Show HN: Spip – Open-Source Self-Hosted TCP Network Sensor(github.com)
3 pointsby Robbedoes7 hours ago1 comment
  • RockSteadyCrew7 hours ago
    I wonder if you could move to pure-Go with x/sys/unix to retrieve SO_ORIGINAL_DST instead of leveraging Cgo? It would make cross-compilation for different architectures a lot easier. What kind of sensor results are you seeing with the default setup?
    • Robbedoes7 hours ago
      Good suggestion. To be honest, Cgo was the easiest for me to implement, as I originally wrote the tool in a different language. Also, most of the documentation for Netfilter and SO_ORIGINAL_DST is in C.

      As for results: I’m seeing about one 'hit' per second on a standard VPS. It's a constant stream of bots looking for exploitable systems and probes from scanners like Shodan and Censys. It’s actually surprising how quickly a new IP gets picked up by these crawlers.