PSAD

All -> Internet & Networking -> Firewalls

All -> Internet & Networking -> Security

Not Rated

Description

PSAD is a collection of four lightweight system daemons (in Perl and C) designed to work with iptables to detect port scans. It features:
* a set of highly configurable danger thresholds (with sensible
defaults provided);
* verbose alert messages that include the source, destination,
scanned port range, beginning and end times, TCP flags, and
corresponding Nmap options;
* reverse DNS information;
* alerts via email;
* automatic blocking of offending IP addresses via dynamic firewall
configuration.

When combined with fwsnort and the iptables string match extension, PSAD is capable of detecting many attacks described in the Snort rule set that involve application layer data.

Home Page: http://www.cipherdyne.org/

Interface: Command Line

Associated Programs

Bastille	Security hardening tool
fwsnort	Snort-to-iptables rule translator
Perl	Larry Wall's Practical Extraction and Report Language
PSmisc	utilities that use the proc file system

Available deb Repositories (how-to add a respository)

Debian	32-bit	64-bit
stable	2.1.7-1	2.1.7-1
testing	2.2-3.1	2.2-3.1
sid	2.2.1-2	2.2.1-2

Ubuntu	32-bit	64-bit
hardy	2.1-1	2.1-1
lucid	2.1.5-2	2.1.5-2
oneiric	2.1.7-1	2.1.7-1
precise	2.1.7-1	2.1.7-1
quantal	2.2-2	2.2-2

Install Now (what is this?)

Rating: Not Rated (0 votes)

Upload Screenshots

Images must be in GIF, JPG, or PNG formats and can be no larger than 2 MB. Only one file can be uploaded at a time. A description can be included, but it is optional.

Submit Web Links

Submit the title and link (including http://) to an article pertaining to PSAD and it will appear in the Web Links section of the right banner. Contact us here if an entry needs to be removed.

Linux App Finder

User login

Categories

Recent blog posts

Who's online

Online users

Subscribe

PSAD

Write a Review

Advertisement

Web Links

Recent comments

Active forum topics