| Key | Value |
|---|---|
| FileName | ./usr/sbin/psadwatchd |
| FileSize | 67744 |
| MD5 | CD32AAAC3856CAA0E4BF36FA57CDFDB6 |
| SHA-1 | 3D773015B2B2D8685623D42011834A87A947ABC9 |
| SHA-256 | F35AD31F26A516EEB339A12F7B5EF3579FF9BED7BF85E73ED05E1EA05D0AD440 |
| SSDEEP | 1536:PiEFHAhKbkV+PYJiD89W3wxaLUlO/IZbtm2pS1pR7DbgCw:J2pS1pR7DbgC |
| TLSH | T1F763E937324C9B19DB17A43E8A5C5924F3726C8B1360860B7669633F3FAB71DCE12615 |
| hashlookup:parent-total | 1 |
| hashlookup:trust | 55 |
The searched file hash is included in 1 parent files which include package known and seen by metalookup. A sample is included below:
| Key | Value |
|---|---|
| FileSize | 181280 |
| MD5 | C2A73A5FDA7FE1575E4F3ED870BE6861 |
| PackageDescription | Port Scan Attack Detector PSAD is a collection of four lightweight system daemons (in Perl and C) designed to work with iptables to detect port scans. It features: * a set of highly configurable danger thresholds (with sensible defaults provided); * verbose alert messages that include the source, destination, scanned port range, beginning and end times, TCP flags, and corresponding Nmap options; * reverse DNS information; * alerts via email; * automatic blocking of offending IP addresses via dynamic firewall configuration. . When combined with fwsnort and the iptables string match extension, PSAD is capable of detecting many attacks described in the Snort rule set that involve application layer data. |
| PackageMaintainer | Thiago Andrade Marques <andrade@debian.org> |
| PackageName | psad |
| PackageSection | admin |
| PackageVersion | 2.4.6-2 |
| SHA-1 | ED3B06112ED0B0E87869275EA8146CB477820B9A |
| SHA-256 | 5C28D2732B28CE241DE97F818DF05D38198D7029EA36FD74C57B2EEC6579ECEE |