Beefy Boxes and Bandwidth Generously Provided by pair Networks
We don't bite newbies here... much

Re: Perl and netstat

by panix (Monk)
on Jul 24, 2002 at 09:35 UTC ( #184744=note: print w/replies, xml ) Need Help??

in reply to Perl and netstat

I'm not aware of any - but you might find Net::Pcap (and NetPacket::*) more useful for analyzing traffic - it'll give you access to every packet coming in over a given interface.

For your netstat wrapper - presumably for tracking a dos you're going to want the results continuously? I'd consider parsing /proc/net/tcp,/proc/net/udp,etc instead of constant netstat execs.

Replies are listed 'Best First'.
Re: Re: Perl and netstat
by shotgunefx (Parson) on Jul 24, 2002 at 09:43 UTC
    Actually, what I was trying to detect was a bunch of SYN_REC's coming from one location. I check every five minutes and alarm if it happens. I'm going to modify it to automatically add them to ipchains to filter them out.


    "To be civilized is to deny one's nature."

Log In?

What's my password?
Create A New User
Node Status?
node history
Node Type: note [id://184744]
and the web crawler heard nothing...

How do I use this? | Other CB clients
Other Users?
Others meditating upon the Monastery: (6)
As of 2020-08-12 09:11 GMT
Find Nodes?
    Voting Booth?
    Which rocket would you take to Mars?

    Results (65 votes). Check out past polls.