LISTING 1: Script to Open Ports and Log Port Use

# A simple socket server/logger (Michael Howard, mikehow@microsoft.com)
# SockSrv.pl 
use strict;
use IO::Socket;
use IO::Select;
use IO::File;
use subs qw(logEvent getIP getTime);

my $MAX_CONNS = 10;	# maximum # of connections
my $LOG_FILE  = " logfile.log";	# log file for hack attempts

open  LOGFILE, ">>$LOG_FILE" or die "Unable to create $LOG_FILE: $!\n"; 
LOGFILE->autoflush(1);
print "Logging to $LOG_FILE\n";
print "\nWaiting for connections\n";

my %socketPorts = (25=>'',1433=>'',23=>''); # Add ports
my @sockets = ();
foreach (keys %socketPorts) {
	my $sock = new IO::Socket::INET(Listen => 10, 
  LocalPort => $_) 
or warn "Can't open port $_ - $!\n";
	$socketPorts{$_} = $sock;
	push(@sockets,$sock);
	print "Listening on port $_\n";
}

my $select = new IO::Select(@sockets);
my %portsByHandle = reverse %socketPorts;
my @ready;
while (@ready = $select->can_read) {
	foreach (@ready) {
		my $client = $_->accept;
		$select->add($client);
		logEvent $client->peeraddr(), $portsByHandle{$_};
		$select->remove($client);
		$client->close;
	}
}

close LOGFILE;
foreach (keys %socketPorts) {
	close($_);
}

sub logEvent {
	my ($ip,$port) = @_;
	my ($sec,$min,$hour,$mday,$mon,$year,$wday,$yday,$isdst) = gmtime(time);
	my $tm = sprintf("%04d-%02d-%02d:%02d:%02d:%02d",
  1900+$year,$mon+1,$mday,$hour,$min,$sec);
	my ($ipa, $ipb, $ipc, $ipd) = unpack('C4',$ip);
	print "Last activity from $ip to $port at $tm.      \r";
	print LOGFILE "$tm\t$ipa.$ipb.$ipc.$ipd\t$port\n" 
or die "Unable to write to $LOG_FILE : $!\n";
}