π PortSleuth is a lightweight Bash script designed to help Linux admins scan for open TCP ports and detect unexpected or suspicious services running on a system.
- Scans all currently open TCP ports
- Compares against a customizable list of allowed/expected ports
- Logs all findings with timestamps
- Highlights any unknown or potentially rogue services
- Cleans up logs older than 7 days
- Can be scheduled to run daily via cron
Logs are saved to the logs/ directory:
Ideal for Linux administrators or DevOps engineers who want to enhance visibility over their systemsβ open ports and service exposure.
Edit the script to include only the ports/services you expect to be running:
ALLOWED_PORTS=(22 80 443)