| Key | Value |
|---|---|
| FileName | ./usr/sbin/kmsgsd |
| FileSize | 21988 |
| MD5 | 4FA9EFB66C7F4FD21CB58EFF88CE12D8 |
| SHA-1 | 3863C98A21BB71179F690E4A69F95328061B0EF6 |
| SHA-256 | 037EF1A329ACFCB6F250AC59AA649B90349C87A0D21C7E3295297F8ED5EDC817 |
| SSDEEP | 384:w6jR4yaggTjYx13N1ejS17P9mrRDCvOFRaTYQzbbbbor8m:D4FfTkn3NE0L9mrZ3FgU8 |
| TLSH | T18BA2E75ABE5ACDF6E1C306B6060B436E15315496A753E3AAFF0D271837312047E2A23F |
| hashlookup:parent-total | 1 |
| hashlookup:trust | 55 |
The searched file hash is included in 1 parent files which include package known and seen by metalookup. A sample is included below:
| Key | Value |
|---|---|
| FileSize | 179464 |
| MD5 | D54CC53F6A8C017184B65349A222E3D5 |
| PackageDescription | Port Scan Attack Detector PSAD is a collection of four lightweight system daemons (in Perl and C) designed to work with iptables to detect port scans. It features: * a set of highly configurable danger thresholds (with sensible defaults provided); * verbose alert messages that include the source, destination, scanned port range, beginning and end times, TCP flags, and corresponding Nmap options; * reverse DNS information; * alerts via email; * automatic blocking of offending IP addresses via dynamic firewall configuration. . When combined with fwsnort and the iptables string match extension, PSAD is capable of detecting many attacks described in the Snort rule set that involve application layer data. |
| PackageMaintainer | Thiago Andrade Marques <andrade@debian.org> |
| PackageName | psad |
| PackageSection | admin |
| PackageVersion | 2.4.6-2 |
| SHA-1 | FCB5C861F9213A500F184CF0E3EBD91A670E43E2 |
| SHA-256 | 5D907BB066DB0CF2A843CCBA5491AF74ABAAFC0EA28BA99621BA5B03D5B60E93 |