Well, I usually do use Snort. In some cases clients wanted something else. I'm not sure why--Snort is great. I've used it since the very beginning of its life.
I also started my project as a "I'll bet I could do something like that in Perl" that didn't require layer 2 packet capture or an interface in promiscuous mode. Basically creating a "dummy" daemon for a honeypot. Lee -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of Dutrieux Yves Sent: Tuesday, December 17, 2002 2:24 AM To: 'Robert-Jan Mora' Cc: '[EMAIL PROTECTED]' Subject: RE: port scan detector Why not use 'snort' to do this job ? Yves -----Original Message----- From: Robert-Jan Mora [mailto:[EMAIL PROTECTED]] Sent: Monday, December 16, 2002 9:59 PM To: [EMAIL PROTECTED] Subject: port scan detector Hello, I would like to make a tcp and udp port scan detector in perl for win32. Has anyone tried it already? The scan detector has to run on the background and only has to log connections to a file. Can someone point me to a direction. Thankz in advance. _______________________________________________ Perl-Win32-Admin mailing list [EMAIL PROTECTED] To unsubscribe: http://listserv.ActiveState.com/mailman/mysubs _______________________________________________ Perl-Win32-Admin mailing list [EMAIL PROTECTED] To unsubscribe: http://listserv.ActiveState.com/mailman/mysubs _______________________________________________ Perl-Win32-Admin mailing list [EMAIL PROTECTED] To unsubscribe: http://listserv.ActiveState.com/mailman/mysubs
