Main Menu
Home
About Resentment.org
About J-Dog
J-Dog's Tattoo
J-Dog's 69 442
ScreenShots
Projects
2.0.37 Secure Linux Patch
ColorLogs
DUMailCheck
PDPIRC
Scan Detector
ViperDB
Photos
Defcon 6
Snoop Dizzle
Parties
Misc
Errors
Other
Links
Hahpi.com
Dating Psychos
MMA Madness™
Krystalia.org
PacketStormSecurity.org
j-dog.net
Scan Detector 1.1

"J-Dog's Scan Detector 1.1" is almost identical to version 1.0 except that in 1.1 I finally got around to building some 'reation' systems which gathers data on the host who is scanning you. This script uses 'nmap' 'queso' and 'nmbnamex'. What this script does upon connection to a port (you specify which port to listen on) it grabs the IP and tries to resolve it to a hostname and then performs a tcp connect() scan on it (yap, that's visible, so watchout =P ) and then tries to grab the NetBIOS name of the scanner and then uses queso to resolve the Ip to an OS.

This update as with the original script was written as a kind of 'gee I am bored.. lets write something' project and while it can be used to detect portscans, it is not meant as a SERIOUS portscan detection util.

I am not interested in making this script really any more user friendly or cleaning up my code, or debugging this tool any further since I do not consider this tool to be a serious portscan detection util, but rather a POC program that I wrote to satisfy some boredom.

Note: I was just thinking about something... If 2 boxes were running this script and box A connected to box B and box B's tcp scan range was withing the range of ports that box A's scanner was on.. and vice versa.. you could get a really nice DoS going.. ;) w00t

Feel Free to download the Source Code

"J-Dog's Scan Detector" is provide Free of Charge to whoever wants to user it. I provide no warranty or guarantee that it will work.

If you have any questions or comments, please send them to J-Dog