exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 42 RSS Feed

Files

scanlogd 2.2.8
Posted Mar 11, 2021
Authored by Solar Designer | Site openwall.com

scanlogd is a system daemon which attempts to log all portscans of a host to the syslog, in a secure fashion.

Changes: scanlogd 2.2.7 produced deprecation warnings for _BSD_SOURCE when built on a system with recent glibc. scanlogd 2.2.8 avoids those while still supporting older glibc as well (and indeed non-Linux too, like before).
tags | tool
systems | unix
SHA-256 | 0bec45ecbcc8a9a3599cb38e21dcacf639ca3b33bb6973b20261315d065ea158
scanlogd 2.2.7
Posted Oct 23, 2013
Authored by Solar Designer | Site openwall.com

scanlogd is a system daemon which attempts to log all portscans of a host to the syslog, in a secure fashion.

Changes: An off-by-one bug in a safety check has been corrected. The bug did not affect scanlogd itself, but it may be a security issue in other projects reusing code from scanlogd. The license has been changed to heavily cut-down BSD.
tags | tool
systems | unix
SHA-256 | 556a1c82b3561ea796d2ce8dfd20f578717903fd2c6557ebe27775d8ef8771da
scanlogd-2.2.6.tar.gz
Posted Mar 15, 2006
Authored by Solar Designer | Site openwall.com

Scanlogd is a TCP port scan detection tool originally designed to illustrate various attacks an IDS developer has to deal with, for a here.

Changes: Check changelog.
tags | tcp
systems | unix
SHA-256 | 4a2621037270f88576c8770261c53761edc875984f126872c880c2a98a8f63fa
scanlogd-2.2.5.tar.gz
Posted Jul 5, 2004
Authored by Solar Designer | Site openwall.com

Scanlogd is a TCP port scan detection tool originally designed to illustrate various attacks an IDS developer has to deal with, for a here.

Changes: Tuned code.
tags | tcp
systems | unix
SHA-256 | c9492f5d9af644d6b4beba81af4b81dbef6eb213d3ec624410bdf7e8649cc1e7
scanlogd-2.2.4.tar.gz
Posted Jun 3, 2004
Authored by Solar Designer | Site openwall.com

Scanlogd is a TCP port scan detection tool originally designed to illustrate various attacks an IDS developer has to deal with, for a here.

tags | tcp
systems | unix
SHA-256 | 0ca9acc44e8421356790d2f865236ddf7ff0ee85ff255c6f2c1b93b70899a915
scanlogd-2.2.tar.gz
Posted Nov 13, 2000
Authored by Solar Designer | Site openwall.com

Scanlogd v2.1 is a TCP port scan detection tool for linux, originally designed to illustrate various attacks an IDS developer has to deal with, for a here.

Changes: Support for Libnids 1.14, bug fixes.
tags | tcp
systems | linux, unix
SHA-256 | e257be420e3aab29821f6d513bcf720c764fb611dbd9f6a187f9dd52fb809b37
scanlogd-2.1.tar.gz
Posted Apr 25, 2000
Authored by Solar Designer | Site openwall.com

Scanlogd v2.1 is a TCP port scan detection tool for linux, originally designed to illustrate various attacks an IDS developer has to deal with, for a here.

tags | tcp
systems | linux, unix
SHA-256 | 78959c2380ba0c76ab938c17250bcd65557aa7949742c3227a301132bfc09782
scandetd-1.1.3.tar.gz
Posted Dec 16, 1999

Watches for TCP connection, records state for the past 1 second - if multiple connections occur from the same host, an internal counter is increased for that IP. If the counter reaches some value (which can be changed in #define) scandetd will send email to administrator. Information sent includes time, ip address, number of connections made, first and last connection times, and guessed type of scan (syn/fin). Logs to syslog by default. Configurable to allow trusted addresses. Tested under linux - possibly sunos and freebsd.

tags | tcp
systems | linux, unix, solaris, freebsd
SHA-256 | 9126aaf6856d457d1752f6076279f4a59f7a3856db01a7382d5599630b8557a7
klaxon12.tar.gz
Posted Dec 12, 1999
Site eng.auburn.edu

Modified rexec source - captures ident information upon being portscanned. Does not actually emulate services other than listening at certain tcp ports. This is reported to work under Solarix 2.x and possibly linux. Now modified to provide limited counterintelligence (ident query back to source).

tags | tcp
systems | linux, unix
SHA-256 | b3a8fe6e4a4f2d3c04569b2ee42a59a776b312a65ecbbdc897eb249d57eeb0e2
detect-scans-0.70.tar.bz2
Posted Aug 17, 1999
Authored by Martin Carlzon

This logs and notifies you of portscans run against your host. Some kinds of D.o.S attacks might also get logged.

systems | unix
SHA-256 | dae44895c71cf06ef3d013bdf4dde0de60f28613a9ac9b39c46101bf6defe4d1
detect-scans-0.80.tar.gz
Posted Aug 17, 1999
Authored by Martin Carlzon

detect-scans v0.80 logs and notifies you of portscans run against your host. Some kinds of D.o.S attacks might are also logged.

systems | unix
SHA-256 | 8fe1efbebe792c61e718c7af9f3de1ac44378c19219d7cf729777bbfdcd60a99
Fakeserv1-1.zip
Posted Aug 17, 1999
Authored by Themag00ru

