Difference between revisions of "Scanlogd"
(New version) |
(Added Debian link) |
||
Line 8: | Line 8: | ||
|Documentation note=User manpage included and available in HTML format from http://www.openwall.com/scanlogd/scanlogd.8.shtml | |Documentation note=User manpage included and available in HTML format from http://www.openwall.com/scanlogd/scanlogd.8.shtml | ||
|Paid support=services at openwall.com | |Paid support=services at openwall.com | ||
+ | |Accepts cryptocurrency donations=No | ||
|Related projects=SNORT,Port_Scan_Attack_Detector,Tiger,Gtk-nocker,Knocker,AIDE,Firestorm,Multiscan,Tripwire,TCP_Re-engineering | |Related projects=SNORT,Port_Scan_Attack_Detector,Tiger,Gtk-nocker,Knocker,AIDE,Firestorm,Multiscan,Tripwire,TCP_Re-engineering | ||
|Keywords=TCP,packet,capture,log,detection,libpcap,syslog,port scan,libnids | |Keywords=TCP,packet,capture,log,detection,libpcap,syslog,port scan,libnids | ||
Line 14: | Line 15: | ||
|Version status=stable | |Version status=stable | ||
|Version download=http://www.openwall.com/scanlogd/scanlogd-2.2.7.tar.gz | |Version download=http://www.openwall.com/scanlogd/scanlogd-2.2.7.tar.gz | ||
− | |Last review by= | + | |Last review by=Bendikker |
− | |Last review date= | + | |Last review date=2018/02/27 |
− | |||
|Submitted date=2011-04-01 | |Submitted date=2011-04-01 | ||
− | |||
|Is GNU=No | |Is GNU=No | ||
|License verified date=2004-06-03 | |License verified date=2004-06-03 | ||
Line 31: | Line 30: | ||
|Role=Maintainer | |Role=Maintainer | ||
|Email=solar@openwall.com | |Email=solar@openwall.com | ||
− | |Resource URL= | + | }} |
+ | {{Resource | ||
+ | |Resource audience=Debian (Ref) | ||
+ | |Resource URL=https://tracker.debian.org/pkg/scanlogd | ||
}} | }} | ||
{{Resource | {{Resource |
Latest revision as of 10:30, 27 February 2018
scanlogd
http://www.openwall.com/scanlogd/
TCP port scan detection tool
'scanlogd' is a TCP port scan detection tool which attempts to log all portscans of a host to the syslog, in a secure fashion. It was designed to illustrate various attacks an IDS developer has to deal with; thus, unlike some other port scan detection tools, 'scanlogd' is designed to be totally safe to use. The current released can be built with support for one of several packet capture interfaces. In addition to the raw socket interface on Gnu/Linux, scanlogd is now aware of libnids and libpcap. The author discourages the use of libpcap. If you're on a system other than GNU/Linux and/or want to monitor the traffic of an entire network at once, he suggests using libnids in order to handle fragmented IP packets.
Licensing
License
Verified by
Verified on
Notes
Leaders and contributors
Contact(s) | Role |
---|---|
Solar Designer | Maintainer |
Resources and communication
Audience | Resource type | URI |
---|---|---|
Bug Tracking,Developer,Support | mailto:solar@openwall.com | |
Debian (Ref) | https://tracker.debian.org/pkg/scanlogd |
Software prerequisites
Kind | Description |
---|---|
Weak prerequisite | libnids |
Weak prerequisite | libpcap |
Permission is granted to copy, distribute and/or modify this document under the terms of the GNU Free Documentation License, Version 1.3 or any later version published by the Free Software Foundation; with no Invariant Sections, no Front-Cover Texts, and no Back-Cover Texts. A copy of the license is included in the page “GNU Free Documentation License”.
The copyright and license notices on this page only apply to the text on this page. Any software or copyright-licenses or other similar notices described in this text has its own copyright notice and license, which can usually be found in the distribution or license text itself.