Attackwatch is intended to enhance the security of
small private networks that are already protected
by a restrictively configured firewall but which
still have a few ports open. Attackwatch will
analyze the firewall output in near-realtime and
will run scripts in response to incoming packets
that got logged.