psad binary package in Ubuntu Xenial s390x
PSAD is a collection of four lightweight system daemons (in Perl and
C) designed to work with iptables to detect port scans. It features:
* a set of highly configurable danger thresholds (with sensible
defaults provided);
* verbose alert messages that include the source, destination,
scanned port range, beginning and end times, TCP flags, and
corresponding Nmap options;
* reverse DNS information;
* alerts via email;
* automatic blocking of offending IP addresses via dynamic firewall
configuration.
.
When combined with fwsnort and the iptables string match extension,
PSAD is capable of detecting many attacks described in the Snort rule
set that involve application layer data.
Publishing history
Date | Status | Target | Component | Section | Priority | Phased updates | Version | ||
---|---|---|---|---|---|---|---|---|---|
2015-12-05 02:20:44 UTC | Published | Ubuntu Xenial s390x | release | universe | admin | Optional | 2.2.3-1 | ||
|