scanlogd - a port scan detection tool

scanlogd is a TCP port scan detection tool, originally designed to illustrate various attacks an IDS developer has to deal with, for a Phrack Magazine article. Thus, unlike some of the other port scan detection tools out there, scanlogd is designed to be totally safe to use.

This release of scanlogd can be built with support for one of several packet capture interfaces. In addition to the raw socket interface on Linux (which does not require any libraries), scanlogd is now aware of libnids and libpcap.

installasi scanlog Ubuntu 20.04

sudo apt-get install scanlogd

test scan nmap

nmap 192.168.1.100

lihat log scan scanlogd

sudo systemctl status scanlogd

You’ll see output similar to this: