| Key | Value |
|---|---|
| FileName | ./usr/sbin/psadwatchd |
| FileSize | 67592 |
| MD5 | 80725BB874C7CBB019901C8BA39E2B2C |
| SHA-1 | 2D2948766214EED535DF4CB86A146DA55A83BA2B |
| SHA-256 | A75BB81F193DB795091E1AEB77803CF7386A19A6CADBED12291AAE09B71CA5B7 |
| SSDEEP | 1536:XiEFHAhKbkV+PYJiD89W3wxaLUlO/IZbtm1UFvM4KvmT:h1UJM4Kvm |
| TLSH | T10C63D677321CAB15EB57A43B8B8C6520B3523C8F276057177468532F6FEE709CE52A22 |
| hashlookup:parent-total | 1 |
| hashlookup:trust | 55 |
The searched file hash is included in 1 parent files which include package known and seen by metalookup. A sample is included below:
| Key | Value |
|---|---|
| FileSize | 180004 |
| MD5 | 50CA7669548668A1AB6BF3C0BA4D3D56 |
| PackageDescription | Port Scan Attack Detector PSAD is a collection of four lightweight system daemons (in Perl and C) designed to work with iptables to detect port scans. It features: * a set of highly configurable danger thresholds (with sensible defaults provided); * verbose alert messages that include the source, destination, scanned port range, beginning and end times, TCP flags, and corresponding Nmap options; * reverse DNS information; * alerts via email; * automatic blocking of offending IP addresses via dynamic firewall configuration. . When combined with fwsnort and the iptables string match extension, PSAD is capable of detecting many attacks described in the Snort rule set that involve application layer data. |
| PackageMaintainer | Debian QA Group <packages@qa.debian.org> |
| PackageName | psad |
| PackageSection | admin |
| PackageVersion | 2.4.6-1 |
| SHA-1 | 51DC5C39CBD129B8F4021B185E7F6820C2E5E351 |
| SHA-256 | 8CC3D8190427387592A010DCE12BCFE6BDC2E361B8B4204302761ED8290A0AA0 |