-
Notifications
You must be signed in to change notification settings - Fork 3
/
README
55 lines (41 loc) · 1.5 KB
/
README
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
Introduction
------------
This package provides "Pyscanlogd", a port-scanning
detection tool entirely written in Python. PyScanLog
is inspired by scanlogd {http://www.openwall.com/scanlogd}.
Licensing
---------
The code is released under New BSD License.
Dependencies
------------
The code is dependent upon pypcap and dpkt. However there
are problems with automatic installation of these packages
through setup.py, so they are not added as dependencies
into setup.py.
Instead either use your system's package manager to
install the dependencies or visit their respective
project pages to build from the latest source tarball.
pypcap: https://code.google.com/p/pypcap/
dpkt: http://code.google.com/p/dpkt/
In Ubuntu, these dependencies can be installed by
$ sudo apt-get install python-pypcap python-dpkt
Installation
------------
$ sudo python setup.py install
Usage
-----
To run with default options just run the tool as root.
All scans are logged to the console.
$ sudo pyscanlogd
listening on eth0:
[2010-03-17 16:41:06]: TCP syn scan (flags:6) from 172.16.220.124 to 172.16.220.214 (ports:143,199,5900,256,111,1723,21,25,554,80,22)
To log to a file pass the "-f" option.
To run as daemon pass the "-d" option.
Note: When running as daemon, if -f option is not provided,
no output is printed to stdout.
$ sudo pyscanlogd -d -f "/var/log/scanlogd.log"
Daemonizing...
$ listening on eth0:
Currently there is no option to a specific interface.
By default pyscanlogd listens to the active interface
in promiscous mode.