I've got a "fully developed" one that I wrote and I've used for a while now. It listens on multiple ports, it logs the source addresses, does reverse lookups and whois/ARIN lookups for the ISP in question, and sends e-mails if a defined number of attempts or ports are scanned. Uses a config file to tune settings, can send reports to multiple e-mail addresses, etc.
It also runs cross-platform on Linux, Solaris, and NT/2000 without any modifications. Eric's follow up messages have you started in the right direction. Lee Lee Clemmer President/Chief Security Consultant Higher Ground Networks, LLC [EMAIL PROTECTED] 404-874-0504 Cell: 404-277-6651 -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of Robert-Jan Mora Sent: Monday, December 16, 2002 3:59 PM To: [EMAIL PROTECTED] Subject: port scan detector Hello, I would like to make a tcp and udp port scan detector in perl for win32. Has anyone tried it already? The scan detector has to run on the background and only has to log connections to a file. Can someone point me to a direction. Thankz in advance. _______________________________________________ Perl-Win32-Admin mailing list [EMAIL PROTECTED] To unsubscribe: http://listserv.ActiveState.com/mailman/mysubs _______________________________________________ Perl-Win32-Admin mailing list [EMAIL PROTECTED] To unsubscribe: http://listserv.ActiveState.com/mailman/mysubs
