| Key | Value |
|---|---|
| FileName | ./usr/sbin/psadwatchd |
| FileSize | 22456 |
| MD5 | 35D788CF7923B4E8D29F03F71C24F5DB |
| SHA-1 | 06ED6B019BA2B34AFCFC96FDACE061289A951B21 |
| SHA-256 | 269A6EBCDB63C1D8D21E03847B22B6F9127CBDBBE0B45FC26C9F2E7C1D400472 |
| SSDEEP | 384:GiINBUvra2ZncyEWcokDG5vaipmMHB/1pPYl0r1lsUVR:D8BMra2Zz35vEMHBd7qKR |
| TLSH | T13BA2C6861A71D8A9E8FD5232865E52BB537B387A7F42151C3FCD970D6B92B000B62731 |
| hashlookup:parent-total | 1 |
| hashlookup:trust | 55 |
The searched file hash is included in 1 parent files which include package known and seen by metalookup. A sample is included below:
| Key | Value |
|---|---|
| FileSize | 176092 |
| MD5 | C3579E28A626F19E2267FB89F6FC41AD |
| PackageDescription | Port Scan Attack Detector PSAD is a collection of four lightweight system daemons (in Perl and C) designed to work with iptables to detect port scans. It features: * a set of highly configurable danger thresholds (with sensible defaults provided); * verbose alert messages that include the source, destination, scanned port range, beginning and end times, TCP flags, and corresponding Nmap options; * reverse DNS information; * alerts via email; * automatic blocking of offending IP addresses via dynamic firewall configuration. . When combined with fwsnort and the iptables string match extension, PSAD is capable of detecting many attacks described in the Snort rule set that involve application layer data. |
| PackageMaintainer | Debian QA Group <packages@qa.debian.org> |
| PackageName | psad |
| PackageSection | admin |
| PackageVersion | 2.4.6-1 |
| SHA-1 | C75B49F0FF8C66B461BBD57C753D3B36F0F1257D |
| SHA-256 | 569FA0608946BE353AC88DDF964D03C06387E437E4A5322287656C44C5884611 |