Result for 0D15E5442C124C1D7BC1CDDD9433E9C0C2801D1B

Query result

Key	Value
FileName	./usr/share/doc/psad/SCAN_LOG
FileSize	1827
MD5	BC6E539FCA350458B7473032126DA6EE
SHA-1	0D15E5442C124C1D7BC1CDDD9433E9C0C2801D1B
SHA-256	992014A60F4C226D7804B85F192722769F162C7A80B23A6F1872EACA734ED9C5
SSDEEP	48:2l31P6SM8jprApG3YZMtO8FufV7lAJATWyVejpM8R:+1gWApgbuNE+U
TLSH	T153314F0BBF0171A9E316C6B105B26152D73963A352570828F5DD83F08F93D72B362BA9
hashlookup:parent-total	84
hashlookup:trust	100

Network graph view

Parents (Total: 84)

The searched file hash is included in 84 parent files which include package known and seen by metalookup. A sample is included below:

Key	Value
FileSize	178060
MD5	5C92B46CA0ACBDEDD32BA03506EE1A91
PackageDescription	Port Scan Attack Detector PSAD is a collection of four lightweight system daemons (in Perl and C) designed to work with iptables to detect port scans. It features: * a set of highly configurable danger thresholds (with sensible defaults provided); * verbose alert messages that include the source, destination, scanned port range, beginning and end times, TCP flags, and corresponding Nmap options; * reverse DNS information; * alerts via email; * automatic blocking of offending IP addresses via dynamic firewall configuration. . When combined with fwsnort and the iptables string match extension, PSAD is capable of detecting many attacks described in the Snort rule set that involve application layer data.
PackageMaintainer	Debian QA Group <packages@qa.debian.org>
PackageName	psad
PackageSection	admin
PackageVersion	2.4.6-1
SHA-1	027AD719E050862C177406F7D55920C6C0D4CA6E
SHA-256	07756D5526272DC5987C69FD68BEE895AD6D08A78B245EA7C55F0647A7C2E852

Key	Value
MD5	45A4B8325F05AE181F666CA24505AAAB
PackageArch	s390
PackageDescription	Port Scan Attack Detector (psad) is a collection of three lightweight system daemons written in Perl and in C that are designed to work with Linux iptables firewalling code to detect port scans and other suspect traffic. It features a set of highly configurable danger thresholds (with sensible defaults provided), verbose alert messages that include the source, destination, scanned port range, begin and end times, tcp flags and corresponding nmap options, reverse DNS info, email and syslog alerting, automatic blocking of offending ip addresses via dynamic configuration of iptables rulesets, and passive operating system fingerprinting. In addition, psad incorporates many of the tcp, udp, and icmp signatures included in the snort intrusion detection system (http://www.snort.org) to detect highly suspect scans for various backdoor programs (e.g. EvilFTP, GirlFriend, SubSeven), DDoS tools (mstream, shaft), and advanced port scans (syn, fin, xmas) which are easily leveraged against a machine via nmap. psad can also alert on snort signatures that are logged via fwsnort (http://www.cipherdyne.org/fwsnort/), which makes use of the iptables string match module to detect application layer signatures.
PackageMaintainer	Fedora Project
PackageName	psad
PackageRelease	6.fc23
PackageVersion	2.2.1
SHA-1	02A293B93629DB38403B1AAB5CA13ED619FD8702
SHA-256	7034157F3D1C0231E7013D56E19D7C256BD775E07B43E266B4E2A021A6009F1E

Key	Value
FileSize	177356
MD5	08389DBF6C2D52B763549F433D4ABFCD
PackageDescription	Port Scan Attack Detector PSAD is a collection of four lightweight system daemons (in Perl and C) designed to work with iptables to detect port scans. It features: * a set of highly configurable danger thresholds (with sensible defaults provided); * verbose alert messages that include the source, destination, scanned port range, beginning and end times, TCP flags, and corresponding Nmap options; * reverse DNS information; * alerts via email; * automatic blocking of offending IP addresses via dynamic firewall configuration. . When combined with fwsnort and the iptables string match extension, PSAD is capable of detecting many attacks described in the Snort rule set that involve application layer data.
PackageMaintainer	Thiago Andrade Marques <andrade@debian.org>
PackageName	psad
PackageSection	admin
PackageVersion	2.4.6-2
SHA-1	0C9C3223B7B46C9815773895DA0D52CF8CA37681
SHA-256	F53F592525684FBCDEABD81862B4A316DA100AE98E508518E108647AC0607434

