iplog is a TCP/IP traffic logger.
Version: 2.2.3iplog is a TCP/IP traffic logger. Currently, it is capable of logging TCP, UDP, and ICMP traffic. iplog is able to detect TCP port scans, TCP null scans, FIN scans, UDP and ICMP "smurf" attacks, bogus TCP flags, TCP SYN scans, TCP "Xmas" scans, ICMP ping floods, UDP scans, and IP fragment attacks. iplog is able to run in promiscuous mode and monitor traffic to all hosts on a network.iplog uses libpcap to read data from the network and can be ported to any system that supports posix threads and on which libpcap will function.
Operating System: Linux
Some people have reported that iplog doesn't log anything for them. To those people:
Can you try commenting out line 41 of iplog.c and seeing if that makes iplog produce logs. If it does, what percentage of CPU time does ps or top show iplog consuming? If deleting that line helps you at all, I'd be interested in hearing about it. Could you send me email with your operating system and OS version and details about what happened when you removed that line.
What's New in This Release:
· Released as version 2.2.3.