Login or Register to Ask a Question and Join Our Community


Software Releases - RSS News

Port Scan Attack Detector 2.1.2 (Default branch)

Login to Discuss or Reply to this Discussion in Our Community

 
Thread Tools Search this Thread
Special Forums News, Links, Events and Announcements Software Releases - RSS News Port Scan Attack Detector 2.1.2 (Default branch)
# 1  
Old 04-04-2008
Port Scan Attack Detector 2.1.2 (Default branch)
The Port Scan Attack Detector (psad) is acollection of three system daemons that aredesigned to work with the Linux iptablesfirewalling code to detect port scans and othersuspect traffic. It features a set of highlyconfigurable danger thresholds (with sensibledefaults), verbose alert messages, email alerting,DShield reporting, and automatic blocking ofoffending IP addresses. Psad incorporates many ofthe packet signatures included in Snort to detectvarious kinds of suspicious scans, and implementsthe same passive OS fingerprinting algorithm usedby p0f.License: GNU General Public License (GPL)Changes:
A bug was fixed so that kernel timestamps are notincluded in iptables log prefixes that containspaces like "[ 65.026008] DROP". Non-resolved IPaddresses are now skipped. p0f output in --debugmode was improved to display when a passive OSfingerprint cannot be calculated based on iptableslog messages that include TCP options (i.e. with--log-tcp-options when building a LOG rule on theiptables command line).Image

More...
Login or Register to Ask a Question

Previous Thread | Next Thread

4 More Discussions You Might Find Interesting

1. Shell Programming and Scripting

Formatting port scan output

I need to format port scan output for input into another app. This is what I have; 1025/tcp 1521/tcp 2301/tcp 2381/tcp 3191/tcp 3389/tcp 5938/tcp 47001/tcp 54321/tcp 21/tcp 80/tcp 135/tcp 139/tcp 445/tcp 1025/tcp (4 Replies)
Discussion started by: lewk
4 Replies

2. Shell Programming and Scripting

port scan shell script

Hi, Can any one please suggest me commands for making port scan shell script. (3 Replies)
Discussion started by: nrbhole
3 Replies

3. UNIX for Advanced & Expert Users

Please let me know Regarding Port Scan

Can any one please let me know below ones 1) How to Perform the Port Scan in Solaris Environment and how to block the unwanted Ports. 2) How to know whether particular Port is listning the requests or not? Thanks Ramkumar.B (7 Replies)
Discussion started by: myramkumar
7 Replies

4. UNIX for Dummies Questions & Answers

unix program that can port scan a c block of ips for proxies

can anyone tell me a unix program that can port scan a c block of ips for proxies? a fast one, with reliable results, that can load an ip list, or set an ip range, and specify ports thanks! (1 Reply)
Discussion started by: user
1 Replies
Login or Register to Ask a Question

LEARN ABOUT DEBIAN

mdns-scan

MDNS-SCAN(1)						      General Commands Manual						      MDNS-SCAN(1)

NAME

       mdns-scan - Scan for mDNS/DNS-SD services published on the local network

SYNOPSIS

       mdns-scan

DESCRIPTION

       mdns-scan  is  a  tool  for  scanning for mDNS/DNS-SD published services on the local network. It issues a mDNS PTR query to the special RR
       _services._dns-sd._udp.local for retrieving a list of all currently registered services on the local link.

OPTIONS

       mdns-scan has no commandline options.

NOTES

       mdns-scan is not a good mDNS citizen since it queries continuously for services and doesn't implement features like Duplicate  Suppression.
       It is intended for usage as a debugging tool only.

       mdns-scan  is incomplete since it doesn't resolve mDNS services for you - it just dumps their PTR RRs. To understand these records you need
       minimal knowledge of DNS-SD and how it works.

       mdns-scan does not terminate on its own behalf. It scans for services continuously until the user kills it by pressing C-c.

       mdns-scan does not rely on a local mDNS responder daemon. It has no dependencies besides the GNU libc. It has been tested on Linux only.

       mdns-scan does NOT scan for local mDNS enabled hosts or A/AAAA RRs, it scans for DNS-SD registered services, nothing else.

SEE ALSO

       mDNSResponder(8)

AUTHOR

       mdns-scan has been written by Lennart Poettering <mzqrovna@0pointer.de>

0.4								   Jan 21, 2004 						      MDNS-SCAN(1)