Index | index by Group | index by Distribution | index by Vendor | index by creation date | index by Name | Mirrors | Help | Search |
Name: psad | Distribution: Fedora Project |
Version: 2.4.6 | Vendor: Fedora Project |
Release: 18.fc41 | Build date: Sat Jul 20 03:48:47 2024 |
Group: Unspecified | Build host: buildvm-ppc64le-24.iad2.fedoraproject.org |
Size: 15442969 | Source RPM: psad-2.4.6-18.fc41.src.rpm |
Packager: Fedora Project | |
Url: https://www.cipherdyne.org/psad/ | |
Summary: Port Scan Attack Detector (psad) watches for suspect traffic |
Port Scan Attack Detector (psad) is a lightweight system daemon written in Perl designed to work with Linux iptables firewalling code to detect port scans and other suspect traffic. It features a set of highly configurable danger thresholds (with sensible defaults provided), verbose alert messages that include the source, destination, scanned port range, begin and end times, tcp flags and corresponding nmap options, reverse DNS info, email and syslog alerting, automatic blocking of offending ip addresses via dynamic configuration of iptables rulesets, and passive operating system fingerprinting. In addition, psad incorporates many of the tcp, udp, and icmp signatures included in the snort intrusion detection system (https://www.snort.org) to detect highly suspect scans for various backdoor programs (e.g. EvilFTP, GirlFriend, SubSeven), DDoS tools (mstream, shaft), and advanced port scans (syn, fin, xmas) which are easily leveraged against a machine via nmap. psad can also alert on snort signatures that are logged via fwsnort (https://www.cipherdyne.org/fwsnort/), which makes use of the iptables string match module to detect application layer signatures.
GPLv2+
* Fri Jul 19 2024 Fedora Release Engineering <[email protected]> - 2.4.6-18 - Rebuilt for https://fedoraproject.org/wiki/Fedora_41_Mass_Rebuild * Fri Jan 26 2024 Fedora Release Engineering <[email protected]> - 2.4.6-17 - Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild * Sun Jan 21 2024 Fedora Release Engineering <[email protected]> - 2.4.6-16 - Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild * Fri Jul 21 2023 Fedora Release Engineering <[email protected]> - 2.4.6-15 - Rebuilt for https://fedoraproject.org/wiki/Fedora_39_Mass_Rebuild * Fri Jan 20 2023 Fedora Release Engineering <[email protected]> - 2.4.6-14 - Rebuilt for https://fedoraproject.org/wiki/Fedora_38_Mass_Rebuild * Fri Jul 22 2022 Fedora Release Engineering <[email protected]> - 2.4.6-13 - Rebuilt for https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild - complete move to /run (fixes rhbz#2113605) (Dominik Mierzejewski)
/etc/logrotate.d /etc/logrotate.d/psad /etc/psad /etc/psad/auto_dl /etc/psad/icmp6_types /etc/psad/icmp_types /etc/psad/ip_options /etc/psad/pf.os /etc/psad/posf /etc/psad/protocols /etc/psad/psad.conf /etc/psad/signatures /etc/psad/snort_rule_dl /etc/psad/snort_rules /etc/psad/snort_rules/VERSION /etc/psad/snort_rules/attack-responses.rules /etc/psad/snort_rules/backdoor.rules /etc/psad/snort_rules/bad-traffic.rules /etc/psad/snort_rules/chat.rules /etc/psad/snort_rules/classification.config /etc/psad/snort_rules/ddos.rules /etc/psad/snort_rules/deleted.rules /etc/psad/snort_rules/dns.rules /etc/psad/snort_rules/dos.rules /etc/psad/snort_rules/emerging-all.rules /etc/psad/snort_rules/experimental.rules /etc/psad/snort_rules/exploit.rules /etc/psad/snort_rules/finger.rules /etc/psad/snort_rules/ftp.rules /etc/psad/snort_rules/icmp-info.rules /etc/psad/snort_rules/icmp.rules /etc/psad/snort_rules/imap.rules /etc/psad/snort_rules/info.rules /etc/psad/snort_rules/local.rules /etc/psad/snort_rules/misc.rules /etc/psad/snort_rules/multimedia.rules /etc/psad/snort_rules/mysql.rules /etc/psad/snort_rules/netbios.rules /etc/psad/snort_rules/nntp.rules /etc/psad/snort_rules/oracle.rules /etc/psad/snort_rules/other-ids.rules /etc/psad/snort_rules/p2p.rules /etc/psad/snort_rules/policy.rules /etc/psad/snort_rules/pop2.rules /etc/psad/snort_rules/pop3.rules /etc/psad/snort_rules/porn.rules /etc/psad/snort_rules/reference.config /etc/psad/snort_rules/rpc.rules /etc/psad/snort_rules/rservices.rules /etc/psad/snort_rules/scan.rules /etc/psad/snort_rules/shellcode.rules /etc/psad/snort_rules/smtp.rules /etc/psad/snort_rules/snmp.rules /etc/psad/snort_rules/sql.rules /etc/psad/snort_rules/telnet.rules /etc/psad/snort_rules/tftp.rules /etc/psad/snort_rules/virus.rules /etc/psad/snort_rules/web-attacks.rules /etc/psad/snort_rules/web-cgi.rules /etc/psad/snort_rules/web-client.rules /etc/psad/snort_rules/web-coldfusion.rules /etc/psad/snort_rules/web-frontpage.rules /etc/psad/snort_rules/web-iis.rules /etc/psad/snort_rules/web-misc.rules /etc/psad/snort_rules/web-php.rules /etc/psad/snort_rules/x11.rules /run/psad /run/psad/psad.cmd /usr/bin/nf2csv /usr/lib/systemd/system/psad.service /usr/lib/tmpfiles.d/psad.conf /usr/sbin/fwcheck_psad /usr/sbin/psad /usr/share/doc/psad /usr/share/doc/psad/BENCHMARK /usr/share/doc/psad/CREDITS /usr/share/doc/psad/ChangeLog /usr/share/doc/psad/FW_EXAMPLE_RULES /usr/share/doc/psad/README.SYSLOG /usr/share/doc/psad/README.md /usr/share/doc/psad/SCAN_LOG /usr/share/licenses/psad /usr/share/licenses/psad/LICENSE /usr/share/man/man1/nf2csv.1.gz /usr/share/man/man8/fwcheck_psad.8.gz /usr/share/man/man8/psad.8.gz /var/lib/psad /var/lib/psad/psadfifo /var/log/psad
Generated by rpm2html 1.8.1
Fabrice Bellet, Sun Oct 27 02:54:38 2024