psad_2.2.3-1_amd64.deb


Advertisement

Description

psad - Port Scan Attack Detector

Distribution: Ubuntu 16.04 LTS (Xenial Xerus)
Repository: Ubuntu Universe amd64
Package name: psad
Package version: 2.2.3
Package release: 1
Package architecture: amd64
Package type: deb
Installed size: 732 B
Download size: 144.71 KB
Official Mirror: archive.ubuntu.com
PSAD is a collection of four lightweight system daemons (in Perl and C) designed to work with iptables to detect port scans. It features: * a set of highly configurable danger thresholds (with sensible defaults provided); * verbose alert messages that include the source, destination, scanned port range, beginning and end times, TCP flags, and corresponding Nmap options; * reverse DNS information; * alerts via email; * automatic blocking of offending IP addresses via dynamic firewall configuration. When combined with fwsnort and the iptables string match extension, PSAD is capable of detecting many attacks described in the Snort rule set that involve application layer data.

Alternatives

    Download

    Binary package: psad_2.2.3-1_amd64.deb
    Source package: psad

    Install Howto

    1. Update the package index:
      # sudo apt-get update
    2. Install psad deb package:
      # sudo apt-get install psad

    Files

    • /etc/default/psad
    • /etc/init.d/psad
    • /etc/psad/auto_dl
    • /etc/psad/icmp6_types
    • /etc/psad/icmp_types
    • /etc/psad/ip_options
    • /etc/psad/pf.os
    • /etc/psad/posf
    • /etc/psad/protocols
    • /etc/psad/psad.conf
    • /etc/psad/signatures
    • /etc/psad/snort_rule_dl
    • /usr/bin/nf2csv
    • /usr/sbin/fwcheck_psad
    • /usr/sbin/kmsgsd
    • /usr/sbin/psad
    • /usr/sbin/psadwatchd
    • /usr/share/doc/psad/BENCHMARK
    • /usr/share/doc/psad/CREDITS.gz
    • /usr/share/doc/psad/FW_EXAMPLE_RULES
    • /usr/share/doc/psad/FW_HELP
    • /usr/share/doc/psad/NEWS.Debian.gz
    • /usr/share/doc/psad/README.Debian
    • /usr/share/doc/psad/README.gz
    • /usr/share/doc/psad/SCAN_LOG
    • /usr/share/doc/psad/changelog.Debian.gz
    • /usr/share/doc/psad/copyright
    • /usr/share/man/man1/nf2csv.1.gz
    • /usr/share/man/man8/fwcheck_psad.8.gz
    • /usr/share/man/man8/kmsgsd.8.gz
    • /usr/share/man/man8/psad.8.gz
    • /usr/share/man/man8/psadwatchd.8.gz

    Changelog

    2014-08-25 - Franck Joncourt <franck@debian.org> psad (2.2.3-1) unstable; urgency=low * Imported Upstream version 2.2.3 - Closes: #724267 - permissions of /etc/hosts.deny are modified * Bumped up debian policy to 3.9.5 (no changes) * Updated Vcs URIs to use canonical names.

    2014-01-17 - Franck Joncourt <franck@debian.org> psad (2.2.2-1) unstable; urgency=low * Imported Upstream version 2.2.2

    2013-07-04 - gregor herrmann <gregoa@debian.org> psad (2.2.1-2.1) unstable; urgency=low * Non-maintainer upload with maintainer's permission. * Fix "prompting due to modified conffiles which were not modified by the user": d/psad.preinst: also revert changes to conffile when we install with an old version. (Closes: #675231)

    2013-01-06 - Franck Joncourt <franck@debian.org> psad (2.2.1-2) unstable; urgency=low * Enabled back the kmsgsd daemon. - Refreshed patch fixes_build.diff. - d.rules: Added back the kmsgsd daemon. * d.rules: Added missing protocols files into /etc/psad.

    2013-01-03 - Franck Joncourt <franck@debian.org> psad (2.2.1-1) unstable; urgency=low * Acknowledged NMU (2.2-3.1). * d.rules : do not install the kmsgd daemon anymore since it is not used anymore. * Allowed the makefile to use the hardening flags : - d.rules : added the hardening stanza - fixes_build.diff : updated the Makefile to use the CFLAGS, CPPFLAGS and LDFLAGS. - d.control : Added BD on dpkg-dev (>= 1.16.1~) * Imported Upstream version 2.2.1 - Removed applied patch t_upstream_hyphen.diff. * Bumped up Standards-Version to 3.9.4: - Added dependency ind.control against initscripts (>= 2.88dsf-13.3) to ensure the run directory is available. * d.control: Removed BD against lsb-base.

    2012-11-18 - gregor herrmann <gregoa@debian.org> psad (2.2-3.1) unstable; urgency=low * Non-maintainer upload with maintainer's approval. * Fix "modifies conffiles (policy 10.7.3): /etc/psad/psad.conf", second try: - add back changes to d.psad.preinst that revert changes to /etc/psad/psad.conf - but only for upgrades from versions before 2.2-3 (Closes: #688891)

    2012-10-28 - Franck Joncourt <franck@debian.org> psad (2.2-3) unstable; urgency=low * Fix "modifies conffiles (policy 10.7.3): /etc/psad/psad.conf" (Closes: #688891). Thanks gregoa to help me fix this. - Reverted the changes from 2.2-2 in d.psad.preinst. - Removed the d.psad.postinst script which updated the HOSTNAME variable from psad.conf. The psad daemon can start without the default value in psad.conf (_CHANGEME_). * Removed the /var/run/psad directory in d.psad.postrm when purging the package.

    2012-06-05 - Franck Joncourt <franck@debian.org> psad (2.2-2) unstable; urgency=low * d.psad.preinst: Revert the changes done by the postinst script in the preinst script so that dpkg does not see any configuration changes and does not trigger the user during upgrade. (Closes: #675231).

    2012-05-28 - Franck Joncourt <franck@debian.org> psad (2.2-1) unstable; urgency=low * Imported Upstream version 2.2 + Bug fix for ICMP packet handling (Closes: #596240 ) + Bug fix for 'qw(...) usage as parenthesis' warnings for perl > 5.14 (Closes: #655040) + Updated perl dependency from libnetwork-ipv4addr-perl to libnet-ip-perl in d.control. + Added the icmp6_types file in /etc/psad through d.rules. * Refreshed patch fixes_build.diff. * Bumped up Standards-Version to 3.9.3: + Refreshed copyright holders and updated d.copyright to comply with the 1.0 machine-readable copyright file specification. * d.psad.init: + Added LSB description in d.psad.init. + Added use of log_daemon_msg, log_end_msg... + Made the initscript to end successfully when a start action is performed and the daemon is already running

    2012-04-22 - Robert Millan <rmh@debian.org> psad (2.1.7-1.1) unstable; urgency=low * Non-maintainer upload. * Set Architecture to linux-any. (Closes: #647657)

    Advertisement
    Advertisement