Skip to content
This repository has been archived by the owner on Feb 8, 2018. It is now read-only.

Detect source of portscans #12

Open
pirate opened this issue Apr 26, 2016 · 1 comment
Open

Detect source of portscans #12

pirate opened this issue Apr 26, 2016 · 1 comment
Assignees
@pirate
Labels
contribution wanted new feature
Projects
Development
Milestone
v3.0

Comments

@pirate
Copy link
Owner

pirate commented Apr 26, 2016

When being port-scanned, it would be nice to know who is scanning us.

Maybe this info can be parsed from lsof? It's a bit difficult since portscans are very rapid and usually rely on collecting port-closed RST responses, and not opening TCP sockets for very long.
@pirate pirate self-assigned this Apr 26, 2016
@pirate pirate changed the title Add info about source of portscans Detect source of portscans Apr 26, 2016
@pirate pirate mentioned this issue Apr 27, 2016
Closed
@pirate
Copy link
Owner Author

pirate commented Apr 27, 2016

Not to mention the source IP info is not available directly from the logfile, so we'd have to run an additional command to try and figure out the source.

@pirate pirate modified the milestone: v3.0 May 2, 2016
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees

@pirate pirate

Labels
contribution wanted new feature
Projects
Development
Long-Term Backlog
Milestone
v3.0
Development

No branches or pull requests
1 participant
@pirate