diff options
Diffstat (limited to 'security/pkdump/DETAILS')
-rwxr-xr-x | security/pkdump/DETAILS | 30 |
1 files changed, 18 insertions, 12 deletions
diff --git a/security/pkdump/DETAILS b/security/pkdump/DETAILS index 6de0c75540..ab511f6c4b 100755 --- a/security/pkdump/DETAILS +++ b/security/pkdump/DETAILS @@ -11,18 +11,24 @@ SOURCE_DIRECTORY=${BUILD_DIRECTORY}/${SPELL}-${VERSION} BUILD_API=1 SHORT="pkdump detect any TCP ,UDP port scanning or open connection attempt." cat << EOF -pkdump detect any TCP ,UDP port scanning or open connection attempt from foreign +pkdump detect any TCP ,UDP port scanning or open connection attempt from +foreign host via internet . -The program detect for: TCP connect , TCP syn , TCP fin , TCP xmas, TCP ack, -TCP null(no flags), UDP port (connect) and UDP null (0 bytes, UDP packets lengt), +The program detect for: TCP connect , TCP syn , TCP fin , TCP xmas, TCP ack, +TCP null(no flags), UDP port (connect) and UDP null (0 bytes, UDP packets +lengt), whether the IP packet are fragmented or not. -The program make a directory like this :"Pkdump-[data][time]" and in this directory -make a file "PKDATA" that contains all IP packets received during the trasmission -and during a port scanning attack make files that contains the data of the attack. -the data of the port scanning are also displayed on the screen with a short "beep". - +The program make a directory like this :"Pkdump-[data][time]" and in this +directory +make a file "PKDATA" that contains all IP packets received during the +trasmission +and during a port scanning attack make files that contains the data of +the attack. +the data of the port scanning are also displayed on the screen with a short +"beep". + The data of probable scanning contains : - + > used protocoll (TCP,UDP) > date and time > type of scan @@ -30,7 +36,7 @@ The data of probable scanning contains : > Destination port > Source IP Address > Destination IP Address - -The program uses the "Packet Socket" therefore it needs to be compiled in the -kernel or could be insert it as a module(af_packet.o ). + +The program uses the "Packet Socket" therefore it needs to be compiled in the +kernel or could be insert it as a module(af_packet.o ). EOF |