[ hardy ] [ hardy-updates ] [ lucid ] [ natty ] [ oneiric ] [ precise ] [ quantal ]

[ Quellcode: psad ]

Paket: psad (2.1.5-2) [universe]

Links für psad

Ubuntu-Ressourcen:

Quellcode-Paket psad herunterladen:

Betreuer:

Ubuntu MOTU Developers (E-Mail-Archiv)

Please consider filing a bug or asking a question via Launchpad before contacting the maintainer directly.

Original Maintainers (usually from Debian):

Daniel Gubser
Franck Joncourt

It should generally not be necessary for users to contact the original maintainer.

Externe Ressourcen:

Homepage [www.cipherdyne.org]

The Port Scan Attack Detector

PSAD is a collection of four lightweight system daemons written in Perl and in C that is designed to work with Linux firewalling code (iptables in the 2.4.x kernels, and ipchains in the 2.2.x kernels) to detect port scans. It features a set of highly configurable danger thresholds (with sensible defaults provided), verbose alert messages that include the source, destination, scanned port range, begin and end times, tcp flags and corresponding nmap options (Linux 2.4.x kernels only), reverse DNS info, email alerting, and automatic blocking of offending ip addresses via dynamic configuration of ipchains/iptables firewall rulesets.

In addition, for the 2.4.x kernels psad incorporates many of the tcp signatures included in Snort to detect highly suspect scans for:

 * various backdoor programs (e.g. EvilFTP, GirlFriend, SubSeven)
 * DDoS tools (mstream, shaft)
 * advanced port scans (syn, fin, xmas) such as those made with nmap

Andere Pakete mit Bezug zu psad

hängt ab von

empfiehlt

schlägt vor

dep: bsd-mailx

simple mail user agent

oder mailx

virtuelles Paket, bereitgestellt durch bsd-mailx, heirloom-mailx, mailutils

oder mailutils

GNU mailutils utilities for handling mail
dep: exim4

metapackage to ease Exim MTA (v4) installation

oder mail-transport-agent

virtuelles Paket, bereitgestellt durch citadel-mta, courier-mta, dma, esmtp-run, exim4-daemon-heavy, exim4-daemon-light, lsb-invalid-mta, masqmail, msmtp-mta, nullmailer, postfix, sendmail-bin, ssmtp, xmail
dep: iptables

administration tools for packet filtering and NAT
dep: libc6 (>= 2.4)

Embedded GNU C Library: Shared libraries
auch ein virtuelles Paket, bereitgestellt durch libc6-udeb
dep: libcarp-clan-perl

Perl enhancement to Carp error logging facilities
dep: libdate-calc-perl

Perl library for accessing dates
dep: libiptables-chainmgr-perl

Perl extension for manipulating iptables policies
dep: libiptables-parse-perl

Perl extension for parsing iptables firewall rulesets
dep: libnetwork-ipv4addr-perl

Perl extension for manipulating IPv4 addresses
dep: libunix-syslog-perl

Perl interface to the UNIX syslog(3) calls
dep: perl

Larry Wall's Practical Extraction and Report Language
dep: psmisc

utilities that use the proc file system
dep: rsyslog

enhanced multi-threaded syslogd

oder system-log-daemon

virtuelles Paket, bereitgestellt durch dsyslog, inetutils-syslogd, rsyslog, socklog-run, sysklogd, syslog-ng
dep: whois

an intelligent whois client

rec: bastille

Security hardening tool

sug: fwsnort

Snort-to-iptables rule translator

psad herunterladen

Download für alle verfügbaren Architekturen
Architektur	Paketgröße	Größe (installiert)	Dateien
amd64	178,0 kB	760,0 kB	[Liste der Dateien]
i386	176,2 kB	756,0 kB	[Liste der Dateien]

Sections