Result for 3FF82CE6936C47E6E12A4ED4B8C5C20EAB7EFA04

Query result

Key Value
FileName./usr/share/man/man8/fwcheck_psad.8.gz
FileSize742
MD598A7083B154F40F52888F59D019F7D3E
SHA-13FF82CE6936C47E6E12A4ED4B8C5C20EAB7EFA04
SHA-25671921BED7E0B9024243A5512101F6F8E7CDBB494DA0530F2F3D97551E1713832
SSDEEP12:XHi2BQ7KSPuaYzRuyhglEfXYRyHP77bGVlwqybbBr0q9UyptJV4HO:XC29S2aYdRSYP7bGPw7PBr6OtJ+u
TLSHT1E801657BB5AC35D757C46A5C71D1028B7280AD4441FAF6C30BD1C32484A08FAD0C0C7E
hashlookup:parent-total109
hashlookup:trust100

Network graph view

Parents (Total: 109)

The searched file hash is included in 109 parent files which include package known and seen by metalookup. A sample is included below:

Key Value
FileSize178060
MD55C92B46CA0ACBDEDD32BA03506EE1A91
PackageDescriptionPort Scan Attack Detector PSAD is a collection of four lightweight system daemons (in Perl and C) designed to work with iptables to detect port scans. It features: * a set of highly configurable danger thresholds (with sensible defaults provided); * verbose alert messages that include the source, destination, scanned port range, beginning and end times, TCP flags, and corresponding Nmap options; * reverse DNS information; * alerts via email; * automatic blocking of offending IP addresses via dynamic firewall configuration. . When combined with fwsnort and the iptables string match extension, PSAD is capable of detecting many attacks described in the Snort rule set that involve application layer data.
PackageMaintainerDebian QA Group <packages@qa.debian.org>
PackageNamepsad
PackageSectionadmin
PackageVersion2.4.6-1
SHA-1027AD719E050862C177406F7D55920C6C0D4CA6E
SHA-25607756D5526272DC5987C69FD68BEE895AD6D08A78B245EA7C55F0647A7C2E852
Key Value
MD545A4B8325F05AE181F666CA24505AAAB
PackageArchs390
PackageDescriptionPort Scan Attack Detector (psad) is a collection of three lightweight system daemons written in Perl and in C that are designed to work with Linux iptables firewalling code to detect port scans and other suspect traffic. It features a set of highly configurable danger thresholds (with sensible defaults provided), verbose alert messages that include the source, destination, scanned port range, begin and end times, tcp flags and corresponding nmap options, reverse DNS info, email and syslog alerting, automatic blocking of offending ip addresses via dynamic configuration of iptables rulesets, and passive operating system fingerprinting. In addition, psad incorporates many of the tcp, udp, and icmp signatures included in the snort intrusion detection system (http://www.snort.org) to detect highly suspect scans for various backdoor programs (e.g. EvilFTP, GirlFriend, SubSeven), DDoS tools (mstream, shaft), and advanced port scans (syn, fin, xmas) which are easily leveraged against a machine via nmap. psad can also alert on snort signatures that are logged via fwsnort (http://www.cipherdyne.org/fwsnort/), which makes use of the iptables string match module to detect application layer signatures.
PackageMaintainerFedora Project
PackageNamepsad
PackageRelease6.fc23
PackageVersion2.2.1
SHA-102A293B93629DB38403B1AAB5CA13ED619FD8702
SHA-2567034157F3D1C0231E7013D56E19D7C256BD775E07B43E266B4E2A021A6009F1E
Key Value
FileSize177356
MD508389DBF6C2D52B763549F433D4ABFCD
PackageDescriptionPort Scan Attack Detector PSAD is a collection of four lightweight system daemons (in Perl and C) designed to work with iptables to detect port scans. It features: * a set of highly configurable danger thresholds (with sensible defaults provided); * verbose alert messages that include the source, destination, scanned port range, beginning and end times, TCP flags, and corresponding Nmap options; * reverse DNS information; * alerts via email; * automatic blocking of offending IP addresses via dynamic firewall configuration. . When combined with fwsnort and the iptables string match extension, PSAD is capable of detecting many attacks described in the Snort rule set that involve application layer data.
PackageMaintainerThiago Andrade Marques <andrade@debian.org>
PackageNamepsad
PackageSectionadmin
PackageVersion2.4.6-2
SHA-10C9C3223B7B46C9815773895DA0D52CF8CA37681
SHA-256F53F592525684FBCDEABD81862B4A316DA100AE98E508518E108647AC0607434
Key Value
MD5F2DA0E368E40EF227EFE394699E1B043
PackageArchppc
