There is also psad.
More Here http://www.cyberciti.biz/faq/linux-d...-scan-attacks/
PSAD is a collection of four lightweight system daemons (in Perl and
C) designed to work with iptables to detect port scans. It features:
* a set of highly configurable danger thresholds (with sensible
* verbose alert messages that include the source, destination,
scanned port range, beginning and end times, TCP flags, and
corresponding Nmap options;
* reverse DNS information;
* alerts via email;
* automatic blocking of offending IP addresses via dynamic firewall
You Beat Me You already saw psad!