资 源 简 介
Pyscanlogd is a network port scan detection tool written in pure Python. It can detect most fast port scans and even can detect port-scans of longer duration upto an hour. It can run in the foreground and log scans to the console as well as a daemon while logging scans to a file.
```
$ sudo pyscanlogd
listening on eth0:
Regular scan detection
(flags:6) from 172.16.220.124 to 172.16.220.214
(ports:256,995,554,8080,3389,139,3306,23,111,993,53,1723)
2010-03-17 17:23:13: Continuation of TCP syn scan from 172.16.220.124 to
172.16.220.214 (ports:113,199,21,5900,22,1720,135,587,445,2065,6005,3703,631)
2010-03-17 17:23:13: Continuation of TCP syn scan from 172.16.220.124 to
172.16.220.214 (ports:4004,1761,1075,4129,7921,33354,255,55600,1600,1065)
...
[2010-03-17 17:23:47]: TCP x-mas scan (flags:41) from 172.16.220.124 to
66.102.13.104 (ports:110,21,111,1720,993,587,3389,143,199,445,8080,80)
[2010-03-17 17
