Source code and details: https://github.com/umutcamliyurt/PortTripper
How it works
On startup PortTripper:
- Scans the configured port range and builds a whitelist of ports already in use by real services (first run only).
- Draws a cryptographically random sample of up to
-maxportsports from the range, excluding whitelisted ports. Usingcrypto/randfor selection means the open set is unpredictable to an attacker even if they know the configured range. - Binds TCP and UDP listeners on every chosen port.
- On TCP: accepts connections, holds them open for a configurable duration, then drops them, wasting the scanner’s threads and file descriptors.
- On UDP: reads and discards datagrams without replying, so ports appear
open|filteredto scanners rather thanclosed.
All real service ports are untouched because they are already bound before PortTripper starts, and the auto-generated whitelist tells PortTripper to skip them.
There’s nothing wrong with interpreted languages. And go is in fact compiled so…
I agree with both of your statements.
For security applications, I prefer a compiled application as it’s more difficult to alter in situ.