ANN: pyscanlogd

Anand abpillai at
Wed Mar 17 14:13:57 CET 2010

Hi all,

 I am pleased to announce the first release of "pyscanlogd",
 a network port scan detection and logging tool, written in Python.

 Pyscanlogd is inspired by scanlogd and can log network port scans
by listening to packets in promiscous mode. It has the ability to
log most fast port scans and also slow port scans done by nmap.

 Pyscanlogd is dependent upon pypcap and dpkt.

 The tool is derived from the ASPN Python cookbook recipe #576690.
 Since the recipe has undergone a few revisions already, the tool
 is being released at 0.5 version.

 Here are some items in the TODO list of the tool for the future.

 1. Configuration file to adjust threshold etc.
 2. Ability to detect host sweeps apart from port scans
 3. Logging format customization
 4. Try and detect hping stealth scans



More information about the Python-announce-list mailing list