PackageDescriptionPort Scan Attack Detector (psad) is a collection of three lightweight system daemons written in Perl and in C that are designed to work with Linux iptables firewalling code to detect port scans and other suspect traffic. It features a set of highly configurable danger thresholds (with sensible defaults provided), verbose alert messages that include the source, destination, scanned port range, begin and end times, tcp flags and corresponding nmap options, reverse DNS info, email and syslog alerting, automatic blocking of offending ip addresses via dynamic configuration of iptables rulesets, and passive operating system fingerprinting. In addition, psad incorporates many of the tcp, udp, and icmp signatures included in the snort intrusion detection system (http://www.snort.org) to detect highly suspect scans for various backdoor programs (e.g. EvilFTP, GirlFriend, SubSeven), DDoS tools (mstream, shaft), and advanced port scans (syn, fin, xmas) which are easily leveraged against a machine via nmap. psad can also alert on snort signatures that are logged via fwsnort (http://www.cipherdyne.org/fwsnort/), which makes use of the iptables string match module to detect application layer signatures.
PackageMaintainerKoji
PackageNamepsad
PackageRelease2.fc15
PackageVersion2.1.7
SHA-10CFC20A38DA9F3F64FC03314BE6F5E22DC2DB386
SHA-2568ACF914ED95B4802E498A9B0331EBE03F6762EF5E8CC9A3CD6B81687F0D5A01C
Key Value
MD5B961A7BF829A6E6FBD893ABF7143FFBD
PackageArchppc64le
PackageDescriptionPort Scan Attack Detector (psad) is a collection of three lightweight system daemons written in Perl and in C that are designed to work with Linux iptables firewalling code to detect port scans and other suspect traffic. It features a set of highly configurable danger thresholds (with sensible defaults provided), verbose alert messages that include the source, destination, scanned port range, begin and end times, tcp flags and corresponding nmap options, reverse DNS info, email and syslog alerting, automatic blocking of offending ip addresses via dynamic configuration of iptables rulesets, and passive operating system fingerprinting. In addition, psad incorporates many of the tcp, udp, and icmp signatures included in the snort intrusion detection system (https://www.snort.org) to detect highly suspect scans for various backdoor programs (e.g. EvilFTP, GirlFriend, SubSeven), DDoS tools (mstream, shaft), and advanced port scans (syn, fin, xmas) which are easily leveraged against a machine via nmap. psad can also alert on snort signatures that are logged via fwsnort (https://www.cipherdyne.org/fwsnort/), which makes use of the iptables string match module to detect application layer signatures.
PackageMaintainerFedora Project
PackageNamepsad
PackageRelease4.el7
PackageVersion2.4.3
SHA-10DEACDAC8A6824BFF3795AB4814B64CB09403595
SHA-256BEAAA126F0F5870CBB2B0DAA2D205DB8F82F08A41B24B568F32BE64AE638285D
Key Value
MD518430002C705C25EEA451073ADE21BB4
PackageArchs390
PackageDescriptionPort Scan Attack Detector (psad) is a collection of three lightweight system daemons written in Perl and in C that are designed to work with Linux iptables firewalling code to detect port scans and other suspect traffic. It features a set of highly configurable danger thresholds (with sensible defaults provided), verbose alert messages that include the source, destination, scanned port range, begin and end times, tcp flags and corresponding nmap options, reverse DNS info, email and syslog alerting, automatic blocking of offending ip addresses via dynamic configuration of iptables rulesets, and passive operating system fingerprinting. In addition, psad incorporates many of the tcp, udp, and icmp signatures included in the snort intrusion detection system (http://www.snort.org) to detect highly suspect scans for various backdoor programs (e.g. EvilFTP, GirlFriend, SubSeven), DDoS tools (mstream, shaft), and advanced port scans (syn, fin, xmas) which are easily leveraged against a machine via nmap. psad can also alert on snort signatures that are logged via fwsnort (http://www.cipherdyne.org/fwsnort/), which makes use of the iptables string match module to detect application layer signatures.
PackageMaintainerFedora Project
PackageNamepsad
PackageRelease5.fc17
PackageVersion2.1.7
SHA-112867A84310B006EE7CC9674A2B412BD3F26AD6B
SHA-256B8AE9999FC76E3C42A4B5A889A96B564C2EDF23A211CD4D78D4E655E6171CA92
Key Value
MD554CDD21BBC84A4CABDA331435819E632
PackageArchppc64le
PackageDescriptionPort Scan Attack Detector (psad) is a collection of three lightweight system daemons written in Perl and in C that are designed to work with Linux iptables firewalling code to detect port scans and other suspect traffic. It features a set of highly configurable danger thresholds (with sensible defaults provided), verbose alert messages that include the source, destination, scanned port range, begin and end times, tcp flags and corresponding nmap options, reverse DNS info, email and syslog alerting, automatic blocking of offending ip addresses via dynamic configuration of iptables rulesets, and passive operating system fingerprinting. In addition, psad incorporates many of the tcp, udp, and icmp signatures included in the snort intrusion detection system (http://www.snort.org) to detect highly suspect scans for various backdoor programs (e.g. EvilFTP, GirlFriend, SubSeven), DDoS tools (mstream, shaft), and advanced port scans (syn, fin, xmas) which are easily leveraged against a machine via nmap. psad can also alert on snort signatures that are logged via fwsnort (http://www.cipherdyne.org/fwsnort/), which makes use of the iptables string match module to detect application layer signatures.
