Package: psad (2.1.3-1.1)

Links for psad

Debian Resources:

Download Source Package psad:

Maintainer:

Daniel Gubser (QA Page)

External Resources:

Homepage [www.cipherdyne.org]

Similar packages:

The Port Scan Attack Detector

PSAD is a collection of four lightweight system daemons written in Perl and in C that is designed to work with Linux firewalling code (iptables in the 2.4.x kernels, and ipchains in the 2.2.x kernels) to detect port scans. It features a set of highly configurable danger thresholds (with sensible defaults provided), verbose alert messages that include the source, destination, scanned port range, begin and end times, tcp flags and corresponding nmap options (Linux 2.4.x kernels only), reverse DNS info, email alerting, and automatic blocking of offending ip addresses via dynamic configuration of ipchains/iptables firewall rulesets.

In addition, for the 2.4.x kernels psad incorporates many of the tcp signatures included in Snort to detect highly suspect scans for:

 * various backdoor programs (e.g. EvilFTP, GirlFriend, SubSeven)
 * DDoS tools (mstream, shaft)
 * advanced port scans (syn, fin, xmas) such as those made with nmap

Tags: System Administration: Monitoring, User Interface: Daemon, Networking: Firewall, Server, Role: Program, Security: Firewall, Intrusion Detection, Purpose: Checking

Other Packages Related to psad

depends

recommends

suggests

dep: iptables

administration tools for packet filtering and NAT

or ipchains

Package not available
dep: libc6 (>= 2.7-1) [not alpha, ia64]

GNU C Library: Shared libraries
also a virtual package provided by libc6-udeb
dep: libc6.1 (>= 2.7-1) [alpha, ia64]

GNU C Library: Shared libraries
also a virtual package provided by libc6.1-udeb
dep: libcarp-clan-perl

Perl enhancement to Carp error logging facilities
dep: libdate-calc-perl

Perl library for accessing dates
dep: libiptables-chainmgr-perl

Perl extension for manipulating iptables policies
dep: libiptables-parse-perl

Perl extension for parsing iptables firewall rulesets
dep: libnetwork-ipv4addr-perl

Perl extension for manipulating IPv4 addresses
dep: libunix-syslog-perl

Perl interface to the UNIX syslog(3) calls
dep: perl

Larry Wall's Practical Extraction and Report Language
dep: psmisc

Utilities that use the proc filesystem
dep: sysklogd

System Logging Daemon

or system-log-daemon

virtual package provided by dsyslog, inetutils-syslogd, rsyslog, socklog-run, sysklogd, syslog-ng
dep: whois

an intelligent whois client

rec: bastille

Security hardening tool

Download psad

Download for all available architectures
Architecture	Package Size	Installed Size	Files
alpha	383.6 kB	2728 kB	[list of files]
amd64	384.8 kB	2720 kB	[list of files]
arm	380.7 kB	2716 kB	[list of files]
armel	383.0 kB	2716 kB	[list of files]
hppa	382.3 kB	2720 kB	[list of files]
i386	381.1 kB	2716 kB	[list of files]
ia64	385.9 kB	2740 kB	[list of files]
mips	382.8 kB	2724 kB	[list of files]
mipsel	382.9 kB	2724 kB	[list of files]
powerpc	383.1 kB	2720 kB	[list of files]
s390	382.3 kB	2716 kB	[list of files]
sparc	382.0 kB	2716 kB	[list of files]