On Mon, Feb 18, 2002 at 09:36:07AM +0530, Raju Mathur wrote:
| iplog is a TCP/IP traffic logger. Currently, it is capable of logging
| TCP, UDP and ICMP traffic. Adding support for other protocols should
| be relatively easy.
|
| iplog's capabilities include the ability to detect TCP port scans, TCP
| null scans, FIN scans, UDP and ICMP "smurf" attacks, bogus TCP flags
| (used by scanners to detect the operating system in use), TCP SYN
| scans, TCP "Xmas" scans, ICMP ping floods, UDP scans, and IP fragment
| attacks.
|
| iplog is able to run in promiscuous mode and monitor traffic to all
| hosts on a network.
Doesn't portsentry do the same? Are there any features in iplog which
aren't part of portsentry?
chyrag.
--
Chirag Kantharia, symonds.net/~chyrag/
Linux scrooge 2.4.17 #1 Wed Jan 16 17:07:25 IST 2002 i686 unknown
================================================
To subscribe, send email to [EMAIL PROTECTED] with subscribe in subject header
To unsubscribe, send email to [EMAIL PROTECTED] with unsubscribe in subject header
Archives are available at http://www.mail-archive.com/ilugd%40wpaa.org
=================================================