Key	Value
MD5	B961A7BF829A6E6FBD893ABF7143FFBD
PackageArch	ppc64le
PackageDescription	Port Scan Attack Detector (psad) is a collection of three lightweight system daemons written in Perl and in C that are designed to work with Linux iptables firewalling code to detect port scans and other suspect traffic. It features a set of highly configurable danger thresholds (with sensible defaults provided), verbose alert messages that include the source, destination, scanned port range, begin and end times, tcp flags and corresponding nmap options, reverse DNS info, email and syslog alerting, automatic blocking of offending ip addresses via dynamic configuration of iptables rulesets, and passive operating system fingerprinting. In addition, psad incorporates many of the tcp, udp, and icmp signatures included in the snort intrusion detection system (https://www.snort.org) to detect highly suspect scans for various backdoor programs (e.g. EvilFTP, GirlFriend, SubSeven), DDoS tools (mstream, shaft), and advanced port scans (syn, fin, xmas) which are easily leveraged against a machine via nmap. psad can also alert on snort signatures that are logged via fwsnort (https://www.cipherdyne.org/fwsnort/), which makes use of the iptables string match module to detect application layer signatures.
PackageMaintainer	Fedora Project
PackageName	psad
PackageRelease	4.el7
PackageVersion	2.4.3
SHA-1	0DEACDAC8A6824BFF3795AB4814B64CB09403595
SHA-256	BEAAA126F0F5870CBB2B0DAA2D205DB8F82F08A41B24B568F32BE64AE638285D

Key	Value
MD5	54CDD21BBC84A4CABDA331435819E632
PackageArch	ppc64le
PackageDescription	Port Scan Attack Detector (psad) is a collection of three lightweight system daemons written in Perl and in C that are designed to work with Linux iptables firewalling code to detect port scans and other suspect traffic. It features a set of highly configurable danger thresholds (with sensible defaults provided), verbose alert messages that include the source, destination, scanned port range, begin and end times, tcp flags and corresponding nmap options, reverse DNS info, email and syslog alerting, automatic blocking of offending ip addresses via dynamic configuration of iptables rulesets, and passive operating system fingerprinting. In addition, psad incorporates many of the tcp, udp, and icmp signatures included in the snort intrusion detection system (http://www.snort.org) to detect highly suspect scans for various backdoor programs (e.g. EvilFTP, GirlFriend, SubSeven), DDoS tools (mstream, shaft), and advanced port scans (syn, fin, xmas) which are easily leveraged against a machine via nmap. psad can also alert on snort signatures that are logged via fwsnort (http://www.cipherdyne.org/fwsnort/), which makes use of the iptables string match module to detect application layer signatures.
PackageMaintainer	Fedora Project
PackageName	psad
PackageRelease	5.fc21
PackageVersion	2.2.1
SHA-1	15E0E9D19EC24DC5301DBA46D2FA43409350A3F7
SHA-256	8D68AD1072D8421F7CA2222622A2CF83AE6CC998F34D26EE7167D43783D0DF6B

Key	Value
MD5	5F75F201039630C406C4A5D6D355C74A
PackageArch	ppc
PackageDescription	Port Scan Attack Detector (psad) is a collection of three lightweight system daemons written in Perl and in C that are designed to work with Linux iptables firewalling code to detect port scans and other suspect traffic. It features a set of highly configurable danger thresholds (with sensible defaults provided), verbose alert messages that include the source, destination, scanned port range, begin and end times, tcp flags and corresponding nmap options, reverse DNS info, email and syslog alerting, automatic blocking of offending ip addresses via dynamic configuration of iptables rulesets, and passive operating system fingerprinting. In addition, psad incorporates many of the tcp, udp, and icmp signatures included in the snort intrusion detection system (http://www.snort.org) to detect highly suspect scans for various backdoor programs (e.g. EvilFTP, GirlFriend, SubSeven), DDoS tools (mstream, shaft), and advanced port scans (syn, fin, xmas) which are easily leveraged against a machine via nmap. psad can also alert on snort signatures that are logged via fwsnort (http://www.cipherdyne.org/fwsnort/), which makes use of the iptables string match module to detect application layer signatures.
PackageMaintainer	Fedora Project
PackageName	psad
PackageRelease	3.fc20
PackageVersion	2.2.1
SHA-1	167A8DC3C129BF067177F754435ED290AE8D6BA1
SHA-256	41C8A868A07025203F1532FAB9D9F4202CB6E1F72A20069850480820FCE0CE13

