On 2016/03/17 23:26, Michael McConville wrote: > This is a 21-year-old 362-line Perl script. Do people suspect that it's > still useful? I recall seeing other port scan detectors in the ports > tree, and I suspect they're better choices... >
Hardcoded list of ports without https, pop, imap, submission or common proxies, the whole thing needs to run as root because there's no support to run tcpdump via sudo/doas/etc, and it needs to run the tcpdump packet dissectors which are known to be buggy. Bye!
