| Key | Value |
|---|---|
| FileName | ./usr/sbin/kmsgsd |
| FileSize | 17820 |
| MD5 | FC17026A5B612B74BD4710E47596C01D |
| SHA-1 | 38EFD8B6033FEDBA44219A6514E25FD081312B35 |
| SHA-256 | 0D3FE0C278619C24BDBC8E91E17CD902CAE7261BB97310BB1A89838423A2575A |
| SSDEEP | 384:FNY8qAisFkFwHwd1hwX6CQAUzk4lvOH+c:/SnmkFmm1hwKCQAh4A5 |
| TLSH | T1B682D887A5A27AA3C1C60376730F8335333345E5D28B7707F86C56203BA266D5FA6586 |
| hashlookup:parent-total | 1 |
| hashlookup:trust | 55 |
The searched file hash is included in 1 parent files which include package known and seen by metalookup. A sample is included below:
| Key | Value |
|---|---|
| FileSize | 176088 |
| MD5 | BC850BBA156EA5BC7B60F954E6A8ED83 |
| PackageDescription | Port Scan Attack Detector PSAD is a collection of four lightweight system daemons (in Perl and C) designed to work with iptables to detect port scans. It features: * a set of highly configurable danger thresholds (with sensible defaults provided); * verbose alert messages that include the source, destination, scanned port range, beginning and end times, TCP flags, and corresponding Nmap options; * reverse DNS information; * alerts via email; * automatic blocking of offending IP addresses via dynamic firewall configuration. . When combined with fwsnort and the iptables string match extension, PSAD is capable of detecting many attacks described in the Snort rule set that involve application layer data. |
| PackageMaintainer | Debian QA Group <packages@qa.debian.org> |
| PackageName | psad |
| PackageSection | admin |
| PackageVersion | 2.4.6-1 |
| SHA-1 | B61D0F18C974A5FC7EDD284661E638F6EC94B82B |
| SHA-256 | 4DBD2FDAE0E8CF5D5B58D4220772929CAE63E5A6FDD1B65B19532EB8E151F5D1 |