| Key | Value |
|---|---|
| FileName | ./usr/sbin/psadwatchd |
| FileSize | 28552 |
| MD5 | 28C9E18B81ADE32E875CE65111140D31 |
| SHA-1 | 350D3E1AF368069A1D1577FCB04EC5BF9CF22314 |
| SHA-256 | 6E9EFCED036C1A7B7BAE6F01A37845DE81C9ADF9D2A3BA2C8198F227E3FCB29F |
| SSDEEP | 384:ZLTsq2vTZfxbVDB3GSLkfFdMeCjgJmBTg5LxzBsaOMsdmC1fat8gAPR:9Tsq2yFdMeCjgJmRg5LLsaOwX8gi |
| TLSH | T146D2C5C7AF502D26C8E6CF33454A9239277A60E6E2515317FECC06B80F5BACCAF61449 |
| hashlookup:parent-total | 1 |
| hashlookup:trust | 55 |
The searched file hash is included in 1 parent files which include package known and seen by metalookup. A sample is included below:
| Key | Value |
|---|---|
| FileSize | 179424 |
| MD5 | E3B8800C562FE91812C717CE9689B914 |
| PackageDescription | Port Scan Attack Detector PSAD is a collection of four lightweight system daemons (in Perl and C) designed to work with iptables to detect port scans. It features: * a set of highly configurable danger thresholds (with sensible defaults provided); * verbose alert messages that include the source, destination, scanned port range, beginning and end times, TCP flags, and corresponding Nmap options; * reverse DNS information; * alerts via email; * automatic blocking of offending IP addresses via dynamic firewall configuration. . When combined with fwsnort and the iptables string match extension, PSAD is capable of detecting many attacks described in the Snort rule set that involve application layer data. |
| PackageMaintainer | Thiago Andrade Marques <andrade@debian.org> |
| PackageName | psad |
| PackageSection | admin |
| PackageVersion | 2.4.6-2 |
| SHA-1 | E2B6F7B8E25C1440548F5DE1EE7C14D1632701A6 |
| SHA-256 | 99F2EAC0A15E3E3D837D32390F12185786793D60CC4CAC8F29E3AB812DC7D59A |