Package: psad (1.4.8-1)

Links for psad

Debian Resources:

Download Source Package psad:

Maintainer:

Daniel Gubser (QA Page)

Similar packages:

The Port Scan Attack Detector

PSAD is a collection of four lightweight system daemons written in Perl and in C that is designed to work with Linux firewalling code (iptables in the 2.4.x kernels, and ipchains in the 2.2.x kernels) to detect port scans. It features a set of highly configurable danger thresholds (with sensible defaults provided), verbose alert messages that include the source, destination, scanned port range, begin and end times, tcp flags and corresponding nmap options (Linux 2.4.x kernels only), reverse DNS info, email alerting, and automatic blocking of offending ip addresses via dynamic configuration of ipchains/iptables firewall rulesets.

In addition, for the 2.4.x kernels psad incorporates many of the tcp signatures included in Snort to detect highly suspect scans for:

 * various backdoor programs (e.g. EvilFTP, GirlFriend, SubSeven)
 * DDoS tools (mstream, shaft)
 * advanced port scans (syn, fin, xmas) such as those made with nmap

Homepage: http://www.cipherdyne.org/

Tags: System Administration: Monitoring, User Interface: Daemon, Networking: Firewall, Server, Role: Program, Security: Firewall, Intrusion Detection, Purpose: Checking

Other Packages Related to psad

depends

recommends

suggests

dep: iptables

administration tools for packet filtering and NAT

or ipchains

Package not available
dep: libc6 (>= 2.3.5-1) [not alpha, i386, ia64]

GNU C Library: Shared libraries
also a virtual package provided by libc6-udeb

dep: libc6 (>= 2.3.6-6) [i386]
dep: libc6.1 (>= 2.3.5-1) [alpha, ia64]

GNU C Library: Shared libraries
also a virtual package provided by libc6.1-udeb
dep: libcarp-clan-perl

Perl enhancement to Carp error logging facilities
dep: libdate-calc-perl

Perl library for accessing dates
dep: libnetwork-ipv4addr-perl

The Net::IPv4Addr perl module API and ipv4calc script
dep: libunix-syslog-perl

Perl interface to the UNIX syslog(3) calls
dep: perl (>= 5.6.0-16)

Larry Wall's Practical Extraction and Report Language
dep: psmisc

Utilities that use the proc filesystem
dep: syslogd

virtual package provided by sysklogd

or syslog-ng

Next generation logging daemon

or metalog

Package not available
dep: whois

the GNU whois client

rec: bastille

Security hardening tool

Download psad

Download for all available architectures
Architecture	Package Size	Installed Size	Files
alpha	247.4 kB	1932 kB	[list of files]
amd64	249.0 kB	1928 kB	[list of files]
arm	245.7 kB	1924 kB	[list of files]
hppa	247.0 kB	1928 kB	[list of files]
i386	247.1 kB	1924 kB	[list of files]
ia64	249.3 kB	1944 kB	[list of files]
mips	246.8 kB	1928 kB	[list of files]
mipsel	246.8 kB	1928 kB	[list of files]
powerpc	245.8 kB	1924 kB	[list of files]
s390	246.3 kB	1924 kB	[list of files]
sparc	245.5 kB	1924 kB	[list of files]