tripwire + , TCP Re-engineering + |
| Resource URL | mailto:solar@openwall.com + |
| Resource audience | Bug Tracking + , Developer + , Support + |
| Resource kind | E-mail + |
| Revisionid | 776 + |
| Revisiontimestamp | 12 April 2011 12:34:03 + |
| Revisionuser | WikiSysop + |
| Role | Maintainer + |
| Short description | TCP port scan detection tool + |
| Submitted by | Database conversion + |
| Submitted date | 1 April 2011 + |
| System-administration | monitor + |
| Use | system-administration + |
| User level | none + |
| Version comment | 2.2.4 stable released 2004-06-02 |
| Version date | 2 June 2004 + |
| Version download | http://www.openwall.com/scanlogd/scanlogd-2.2.4.tar.gz + |
| Version identifier | 2.2.4 + |
| Version status | stable + |
| Modification dateThis property is a special property in this wiki. | 24 May 2012 22:05:28 + |
| Page has default formThis property is a special property in this wiki. | Entry + |
| EmailThis property is a special property in this wiki. | solar@openwall.com + |
| hide properties that link here |
Permission is granted to copy, distribute and/or modify this document under the terms of the GNU Free Documentation License, Version 1.3 or any later version published by the Free Software Foundation; with no Invariant Sections, no Front-Cover Texts, and no Back-Cover Texts. A copy of the license is included in the page “GNU Free Documentation License”.
The copyright and license notices on this page only apply to the text on this page. Any software described in this text has its own copyright notice and license, which can usually be found in the distribution itself.