| Key | Value |
|---|---|
| FileName | ./usr/sbin/psadwatchd |
| FileSize | 22488 |
| MD5 | 561043A89F1F2A0B116DFFBF32520C3E |
| SHA-1 | 38DB115D99C979E019A8E0A9E013B274AE3431C2 |
| SHA-256 | 5B3E57B8F1F8CA793AE19D2E1201E1193F045849671AA199B82EB02760D35D49 |
| SSDEEP | 384:l1XQ5MxAlBhd4CQ16z3DHM+ZIJWzsxEsn9GkxRbPf3YT1m/tOn8c:TXQ5MxAlBhd4t2TsFSQ9tRbPf3y1n8 |
| TLSH | T1F3A2A79A7172583DC480C339C70BE6351D72B89DA2217B6F7F4C56382F52A542F2EA36 |
| hashlookup:parent-total | 1 |
| hashlookup:trust | 55 |
The searched file hash is included in 1 parent files which include package known and seen by metalookup. A sample is included below:
| Key | Value |
|---|---|
| FileSize | 180498 |
| MD5 | 5E82916F880523A6C1363A34FBC1ADAC |
| PackageDescription | Port Scan Attack Detector PSAD is a collection of four lightweight system daemons (in Perl and C) designed to work with iptables to detect port scans. It features: * a set of highly configurable danger thresholds (with sensible defaults provided); * verbose alert messages that include the source, destination, scanned port range, beginning and end times, TCP flags, and corresponding Nmap options; * reverse DNS information; * alerts via email; * automatic blocking of offending IP addresses via dynamic firewall configuration. . When combined with fwsnort and the iptables string match extension, PSAD is capable of detecting many attacks described in the Snort rule set that involve application layer data. |
| PackageMaintainer | Ubuntu Developers <ubuntu-devel-discuss@lists.ubuntu.com> |
| PackageName | psad |
| PackageSection | admin |
| PackageVersion | 2.2.1-2.1 |
| SHA-1 | 278BCED840253A522A2BDB8689CAC1F72ED85517 |
| SHA-256 | 7CF28862BFFC2631EEB27995B7E3CD644081EE222A18AA7F2F642255B3D18F6C |