The Portspoof program primary goal is to enhance OS security through a set of techniques that will slow down and keep your attackers out from staying low profile during their reconnaissance against your system(s).
By default the attacker's reconnaissance phase should be time consuming and easily detectable by your intrusion detection systems...
Portspoof can be also used as an 'Exploitation Framework Frontend', that turns your system into responsive and aggressive machine. In practice this means that your server will be able to exploit your attackers' tools and exploits in an automated manner. This approach is purely based on Active (Offensive) Defense concepts.
Portspoof is meant to be lightweight, configurable, fast and secure (if it's not - please let me know)
Run your favorite port scanning tool for portspoof.org to see the results: nmap -sV -v portspoof.org
- Portspoof is a userland software and does not require root privileges ! - Binds to just one tcp port per a running instance - Easily customizable through iptables rules - Marginal CPU/memory usage (multithreaded) - More than 8000 dynamic service signatures are supported ! - Will help you to automate your Active Defense attacks against your attackers tools and scripts
Portspoof is still a work in progress. Depending on my available time more features and ehencaments are expected to be implemented.
Check out the documentation page for further details.
For full log details please visit https://github.com/drk1wi/portspoof
1.0 - 02/08/2013 - Linux * Major release. * Ported to C++. * Example NMAP NSE exploit, McAffe UTF7 XSS, etc. exploits added . * Fuzzer functionality added. * Many minor improvements and enhancements have been made 0.3 - 28/09/2012 - Linux * Configuration file support. * Minor bug fixes and improvements. * Droppped BSD support due to time constraints (will resume in future - maybe). * 8000 port signatures supported 0.2 - 11/08/2012 - Linux/BSD Note: BSD implementation is still experimental * Alerts can be logged for further investigation. * Fixed BSD startup bug. * Automake files fixed. * Other minor bugs fixed. 0.1 - 02/08/2012 - Linux/BSD * First stable release for Linux. * Multithreaded. * 1866 port signatures supported.
Portspoof is a free software distributed under GNU GPL version 2 license.
All the relevant details can be found here