psad-2.2.3-5-omv2015.0.i586.rpm


Advertisement

Description

psad - Analyzses iptables log messages for suspect traffic

Property Value
Distribution OpenMandriva Lx 3.0
Repository OpenMandriva Main Release i586
Package filename psad-2.2.3-5-omv2015.0.i586.rpm
Package name psad
Package version 2.2.3
Package release 5-omv2015.0
Package architecture i586
Package type rpm
Category System/Servers
Homepage http://www.cipherdyne.org/psad/
License GPLv2+
Maintainer -
Download size 403.24 KB
Installed size 4.14 MB
Port Scan Attack Detector (psad) is a collection of four lightweight
system daemons written in Perl and C that are designed to work with
Linux firewalling code (iptables in the 2.4.x kernels, and ipchains
in the 2.2.x kernels) to detect port scans. It features a set of highly
configurable danger thresholds (with sensible defaults provided),
verbose alert messages that include the source, destination, scanned
port range, begin and end times, TCP flags and corresponding nmap
options (Linux 2.4.x kernels only), email alerting, and automatic
blocking of offending IP addresses via dynamic configuration of
ipchains/iptables firewall rulesets. In addition, for the 2.4.x kernels
psad incorporates many of the TCP, UDP, and ICMP signatures included in
Snort to detect highly suspect scans for various backdoor programs
(e.g. EvilFTP, GirlFriend, SubSeven), DDoS tools (mstream, shaft), and
advanced port scans (syn, fin, Xmas) which are easily leveraged against
a machine via nmap. Psad also uses packet TTL, IP id, TOS, and TCP
window sizes to passively fingerprint the remote operating system from
which scans originate.

Alternatives

Package Version Architecture Repository
psad-2.2.3-5-omv2015.0.x86_64.rpm 2.2.3 x86_64 OpenMandriva Main Release
psad - - -

Requires

Name Value
libc.so.6 -
libc.so.6(GLIBC_2.0) -
libc.so.6(GLIBC_2.1) -
libc.so.6(GLIBC_2.3) -
perl(Data::Dumper) -
perl(File::Copy) -
perl(File::Path) -
perl(Getopt::Long) -
perl(IO::Handle) -
perl(IO::Socket) -
perl(POSIX) -
perl(Socket) -
perl-Bit-Vector -
perl-Date-Calc -
perl-IPTables-ChainMgr -
perl-IPTables-Parse -
perl-NetAddr-IP -
perl-Unix-Syslog -
rpm-helper -
sendmail-command -
userspace-ipfilter -
whois -

Provides

Name Value
config(psad) == 0:2.2.3-5:2015.0
psad == 2.2.3-5:2015.0

Download

Type URL
Mirror abf-downloads.openmandriva.org
Binary Package psad-2.2.3-5-omv2015.0.i586.rpm
Source Package psad-2.2.3-5.src.rpm

Install Howto

  1. Enable OpenMandriva Main Release repository on Install and Remove Software
  2. Update packages list:
    # urpmi.update -a
  3. Install psad rpm package:
    # urpmi psad

Files

Path
/etc/psad/auto_dl
/etc/psad/icmp6_types
/etc/psad/icmp_types
/etc/psad/ip_options
/etc/psad/pf.os
/etc/psad/posf
/etc/psad/psad.conf
/etc/psad/signatures
/etc/psad/snort_rules/VERSION
/etc/psad/snort_rules/attack-responses.rules
/etc/psad/snort_rules/backdoor.rules
/etc/psad/snort_rules/bad-traffic.rules
/etc/psad/snort_rules/chat.rules
/etc/psad/snort_rules/classification.config
/etc/psad/snort_rules/ddos.rules
/etc/psad/snort_rules/deleted.rules
/etc/psad/snort_rules/dns.rules
/etc/psad/snort_rules/dos.rules
/etc/psad/snort_rules/emerging-all.rules
/etc/psad/snort_rules/experimental.rules
/etc/psad/snort_rules/exploit.rules
/etc/psad/snort_rules/finger.rules
/etc/psad/snort_rules/ftp.rules
/etc/psad/snort_rules/icmp-info.rules
/etc/psad/snort_rules/icmp.rules
/etc/psad/snort_rules/imap.rules
/etc/psad/snort_rules/info.rules
/etc/psad/snort_rules/local.rules
/etc/psad/snort_rules/misc.rules
/etc/psad/snort_rules/multimedia.rules
/etc/psad/snort_rules/mysql.rules
/etc/psad/snort_rules/netbios.rules
/etc/psad/snort_rules/nntp.rules
/etc/psad/snort_rules/oracle.rules
/etc/psad/snort_rules/other-ids.rules
/etc/psad/snort_rules/p2p.rules
/etc/psad/snort_rules/policy.rules
/etc/psad/snort_rules/pop2.rules
/etc/psad/snort_rules/pop3.rules
/etc/psad/snort_rules/porn.rules
/etc/psad/snort_rules/reference.config
/etc/psad/snort_rules/rpc.rules
/etc/psad/snort_rules/rservices.rules
/etc/psad/snort_rules/scan.rules
/etc/psad/snort_rules/shellcode.rules
/etc/psad/snort_rules/smtp.rules
/etc/psad/snort_rules/snmp.rules
/etc/psad/snort_rules/sql.rules
/etc/psad/snort_rules/telnet.rules
/etc/psad/snort_rules/tftp.rules
/etc/psad/snort_rules/virus.rules
/etc/psad/snort_rules/web-attacks.rules
/etc/psad/snort_rules/web-cgi.rules
/etc/psad/snort_rules/web-client.rules
/etc/psad/snort_rules/web-coldfusion.rules
/etc/psad/snort_rules/web-frontpage.rules
/etc/psad/snort_rules/web-iis.rules
/etc/psad/snort_rules/web-misc.rules
/etc/psad/snort_rules/web-php.rules
/etc/psad/snort_rules/x11.rules
/etc/rc.d/init.d/psad
/usr/sbin/fwcheck_psad
/usr/sbin/kmsgsd
/usr/sbin/psad
/usr/sbin/psadwatchd
/usr/share/man/man8/fwcheck_psad.8.xz
/usr/share/man/man8/kmsgsd.8.xz
/usr/share/man/man8/psad.8.xz
/usr/share/man/man8/psadwatchd.8.xz
/var/lib/psad
/var/log/psad
/var/run/psad

