Package: psad (2.1.5-1)

Links for psad

Debian Resources:

Download Source Package psad:

Maintainers:

Daniel Gubser (QA Page)
Franck Joncourt (QA Page)

External Resources:

Homepage [www.cipherdyne.org]

Similar packages:

The Port Scan Attack Detector

PSAD is a collection of four lightweight system daemons written in Perl and in C that is designed to work with Linux firewalling code (iptables in the 2.4.x kernels, and ipchains in the 2.2.x kernels) to detect port scans. It features a set of highly configurable danger thresholds (with sensible defaults provided), verbose alert messages that include the source, destination, scanned port range, begin and end times, tcp flags and corresponding nmap options (Linux 2.4.x kernels only), reverse DNS info, email alerting, and automatic blocking of offending ip addresses via dynamic configuration of ipchains/iptables firewall rulesets.

In addition, for the 2.4.x kernels psad incorporates many of the tcp signatures included in Snort to detect highly suspect scans for:

 * various backdoor programs (e.g. EvilFTP, GirlFriend, SubSeven)
 * DDoS tools (mstream, shaft)
 * advanced port scans (syn, fin, xmas) such as those made with nmap

Tags: System Administration: Monitoring, User Interface: Daemon, Networking: Firewall, Server, Role: Program, Security: Firewall, Intrusion Detection, Purpose: Checking

Other Packages Related to psad

depends

recommends

suggests

dep: iptables

administration tools for packet filtering and NAT
dep: libc0.1 (>= 2.3) [kfreebsd-amd64, kfreebsd-i386]

GNU C Library: Shared libraries
also a virtual package provided by libc0.1-udeb
dep: libc0.3 (>= 2.9) [hurd-i386]

GNU C Library: Shared libraries
also a virtual package provided by libc0.3-udeb
dep: libc6 (>= 2.3) [amd64, hppa, mips, mipsel]

GNU C Library: Shared libraries
also a virtual package provided by libc6-udeb

dep: libc6 (>= 2.4) [armel, powerpc, s390]

dep: libc6 (>= 2.5) [avr32]

dep: libc6 (>= 2.5-5) [m68k]

dep: libc6 (>= 2.6) [sparc]

dep: libc6 (>= 2.7-1) [i386]
dep: libc6.1 (>= 2.3) [ia64]

GNU C Library: Shared libraries
also a virtual package provided by libc6.1-udeb

dep: libc6.1 (>= 2.4) [alpha]
dep: libcarp-clan-perl

Perl enhancement to Carp error logging facilities
dep: libdate-calc-perl

Perl library for accessing dates
dep: libiptables-chainmgr-perl

Perl extension for manipulating iptables policies
dep: libiptables-parse-perl

Perl extension for parsing iptables firewall rulesets
dep: libnetwork-ipv4addr-perl

Perl extension for manipulating IPv4 addresses
dep: libunix-syslog-perl

Perl interface to the UNIX syslog(3) calls
dep: perl

Larry Wall's Practical Extraction and Report Language
dep: psmisc

utilities that use the proc file system
dep: rsyslog

enhanced multi-threaded syslogd

or system-log-daemon

virtual package provided by dsyslog, inetutils-syslogd, rsyslog, socklog-run, sysklogd, syslog-ng
dep: whois

an intelligent whois client

rec: bastille

Security hardening tool

sug: fwsnort

Snort-to-iptables rule translator

Download psad

Download for all available architectures
Architecture	Package Size	Installed Size	Files
alpha	178.4 kB	760 kB	[list of files]
amd64	179.1 kB	756 kB	[list of files]
armel	178.4 kB	752 kB	[list of files]
avr32 (unofficial port)	175.3 kB	748 kB	[list of files]
hppa	177.7 kB	756 kB	[list of files]
hurd-i386	175.6 kB	752 kB	[list of files]
i386	174.7 kB	752 kB	[list of files]
ia64	180.4 kB	776 kB	[list of files]
kfreebsd-amd64	176.4 kB	688 kB	[list of files]
kfreebsd-i386	175.3 kB	680 kB	[list of files]
m68k (unofficial port)	176.4 kB	676 kB	[list of files]
mips	177.3 kB	760 kB	[list of files]
mipsel	177.3 kB	760 kB	[list of files]
powerpc	177.1 kB	756 kB	[list of files]
s390	176.9 kB	752 kB	[list of files]
sparc	177.7 kB	752 kB	[list of files]