| Key | Value |
|---|---|
| FileName | ./usr/sbin/psadwatchd |
| FileSize | 17960 |
| MD5 | 846D53CC8E856871B7A09AEECB5EE61F |
| SHA-1 | 3972BF1F2D4203789F0D0B2CF4929F7AD73B3D61 |
| SHA-256 | 2F3B5874F9C8116713B8E7A5D98A8D284BD1AA8B34A8BEB5DC917F5E0F21A97B |
| SSDEEP | 384:kkV6aZGJBWXTXbMpJMR85VklVfDOnR/4T:HqBWXAPC8zN6 |
| TLSH | T15B823B86A1433C72C5DB83394E8ECA165372C0D6BA473F0F38DC09743BAA5186F16A53 |
| hashlookup:parent-total | 1 |
| hashlookup:trust | 55 |
The searched file hash is included in 1 parent files which include package known and seen by metalookup. A sample is included below:
| Key | Value |
|---|---|
| FileSize | 177372 |
| MD5 | E0A9584B09E4C366F26ADBF24E1B03BE |
| PackageDescription | Port Scan Attack Detector PSAD is a collection of four lightweight system daemons (in Perl and C) designed to work with iptables to detect port scans. It features: * a set of highly configurable danger thresholds (with sensible defaults provided); * verbose alert messages that include the source, destination, scanned port range, beginning and end times, TCP flags, and corresponding Nmap options; * reverse DNS information; * alerts via email; * automatic blocking of offending IP addresses via dynamic firewall configuration. . When combined with fwsnort and the iptables string match extension, PSAD is capable of detecting many attacks described in the Snort rule set that involve application layer data. |
| PackageMaintainer | Thiago Andrade Marques <andrade@debian.org> |
| PackageName | psad |
| PackageSection | admin |
| PackageVersion | 2.4.6-2 |
| SHA-1 | 298F8E6FA531B203E7EC029B08FC8FC8833CDF16 |
| SHA-256 | E5DD1488C3B1CCD3ACC42D1269C46A6C853FD4DDB39D33B460904F73F2056B8A |