           SPELL=pkdump
         VERSION=0.96.2
          SOURCE=${SPELL}-${VERSION}.tar.gz
SOURCE_DIRECTORY=${BUILD_DIRECTORY}/${SPELL}-${VERSION}
   SOURCE_URL[0]=http://downloads.sourceforge.net/sourceforge/${SPELL}/$SOURCE
     SOURCE_HASH=sha512:e1844ca17773f801f8bae8df2ccf8c1dc007af3e268452f644ed3e12215e9a0e34eb1ef36035af67f50e0dce079869c296f2539b1b15f8a15894f25dcbde2128
      LICENSE[0]=GPL
         ENTERED=20030730
        WEB_SITE=http://pkdump.sourceforge.net/pkdumpage.html
        KEYWORDS="security net"
       BUILD_API=1
           SHORT="pkdump detect any TCP ,UDP port scanning or open connection attempt."
cat << EOF
pkdump detect any TCP ,UDP port scanning or open connection attempt from
foreign
host via internet .
The program detect for: TCP connect , TCP syn , TCP fin , TCP xmas, TCP ack,
TCP null(no flags), UDP port (connect) and UDP null (0 bytes, UDP packets
lengt),
whether the IP packet are fragmented or not.
The program make a directory like this :"Pkdump-[data][time]" and in this
directory
make a file "PKDATA" that contains all IP packets received during the
trasmission
and during a port scanning attack make files that contains the data of
the attack.
the data of the port scanning are also displayed on the screen with a short
"beep".

The data of probable  scanning contains :

  > used protocoll (TCP,UDP)
  > date and time
  > type of scan
  > Source port
  > Destination port
  > Source IP Address
  > Destination IP Address

The program uses the "Packet Socket" therefore it needs to be compiled in the
kernel or could be insert it as a module(af_packet.o ).
EOF
