           SPELL=pkdump
         VERSION=0.96.2
          SOURCE=${SPELL}-${VERSION}.tar.gz
SOURCE_DIRECTORY=${BUILD_DIRECTORY}/${SPELL}-${VERSION}
   SOURCE_URL[0]=$SOURCEFORGE_URL/${SPELL}/$SOURCE
     SOURCE_HASH=sha512:e1844ca17773f801f8bae8df2ccf8c1dc007af3e268452f644ed3e12215e9a0e34eb1ef36035af67f50e0dce079869c296f2539b1b15f8a15894f25dcbde2128
      LICENSE[0]=GPL
         ENTERED=20030730
        WEB_SITE=http://pkdump.sourceforge.net/pkdumpage.html
        KEYWORDS="security net"
       BUILD_API=1
           SHORT="pkdump detect any TCP ,UDP port scanning or open connection attempt."
cat << EOF
pkdump detect any TCP ,UDP port scanning or open connection attempt from foreign
host via internet .
The program detect for: TCP connect , TCP syn , TCP fin , TCP xmas, TCP ack, 
TCP null(no flags), UDP port (connect) and UDP null (0 bytes, UDP packets lengt),
whether the IP packet are fragmented or not.
The program make a directory like this :"Pkdump-[data][time]" and in this directory
make a file "PKDATA" that contains all IP packets received during the trasmission
and during a port scanning attack make files that contains the data of the attack.
the data of the port scanning are also displayed on the screen with a short "beep".
    
The data of probable  scanning contains :
     
  > used protocoll (TCP,UDP)
  > date and time
  > type of scan
  > Source port
  > Destination port
  > Source IP Address
  > Destination IP Address
	    
The program uses the "Packet Socket" therefore it needs to be compiled in the 
kernel or could be insert it as a module(af_packet.o ).	    
EOF
