|
|
|
|
Thread Tools | Display Modes |
|
|
Apr 14th, 2008, 6:24 PM
|
#1 |
|
Newbie
Join Date: Feb 2008
Posts: 12
Rep Power: 0
 |
port scan detection
Hi there,
I'm currently working on a PROJECT (so it can be clear) regarding port scan detection. I have written a code which is able to read all packets arriving on the device, and extract necessary information such as source & destination addresses, destination port, protocol used... Having done this, I have no idea how to proceed next regarding the actual the detection of a port scan... I have some questions regarding this: 1) How can I know if a port being scanned is "open" or not (if the port is closed, and someone sends a packet/request to that port, doesn't it imply that it's an attack??) 2) Also, when I receive the packets, and I want to do a real-time/ live detection, should I only read the info in the packets and then determine whether it is an attack and discard after that the packet, OR do I have to store the packets in someway in order to use them later for the detection??  Can anybody provide with some info regarding this...I really need some help as I do not know how to proceed from this current point?! Thanks |
|
|
| Bookmarks |
| Currently Active Users Viewing This Thread: 1 (0 members and 1 guests) | |
| Thread Tools | |
| Display Modes | |
|
|
Similar Threads
|
||||
| Thread | Thread Starter | Forum | Replies | Last Post |
| Serial Port Communication | hoffmandirt | C# | 3 | Sep 19th, 2007 3:38 PM |
| Very simple Python port scanner. | Riddle | Python | 4 | Jul 29th, 2005 3:59 PM |
| Getting the process that's opening port x? | layer | C++ | 2 | May 12th, 2005 8:44 AM |
| Program related to Printer Port Programming post | shadowhunter | C++ | 9 | Apr 6th, 2005 7:04 PM |
| port programming | dominic | C++ | 1 | Feb 14th, 2005 10:52 AM |
Threaded Mode