Scanlogd is a port scan detection software that was created to demonstrate different types of attacks. Its primary focus is to detect TCP port scans.
One of the standout features of scanlogd is its ability to support one of several packet capture interfaces. This means that it can be built with support for raw socket interface on Linux, which does not require any libraries. Additionally, scanlogd is now aware of libnids and libpcap, giving it the flexibility to monitor traffic of an entire network at once. If you're on a system other than Linux, or you want to handle fragmented IP packets, then libnids is the way to go.
It's also worth noting that scanlogd is designed to be totally safe to use, making it a great choice for those who are new to port scan detection. Unlike some other tools, scanlogd is built to prioritize user safety, meaning that you can use it with confidence.
Overall, scanlogd is an excellent choice for anyone looking for a reliable and safe TCP port scan detection tool. With its various packet capture interfaces and commitment to user safety, it's sure to be a valuable addition to any security toolkit.
Version 2.2.6: N/A