Stuart Henderson <s...@spacehopper.org> writes: > On 2016/03/17 23:26, Michael McConville wrote: >> This is a 21-year-old 362-line Perl script. Do people suspect that it's >> still useful? I recall seeing other port scan detectors in the ports >> tree, and I suspect they're better choices... >> > > Hardcoded list of ports without https, pop, imap, submission or common > proxies, the whole thing needs to run as root because there's no support > to run tcpdump via sudo/doas/etc, and it needs to run the tcpdump > packet dissectors which are known to be buggy. Bye!
+1 -- jca | PGP : 0x1524E7EE / 5135 92C1 AD36 5293 2BDF DDCC 0DFA 74AE 1524 E7EE