| Key | Value |
|---|---|
| FileName | ./usr/sbin/psadwatchd |
| FileSize | 22044 |
| MD5 | E6FD986C55B2F51BED3BC636D8E4FD80 |
| SHA-1 | 08E9A74B5BD0606DA9D39E597F2A88D8B4AE8EB9 |
| SHA-256 | 01CC4E20F363E9914C49ABBF676D472D6611E595EF8E52F8D01A5776A0536C81 |
| SSDEEP | 384:HCNwWGmJdxYPQo7RCxZbda4Jh0UsAVVfDOX:NWZrxyCHw4Jh0S2 |
| TLSH | T1C7A21A9E65A3BF73C1C6523A730A4224733382FAD24B7B0BFC1C5A343B6596D4D5A941 |
| hashlookup:parent-total | 1 |
| hashlookup:trust | 55 |
The searched file hash is included in 1 parent files which include package known and seen by metalookup. A sample is included below:
| Key | Value |
|---|---|
| FileSize | 177372 |
| MD5 | A472E9B21BF1F056E21045DAE4376C5D |
| PackageDescription | Port Scan Attack Detector PSAD is a collection of four lightweight system daemons (in Perl and C) designed to work with iptables to detect port scans. It features: * a set of highly configurable danger thresholds (with sensible defaults provided); * verbose alert messages that include the source, destination, scanned port range, beginning and end times, TCP flags, and corresponding Nmap options; * reverse DNS information; * alerts via email; * automatic blocking of offending IP addresses via dynamic firewall configuration. . When combined with fwsnort and the iptables string match extension, PSAD is capable of detecting many attacks described in the Snort rule set that involve application layer data. |
| PackageMaintainer | Thiago Andrade Marques <andrade@debian.org> |
| PackageName | psad |
| PackageSection | admin |
| PackageVersion | 2.4.6-2 |
| SHA-1 | EE104EC6D55B44D4385D24219DE0AFA21B6D65E8 |
| SHA-256 | 4A33B29FFAE7EDB9065CADEA14F41574F63A6DAAE299E7E4DD9CB941CBD00615 |