PackageMaintainerFedora Project
PackageNamepsad
PackageRelease5.fc21
PackageVersion2.2.1
SHA-115E0E9D19EC24DC5301DBA46D2FA43409350A3F7
SHA-2568D68AD1072D8421F7CA2222622A2CF83AE6CC998F34D26EE7167D43783D0DF6B
Key Value
MD55F75F201039630C406C4A5D6D355C74A
PackageArchppc
PackageDescriptionPort Scan Attack Detector (psad) is a collection of three lightweight system daemons written in Perl and in C that are designed to work with Linux iptables firewalling code to detect port scans and other suspect traffic. It features a set of highly configurable danger thresholds (with sensible defaults provided), verbose alert messages that include the source, destination, scanned port range, begin and end times, tcp flags and corresponding nmap options, reverse DNS info, email and syslog alerting, automatic blocking of offending ip addresses via dynamic configuration of iptables rulesets, and passive operating system fingerprinting. In addition, psad incorporates many of the tcp, udp, and icmp signatures included in the snort intrusion detection system (http://www.snort.org) to detect highly suspect scans for various backdoor programs (e.g. EvilFTP, GirlFriend, SubSeven), DDoS tools (mstream, shaft), and advanced port scans (syn, fin, xmas) which are easily leveraged against a machine via nmap. psad can also alert on snort signatures that are logged via fwsnort (http://www.cipherdyne.org/fwsnort/), which makes use of the iptables string match module to detect application layer signatures.
PackageMaintainerFedora Project
PackageNamepsad
PackageRelease3.fc20
PackageVersion2.2.1
SHA-1167A8DC3C129BF067177F754435ED290AE8D6BA1
SHA-25641C8A868A07025203F1532FAB9D9F4202CB6E1F72A20069850480820FCE0CE13
Key Value
FileSize150276
MD56A4B3AFB0110211FEB63743B75147F01
PackageDescriptionPort Scan Attack Detector PSAD is a collection of four lightweight system daemons (in Perl and C) designed to work with iptables to detect port scans. It features: * a set of highly configurable danger thresholds (with sensible defaults provided); * verbose alert messages that include the source, destination, scanned port range, beginning and end times, TCP flags, and corresponding Nmap options; * reverse DNS information; * alerts via email; * automatic blocking of offending IP addresses via dynamic firewall configuration. . When combined with fwsnort and the iptables string match extension, PSAD is capable of detecting many attacks described in the Snort rule set that involve application layer data.
PackageMaintainerUbuntu Developers <ubuntu-devel-discuss@lists.ubuntu.com>
PackageNamepsad
PackageSectionadmin
PackageVersion2.4.3-1.2
SHA-11760E1C0467D113ECB633F13FEB7400338DC8A82
SHA-25632647908524B0610FFDF3181763A1F44E430BDF70E9CA2A6717F99231B398904
Key Value
MD5210F4B4EFEA0A524B8BBFABFC615FD58
PackageArchnoarch
PackageDescriptionPort Scan Attack Detector (psad) is a lightweight system daemon written in Perl designed to work with Linux iptables firewalling code to detect port scans and other suspect traffic. It features a set of highly configurable danger thresholds (with sensible defaults provided), verbose alert messages that include the source, destination, scanned port range, begin and end times, tcp flags and corresponding nmap options, reverse DNS info, email and syslog alerting, automatic blocking of offending ip addresses via dynamic configuration of iptables rulesets, and passive operating system fingerprinting. In addition, psad incorporates many of the tcp, udp, and icmp signatures included in the snort intrusion detection system (https://www.snort.org) to detect highly suspect scans for various backdoor programs (e.g. EvilFTP, GirlFriend, SubSeven), DDoS tools (mstream, shaft), and advanced port scans (syn, fin, xmas) which are easily leveraged against a machine via nmap. psad can also alert on snort signatures that are logged via fwsnort (https://www.cipherdyne.org/fwsnort/), which makes use of the iptables string match module to detect application layer signatures.
PackageMaintainerFedora Project
PackageNamepsad
PackageRelease8.fc34
PackageVersion2.4.6
SHA-117783DF975B2FA4FE7460AE895D7B9543EFC1411
SHA-256C341E172679D357503FED7356F6FA03AC9DE0689751CC4DE0BCE96DB666E3302