Publisher review:ScanAlert was built to analyze iptables log entries in real time and report detected port scans to syslogd. ScanAlert was built to analyze iptables log entries in real time and report detected port scans to syslogd. From there you can use a daemon like logdog to take action if desired, or you can manually review the logs later if you prefer.
ScanAlert is designed to be very effecient, and as such takes a (little) bit of work to get it installed. It is a very nice tool though, because it doesn't need special permissions or kernel modules, and it doesn't listen on any network ports. It can also be used to monitor a whole network of hosts if you syslog to a central server. It has a straight forward interface and configuration file making it very easy to use.
ScanAlert 1.00RC5 is a Perl script for Server Management scripts design by Brandon Zehm.
It runs on following operating system: Linux / BSD.
Operating system:Linux / BSD