SEARCH
NEW RPMS
DIRECTORIES
ABOUT
FAQ
VARIOUS
BLOG

 
 

psad rpm build for : Rawhide. For other distributions click psad.

Name : psad
Version : 2.4.6 Vendor : Fedora Project
Release : 18.fc41 Date : 2024-07-20 03:48:47
Group : Unspecified Source RPM : psad-2.4.6-18.fc41.src.rpm
Size : 14.73 MB
Packager : Fedora Project
Summary : Port Scan Attack Detector (psad) watches for suspect traffic
Description :
Port Scan Attack Detector (psad) is a lightweight
system daemon written in Perl designed to work with Linux
iptables firewalling code to detect port scans and other suspect traffic. It
features a set of highly configurable danger thresholds (with sensible
defaults provided), verbose alert messages that include the source,
destination, scanned port range, begin and end times, tcp flags and
corresponding nmap options, reverse DNS info, email and syslog alerting,
automatic blocking of offending ip addresses via dynamic configuration of
iptables rulesets, and passive operating system fingerprinting. In addition,
psad incorporates many of the tcp, udp, and icmp signatures included in the
snort intrusion detection system (https://www.snort.org) to detect highly
suspect scans for various backdoor programs (e.g. EvilFTP, GirlFriend,
SubSeven), DDoS tools (mstream, shaft), and advanced port scans (syn, fin,
xmas) which are easily leveraged against a machine via nmap. psad can also
alert on snort signatures that are logged via fwsnort
(https://www.cipherdyne.org/fwsnort/), which makes use of the
iptables string match module to detect application layer signatures.

RPM found in directory: /vol/rzm3/linux-fedora-buffet/fedora-secondary/development/rawhide/Everything/s390x/os/Packages/p

Content of RPM  Changelog  Provides Requires

Download
ftp.icm.edu.pl  psad-2.4.6-18.fc41.noarch.rpm
ftp.icm.edu.pl  psad-2.4.6-18.fc41.noarch.rpm
ftp.icm.edu.pl  psad-2.4.6-18.fc41.noarch.rpm
ftp.icm.edu.pl  psad-2.4.6-18.fc41.noarch.rpm
     

Provides :
config(psad)
psad

Requires :
/bin/ps
/bin/sh
/bin/sh
/bin/sh
/usr/bin/killall
/usr/bin/perl
/usr/sbin/semodule
/usr/sbin/semodule
config(psad) = 2.4.6-18.fc41
gzip
iproute
iptables
perl(Bit::Vector)
perl(Carp::Clan)
perl(Data::Dumper)
perl(Date::Calc)
perl(File::Copy)
perl(File::Path)
perl(Getopt::Long)
perl(IO::Handle)
perl(IO::Select)
perl(IO::Socket)
perl(IPTables::ChainMgr)
perl(IPTables::Parse)
perl(NetAddr::IP)
perl(POSIX)
perl(Socket)
perl(Storable)
perl(Unix::Syslog)
perl(strict)
policycoreutils >= 2.4
rpmlib(CompressedFileNames) <= 3.0.4-1
rpmlib(FileDigests) <= 4.6.0-1
rpmlib(PayloadFilesHavePrefix) <= 4.0-1
rpmlib(PayloadIsZstd) <= 5.4.18-1


Content of RPM :
/etc/logrotate.d
/etc/logrotate.d/psad
/etc/psad
/etc/psad/auto_dl
/etc/psad/icmp6_types
/etc/psad/icmp_types
/etc/psad/ip_options
/etc/psad/pf.os
/etc/psad/posf
/etc/psad/protocols
/etc/psad/psad.conf
/etc/psad/signatures
/etc/psad/snort_rule_dl
/etc/psad/snort_rules
/etc/psad/snort_rules/VERSION
/etc/psad/snort_rules/attack-responses.rules
/etc/psad/snort_rules/backdoor.rules
/etc/psad/snort_rules/bad-traffic.rules
/etc/psad/snort_rules/chat.rules
/etc/psad/snort_rules/classification.config
/etc/psad/snort_rules/ddos.rules
/etc/psad/snort_rules/deleted.rules
/etc/psad/snort_rules/dns.rules
/etc/psad/snort_rules/dos.rules
/etc/psad/snort_rules/emerging-all.rules
/etc/psad/snort_rules/experimental.rules
/etc/psad/snort_rules/exploit.rules
/etc/psad/snort_rules/finger.rules
/etc/psad/snort_rules/ftp.rules
/etc/psad/snort_rules/icmp-info.rules
There is 59 files more in these RPM.

 
ICM