| Key | Value |
|---|---|
| FileName | ./usr/sbin/psadwatchd |
| FileSize | 22608 |
| MD5 | EB4105407752FA09BD690579D2014461 |
| SHA-1 | 1FEBB8B27781D6703D864952BE6151C39426B92B |
| SHA-256 | 9CE5854581388AA61FC28B8AEA7225520F9DAA330321AD0158DCC2DFCEEACD2F |
| SSDEEP | 192:Vakw5u7ZNUQ16ao6tdEaOxKs4W9NdoqFgS62sNu6Vk+dYcfz/mZjKNlAVMq7ho:MEgQ16aoeet/gJj1fzOdK3m |
| TLSH | T141A2F8EDB68E7C26D297E33E924D5331733644BDD323E36A7C0E562C1B92B8DA960051 |
| hashlookup:parent-total | 1 |
| hashlookup:trust | 55 |
The searched file hash is included in 1 parent files which include package known and seen by metalookup. A sample is included below:
| Key | Value |
|---|---|
| FileSize | 178100 |
| MD5 | BE75105D0424C828FCF63249F47EEE0D |
| PackageDescription | Port Scan Attack Detector PSAD is a collection of four lightweight system daemons (in Perl and C) designed to work with iptables to detect port scans. It features: * a set of highly configurable danger thresholds (with sensible defaults provided); * verbose alert messages that include the source, destination, scanned port range, beginning and end times, TCP flags, and corresponding Nmap options; * reverse DNS information; * alerts via email; * automatic blocking of offending IP addresses via dynamic firewall configuration. . When combined with fwsnort and the iptables string match extension, PSAD is capable of detecting many attacks described in the Snort rule set that involve application layer data. |
| PackageMaintainer | Thiago Andrade Marques <andrade@debian.org> |
| PackageName | psad |
| PackageSection | admin |
| PackageVersion | 2.4.6-2 |
| SHA-1 | D884826ADC8DE4CCE9C7443B55FFF60912AB8C4E |
| SHA-256 | E4D1D40810E3AEFC95AFFDBE6358122DE785F91EC866CC1E24D6664F12A2E127 |