Fake Service version 1.1 - Fakes a Wingate service and Sendmail service, and listens for and logs scans on those ports.

systems | unix
SHA-256 | 38f156cc389f19a831bff7ee64f0b59e6b3b0931e9f927d21595d91d29373ef2
klaxon.tar.gz
Posted Aug 17, 1999

Here's a modification of rexec that I call klaxon. Instead of actually executing anything, it returns a benign error to the caller, and syslogs the calling host, username, and name of attempted service access. It's also extremely useful for detecting portscanner attacks like those perpetrated by ISS and SATAN. Ident support (RFC931) is currently optional. klaxon is useful in place of any tcp or udp service port where you would not suspect activity. For Solaris2.X machines it will also work on the rpc.rexd port.

tags | udp, tcp
systems | unix
SHA-256 | 8a63c6fd83af41f2ce03a5f763699bc91c39430b7123f61f515a46cb36335c27
portwatch.zip
Posted Aug 17, 1999

Portwatch - acts a server, just sits on a port and waits for connections.

systems | unix
SHA-256 | 65eadc6ae8f35d8b22ac73138e0f95ded6097c4e37b0d232ff55279d56d2f696
rwxbo.c
Posted Aug 17, 1999
Authored by KByte

RWX Back Orifice Sweep Scanner - RWXBO is a simple program that will log attempts to scan your ip range, and logs some commands that the attacker might type.

systems | unix
SHA-256 | 2d365ee07e5f19d4b76e19176ffb84560c062488103204fc1942a96fc0b319a2
scandetd.c
Posted Aug 17, 1999
Authored by Michal Suszycki

Scandetd is a port scan detection daemon that waits for incoming tcp connections and tries to recognize port scans. If tripped, scandetd sends email to root@127.0.0.1 with the time, attacking host, number of connections made, port of the first and last connections. Easy on system resources; for Linux; initial release. 6k.

tags | root, tcp
systems | linux, unix
SHA-256 | 305219b79f012a5152846430f4c566386f23c156aa8d040e810ccddc4f3c7a6d
scandetect.pl.txt
Posted Aug 17, 1999
Authored by J-Dog

Basic, but effective perl-based portscan detector.

tags | perl
systems | unix
SHA-256 | 8ee23a4d032244a4d4c4c99b6e02e9574125e3ea6b3a03af2d8fb2f07d74412c
scandetect1.1.pl.txt
Posted Aug 17, 1999
Authored by J-Dog

Latest release of J-Dog's portscan detector, now with the following features: uses nmap, queso, and nmbnamex to resolve remote "attacking/scanning" IP to a hostname, perform a tcp connect() scan on the remote host, grab the NetBIOS name of the scanner, and then use Queso to determine the OS of the remote host.

tags | remote, tcp
systems | unix
SHA-256 | 50c0b7565be7771122e01846ae2d827f9854d5257ab1394cc82c61910f758545
scanlogd-v1.2.c.gz
Posted Aug 17, 1999
Authored by Solar Designer

Linux scanlogd v1.2 - Linux scanlogd port scan detector. Use to detect many of the latest nmap scans.

systems | linux, unix
SHA-256 | e9d445f3aabe420cde0fc71e64444074ebacc87c74e195b97c290a6d7cd4f958
scanlogd-v1.3.c.gz
Posted Aug 17, 1999
Authored by Solar Designer

Linux scanlogd v1.3 is a port scan detector daemon for Linux that is designed to recognize all of the latest nmap scans.

systems | linux, unix
SHA-256 | ba092ba0d7ad19e30696c65f31a24b2108694fc7e74a6b0579e546dbb5112879
scanlogd.c.gz
Posted Aug 17, 1999
Authored by Solar Designer

scanlogd v1.1 - Linux scanlogd port scan detector.

systems | linux, unix
SHA-256 | 8cca6749e370018fe2051e21e0e3dd82b5bbddfbde8fc7a33772c7f67c19af27
tcplogd-0.1.1.tar.gz
Posted Aug 17, 1999
Authored by CyberPsychotic

tcplogd is a stealth-scan detector (TCP only). Configurable. 15k.

tags | tcp
systems | unix
SHA-256 | ad0b5e7ee76f32e2ad88276614a890cb9441868777a8322de5b393470b1553db
tcplogd-0.1.2.tar.gz
Posted Aug 17, 1999
Authored by CyberPsychotic

tcplogd is a stealth-scan detector (TCP only). Configurable. 15k.

tags | tcp
systems | unix
SHA-256 | d8633fcc961c50c646ba7305143bf8b85c46537c26afe456d128400057e414b2
tcplogd-0.1.3.tar.gz
Posted Aug 17, 1999
Authored by CyberPsychotic

tcplogd is a stealth-scan detector (TCP only). Configurable. 15k.

tags | tcp
systems | unix
SHA-256 | 4ffef77ab750facde3910498ec5f5b26fd5e44b4ed5706c9cda335bdd7432a53
tcplogd-0.1.4.tar.gz
Posted Aug 17, 1999
Authored by CyberPsychotic

tcplogd v0.1.4 is a stealth-scan detecting daemon that is designed to detect most nmap sX/sN/sS scans, queso and other network scanners. This release includes fixes for the port range bugs.

systems | unix
SHA-256 | c8b3fb1a34bd183731c2d836feb98fe0589149ad5dab820cd348d09a9f629a5b
Page 1 of 2
Back12Next

Top Authors In Last 30 Days

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close