You configure the Walter.Web.FireWall or Walter.Net.LookWhoisTalkingService to configure and use the service using the UsePortScannerProtection extension method on the firewall service registration. If you do not use the firewall then you can use the IPortScannerService when using on of the Microsoft.Extensions.DependencyInjection.HoneyPotServiceExtension extension methods to configure dependency injection to create it for you.
using Microsoft.Extensions.DependencyInjection;
using System;
publicclass Example
{
publicstaticvoid Main()
{
// Configure services
var serviceProvider = new ServiceCollection()
.UsePortScannerProtection(option =>
{
option.Echo = 7;
option.IgnoreAfterDetection = IgnoreScope.IPAddressAndPort;
})
.BuildServiceProvider();
// Retrieve the port scanner detection service
var portScannerService = serviceProvider.GetRequiredService<IPortScannerDetectionService>();
// Subscribe to the OnPortAccessDetected event
portScannerService.OnPortAccessDetected += (sender, e) =>
{
Console.WriteLine($"Port access detected: IP={e.IPAddress}, Port={e.Port}");
};
// Loop over each registered listener and add event handlers for detecting port access
foreach (var listener in portScannerService.Listeners)
{
listener.OnDataReceived += OnDataReceived;
listener.OnDetecting += OnDetecting;
}
// Start the service
portScannerService.Start();
// Additional logic here
}
privatestaticvoid OnDataReceived(object sender, DataReceivedEventArgs e)
{
Console.WriteLine($"Data received from IP={e.IPAddress}, Port={e.Port}");
}
privatestaticvoid OnDetecting(object sender, DetectingEventArgs e)
{
Console.WriteLine($"Detecting: IP={e.Detection.IPAddress}, Port={e.Detection.Port}");
}
}
Requirements
Target Platforms: Windows 7, Windows Vista SP1 or later, Windows XP SP3, Windows Server 2008 (Server Core not supported), Windows Server 2008 R2 (Server Core supported with SP1 or later), Windows Server 2003 SP2