Changelog

2015-07-19 - Bernhard Rosenkraenzer <bero@bero.eu> 2.2.3-5
- (a264fbc) MassBuild#774: Increase release tag
2014-12-07 - Bernhard Rosenkraenzer <bero@bero.eu> 2.2.3-4
- (ff66643) MassBuild#609: Increase release tag
2014-07-11 - Bernhard Rosenkraenzer <bero@bero.eu> 2.2.3-3
- (04eb623) MassBuild#451: Increase release tag
2014-06-13 - Bernhard Rosenkraenzer <bero@bero.eu> 2.2.3-2
- (7484056) MassBuild#436: Increase release tag
2014-03-17 - Denis Silakov <denis.silakov@rosalab.ru> 2.2.3-1
- (401d382) Updated to 2.2.3 (by updates_builder)
2014-02-05 - Denis Silakov <denis.silakov@rosalab.ru> 2.2.2-1
- (4f8f771) LOG Updated to 2.2.2 (by updates_builder)
2013-12-06 - Bernhard Rosenkraenzer <bero@bero.eu> 2.2-7
- (36cb36a) MassBuild#289: Increase release tag
2013-12-06 - Bernhard Rosenkraenzer <bero@bero.eu> 2.2-6
- (94f4092) MassBuild#289: Increase release tag
2013-12-06 - Bernhard Rosenkraenzer <bero@bero.eu> 2.2-5
- (2380418) MassBuild#289: Increase release tag
2013-12-06 - Bernhard Rosenkraenzer <bero@bero.eu> 2.2-4
- (6d0340d) MassBuild#289: Increase release tag

See Also

Package Description
psiconv-0.9.8-30-omv2015.0.i586.rpm PSION 5(MX) file format data conversion utilities
psmisc-22.21-10-omv2015.0.i586.rpm Utilities for managing processes on your system
psmisc-22.21-12-omv2015.0.i586.rpm Utilities for managing processes on your system
pstoedit-3.70-4-omv2015.0.i586.rpm Translates PostScript/PDF graphics into other vector formats
psutils-p17-29-omv2015.0.i586.rpm PostScript utilities
psyncclient-0.1-83-omv2015.0.i586.rpm ROSA Sync client
ptpcam-1.1.10-14-omv2015.0.i586.rpm Command line utility to access digital cameras via PTP
pulseaudio-8.0-2-omv2015.0.i586.rpm Sound server for Linux
pulseaudio-9.0-1-omv2015.0.i586.rpm Sound server for Linux
pulseaudio-client-config-8.0-2-omv2015.0.i586.rpm Client configuration for PulseAudio clients
pulseaudio-client-config-9.0-1-omv2015.0.i586.rpm Client configuration for PulseAudio clients
pulseaudio-esound-compat-8.0-2-omv2015.0.i586.rpm PulseAudio EsounD daemon compatibility script
pulseaudio-esound-compat-9.0-1-omv2015.0.i586.rpm PulseAudio EsounD daemon compatibility script
pulseaudio-module-bluetooth-8.0-2-omv2015.0.i586.rpm Bluetooth support for the PulseAudio sound server
pulseaudio-module-bluetooth-9.0-1-omv2015.0.i586.rpm Bluetooth support for the PulseAudio sound server
Advertisement
Advertisement