| Key | Value |
|---|---|
| FileName | ./usr/sbin/psadwatchd |
| FileSize | 22520 |
| MD5 | 99AC8F53B8CB6BC84A5E9AB68CCCADB3 |
| SHA-1 | 0F8B8D3A04F9442EB91822478B451B1C65FFA4B1 |
| SHA-256 | 5874F4AD765061BD11018CB8E9C97D1D3F0F2093BCF8355DE811BE05AD3CE801 |
| SSDEEP | 384:YNvcxsmFsTZ5MYKil1rGCqWo9gStpkJ63xs4GNdo3tOn:evcxsmFsTZ5MYKiyCPolHkQ3+4GTfn |
| TLSH | T1C5A2A78A7172587DC190C3348B8FD2352932B49E9631776F7F4865343F42A942B2FA76 |
| hashlookup:parent-total | 1 |
| hashlookup:trust | 55 |
The searched file hash is included in 1 parent files which include package known and seen by metalookup. A sample is included below:
| Key | Value |
|---|---|
| FileSize | 150276 |
| MD5 | 6A4B3AFB0110211FEB63743B75147F01 |
| PackageDescription | Port Scan Attack Detector PSAD is a collection of four lightweight system daemons (in Perl and C) designed to work with iptables to detect port scans. It features: * a set of highly configurable danger thresholds (with sensible defaults provided); * verbose alert messages that include the source, destination, scanned port range, beginning and end times, TCP flags, and corresponding Nmap options; * reverse DNS information; * alerts via email; * automatic blocking of offending IP addresses via dynamic firewall configuration. . When combined with fwsnort and the iptables string match extension, PSAD is capable of detecting many attacks described in the Snort rule set that involve application layer data. |
| PackageMaintainer | Ubuntu Developers <ubuntu-devel-discuss@lists.ubuntu.com> |
| PackageName | psad |
| PackageSection | admin |
| PackageVersion | 2.4.3-1.2 |
| SHA-1 | 1760E1C0467D113ECB633F13FEB7400338DC8A82 |
| SHA-256 | 32647908524B0610FFDF3181763A1F44E430BDF70E9CA2A6717F99231B398904 |