abpillai at gmail.com
Wed Mar 17 14:13:57 CET 2010
I am pleased to announce the first release of "pyscanlogd",
a network port scan detection and logging tool, written in Python.
Pyscanlogd is inspired by scanlogd and can log network port scans
by listening to packets in promiscous mode. It has the ability to
log most fast port scans and also slow port scans done by nmap.
Pyscanlogd is dependent upon pypcap and dpkt.
The tool is derived from the ASPN Python cookbook recipe #576690.
Since the recipe has undergone a few revisions already, the tool
is being released at 0.5 version.
Here are some items in the TODO list of the tool for the future.
1. Configuration file to adjust threshold etc.
2. Ability to detect host sweeps apart from port scans
3. Logging format customization
4. Try and detect hping stealth scans
More information about the Python-announce-list