ScanAlert
ScanAlert was built to analyze iptables log entries in real time and report detected port scans to syslogd. From there you can use a daemon like logdog to take action if desired, or you can manually review the logs later if you prefer.
ScanAlert is designed to be very effecient, and as such takes a (little) bit of work to get it installed. It is a very nice tool though, because it doesn't need special permissions or kernel modules, and it doesn't listen on any network ports. It can also be used to monitor a whole network of hosts if you syslog to a central server.
ScanAlert is written in Perl and does not require any special modules. It has a straight forward interface and configuration file making it very easy to use.
| Price: | N/A FREE | Hits: | 20 |
| File Size: | 15.1KB | Platforms: | Linux Windows |
| Ratings: | Last Updated: | 2009-05-31 |
VIEW ALL
Perl and CGI