| Key | Value |
|---|---|
| FileName | ./usr/sbin/psadwatchd |
| FileSize | 22608 |
| MD5 | 89D82BED806408970A465ACAD5EFDE54 |
| SHA-1 | 00A673751B15EBC3B0C777B3357E36B3AA0F4120 |
| SHA-256 | 3917BE41DA07E6E1CFD3343AFA1812A7F2295BC62596D606421A6C1AAAC7D410 |
| SSDEEP | 384:jS4bSO1eAW6InXZn90qdekFC5mpuelNSfBsPclor1hkgCRxa:27Bz6IJ99YvmpdqfBeOJR |
| TLSH | T14AA2D8861A72D4A9E8F95332865E92BB537B347A7F42511C3FCDE70C6B92B000B66731 |
| hashlookup:parent-total | 1 |
| hashlookup:trust | 55 |
The searched file hash is included in 1 parent files which include package known and seen by metalookup. A sample is included below:
| Key | Value |
|---|---|
| FileSize | 177356 |
| MD5 | 08389DBF6C2D52B763549F433D4ABFCD |
| PackageDescription | Port Scan Attack Detector PSAD is a collection of four lightweight system daemons (in Perl and C) designed to work with iptables to detect port scans. It features: * a set of highly configurable danger thresholds (with sensible defaults provided); * verbose alert messages that include the source, destination, scanned port range, beginning and end times, TCP flags, and corresponding Nmap options; * reverse DNS information; * alerts via email; * automatic blocking of offending IP addresses via dynamic firewall configuration. . When combined with fwsnort and the iptables string match extension, PSAD is capable of detecting many attacks described in the Snort rule set that involve application layer data. |
| PackageMaintainer | Thiago Andrade Marques <andrade@debian.org> |
| PackageName | psad |
| PackageSection | admin |
| PackageVersion | 2.4.6-2 |
| SHA-1 | 0C9C3223B7B46C9815773895DA0D52CF8CA37681 |
| SHA-256 | F53F592525684FBCDEABD81862B4A316DA100AE98E508518E108647AC0607434 |