Key	Value
FileSize	150276
MD5	6A4B3AFB0110211FEB63743B75147F01
PackageDescription	Port Scan Attack Detector PSAD is a collection of four lightweight system daemons (in Perl and C) designed to work with iptables to detect port scans. It features: * a set of highly configurable danger thresholds (with sensible defaults provided); * verbose alert messages that include the source, destination, scanned port range, beginning and end times, TCP flags, and corresponding Nmap options; * reverse DNS information; * alerts via email; * automatic blocking of offending IP addresses via dynamic firewall configuration. . When combined with fwsnort and the iptables string match extension, PSAD is capable of detecting many attacks described in the Snort rule set that involve application layer data.
PackageMaintainer	Ubuntu Developers <ubuntu-devel-discuss@lists.ubuntu.com>
PackageName	psad
PackageSection	admin
PackageVersion	2.4.3-1.2
SHA-1	1760E1C0467D113ECB633F13FEB7400338DC8A82
SHA-256	32647908524B0610FFDF3181763A1F44E430BDF70E9CA2A6717F99231B398904

Key	Value
MD5	210F4B4EFEA0A524B8BBFABFC615FD58
PackageArch	noarch
PackageDescription	Port Scan Attack Detector (psad) is a lightweight system daemon written in Perl designed to work with Linux iptables firewalling code to detect port scans and other suspect traffic. It features a set of highly configurable danger thresholds (with sensible defaults provided), verbose alert messages that include the source, destination, scanned port range, begin and end times, tcp flags and corresponding nmap options, reverse DNS info, email and syslog alerting, automatic blocking of offending ip addresses via dynamic configuration of iptables rulesets, and passive operating system fingerprinting. In addition, psad incorporates many of the tcp, udp, and icmp signatures included in the snort intrusion detection system (https://www.snort.org) to detect highly suspect scans for various backdoor programs (e.g. EvilFTP, GirlFriend, SubSeven), DDoS tools (mstream, shaft), and advanced port scans (syn, fin, xmas) which are easily leveraged against a machine via nmap. psad can also alert on snort signatures that are logged via fwsnort (https://www.cipherdyne.org/fwsnort/), which makes use of the iptables string match module to detect application layer signatures.
PackageMaintainer	Fedora Project
PackageName	psad
PackageRelease	8.fc34
PackageVersion	2.4.6
SHA-1	17783DF975B2FA4FE7460AE895D7B9543EFC1411
SHA-256	C341E172679D357503FED7356F6FA03AC9DE0689751CC4DE0BCE96DB666E3302

Key	Value
FileSize	177660
MD5	E999AF4D1388F0EAF56825F09830D92B
PackageDescription	Port Scan Attack Detector PSAD is a collection of four lightweight system daemons (in Perl and C) designed to work with iptables to detect port scans. It features: * a set of highly configurable danger thresholds (with sensible defaults provided); * verbose alert messages that include the source, destination, scanned port range, beginning and end times, TCP flags, and corresponding Nmap options; * reverse DNS information; * alerts via email; * automatic blocking of offending IP addresses via dynamic firewall configuration. . When combined with fwsnort and the iptables string match extension, PSAD is capable of detecting many attacks described in the Snort rule set that involve application layer data.
PackageMaintainer	Debian QA Group <packages@qa.debian.org>
PackageName	psad
PackageSection	admin
PackageVersion	2.4.6-1
SHA-1	1D33B3D6F6B92118A2B0CE8CBC43F6A2F5AB989B
SHA-256	7B97AF51C6912945866F5D103A452B090E15047E187B736191FF500986512AEA

Key	Value
MD5	6EFF36B5A6FF7A8E05697307E86432D2
PackageArch	ppc64le
PackageDescription	Port Scan Attack Detector (psad) is a collection of three lightweight system daemons written in Perl and in C that are designed to work with Linux iptables firewalling code to detect port scans and other suspect traffic. It features a set of highly configurable danger thresholds (with sensible defaults provided), verbose alert messages that include the source, destination, scanned port range, begin and end times, tcp flags and corresponding nmap options, reverse DNS info, email and syslog alerting, automatic blocking of offending ip addresses via dynamic configuration of iptables rulesets, and passive operating system fingerprinting. In addition, psad incorporates many of the tcp, udp, and icmp signatures included in the snort intrusion detection system (http://www.snort.org) to detect highly suspect scans for various backdoor programs (e.g. EvilFTP, GirlFriend, SubSeven), DDoS tools (mstream, shaft), and advanced port scans (syn, fin, xmas) which are easily leveraged against a machine via nmap. psad can also alert on snort signatures that are logged via fwsnort (http://www.cipherdyne.org/fwsnort/), which makes use of the iptables string match module to detect application layer signatures.
PackageMaintainer	Fedora Project
PackageName	psad
PackageRelease	5.fc22
PackageVersion	2.2.1
SHA-1	1F74582E73BB1BD1D2BE455C4872AA905D9E11CD
SHA-256	8DB880856A71A0D7A9CF24CD58AA03FB0803D663CC91B9AEF794968ECCBEE7DC