November 28th, 2003, 09:08 AM
Slow down portscans
I got bored last night and wanted a bit more practice with shell scripting. So I was thinking, "What if I could open massive amounts of ports whenever I was scanned and slow down the scan." This script is the result. I will eventually write a python app to do this, so that it can be used on both Windows and Linux, but in the mean time I wanted to play with bash scripting.
This is a rather sad lil script. It requires both snort and nc, but I figure most competent nix users will have these on their system. There is a small c app (a single printf statement), and to save you from typing out an entire gcc line, I've also included a Makefile for it. The script basically sleeps and checks every 30 seconds (user defined in the script config section) for changes to your snort/portscan file (also user defined). It will then use netcat and open a series of ports (you can define the start and end port numbers). The nc sessions will time-out after 30 seconds. (not in the config, maybe in a future release, but i'm sure you can figure out how to scroll down and change it). This is a little cpu intensive (i mean it does start like 4000+ processes) and it is sometimes a pain to kill (I have to ctrl+c about 5 times to actually kill it), but it seemed to be somewhat successful. It quadrupled the time it takes to do a nmap scan of myself.
Anyways feel free to play with it, modify it, abuse it, or hell even eat it
IT Blog: .:Computer Defense:.
(Pronounced Pinched): Acronym - Point 'n Click Hacked. As in: "That website was pinched" or "The skiddie pinched my computer because I forgot to patch".