| Key | Value |
|---|---|
| FileName | ./usr/sbin/psadwatchd |
| FileSize | 22520 |
| MD5 | 5E1CDD3AD37BAECDBB23D389ED7CD6E7 |
| SHA-1 | 32CB6ABF3B69BAC112D71DBBD0C07F44965705C3 |
| SHA-256 | E44A0248DA958E0ED5571F65F19114C314D6A50B89206ACC37A58ADE9723231D |
| SSDEEP | 384:X34Y8oHCU8UqF1VUkRd8jGkl+HnF/do3tOSn:YYAdrFTUkRd8j/wnf |
| TLSH | T130A2A49670B2583DC191C2388B8FD635293178AE8131776F7F4C65343F869691B2EA26 |
| hashlookup:parent-total | 1 |
| hashlookup:trust | 55 |
The searched file hash is included in 1 parent files which include package known and seen by metalookup. A sample is included below:
| Key | Value |
|---|---|
| FileSize | 177222 |
| MD5 | 4D9EDBDB3E21078A2709CDFB06E969F9 |
| PackageDescription | Port Scan Attack Detector PSAD is a collection of four lightweight system daemons (in Perl and C) designed to work with iptables to detect port scans. It features: * a set of highly configurable danger thresholds (with sensible defaults provided); * verbose alert messages that include the source, destination, scanned port range, beginning and end times, TCP flags, and corresponding Nmap options; * reverse DNS information; * alerts via email; * automatic blocking of offending IP addresses via dynamic firewall configuration. . When combined with fwsnort and the iptables string match extension, PSAD is capable of detecting many attacks described in the Snort rule set that involve application layer data. |
| PackageMaintainer | Franck Joncourt <franck.joncourt@gmail.com> |
| PackageName | psad |
| PackageSection | admin |
| PackageVersion | 2.4.3-1.2~deb9u1 |
| SHA-1 | 5CFE281F393DA9925C4B0CCDBD9E579040AD2CBE |
| SHA-256 | 711F207051600F19DFE1C8927483937E4943FE87AF5376837248971FA8AE6520 |