Login or Register to Ask a Question and Join Our Community


Software Releases - RSS News

Port Scan Attack Detector 2.1.1 (Default branch)

Login to Discuss or Reply to this Discussion in Our Community

 
Thread Tools Search this Thread
Special Forums News, Links, Events and Announcements Software Releases - RSS News Port Scan Attack Detector 2.1.1 (Default branch)
# 1  
Old 01-26-2008
Port Scan Attack Detector 2.1.1 (Default branch)
The Port Scan Attack Detector (psad) is a collection of three system daemons that are designed to work with the Linux iptables firewalling code to detect port scans and other suspect traffic. It features a set of highly configurable danger thresholds (with sensible defaults), verbose alert messages, email alerting, DShield reporting, and automatic blocking of offending IP addresses. Psad incorporates many of the packet signatures included in Snort to detect various kinds of suspicious scans, and implements the same passive OS fingerprinting algorithm used by p0f. License: GNU General Public License (GPL) Changes:
A new feature whereby iptables log data can be acquired just by parsing an existing file (/var/log/messages by default) that is written to by syslog was added. Better installation support was provided for various Linux distributions, including Fedora 8 and Ubuntu. Situations where either the /var/log/psad/fwdata file or the /var/log/messages file (whichever syslog is writing iptables log messages to) gets rotated are now handled automatically.Image

More...
Login or Register to Ask a Question

Previous Thread | Next Thread

4 More Discussions You Might Find Interesting

1. Shell Programming and Scripting

Formatting port scan output

I need to format port scan output for input into another app. This is what I have; 1025/tcp 1521/tcp 2301/tcp 2381/tcp 3191/tcp 3389/tcp 5938/tcp 47001/tcp 54321/tcp 21/tcp 80/tcp 135/tcp 139/tcp 445/tcp 1025/tcp (4 Replies)
Discussion started by: lewk
4 Replies

2. Shell Programming and Scripting

port scan shell script

Hi, Can any one please suggest me commands for making port scan shell script. (3 Replies)
Discussion started by: nrbhole
3 Replies

3. UNIX for Advanced & Expert Users

Please let me know Regarding Port Scan

Can any one please let me know below ones 1) How to Perform the Port Scan in Solaris Environment and how to block the unwanted Ports. 2) How to know whether particular Port is listning the requests or not? Thanks Ramkumar.B (7 Replies)
Discussion started by: myramkumar
7 Replies

4. UNIX for Dummies Questions & Answers

unix program that can port scan a c block of ips for proxies

can anyone tell me a unix program that can port scan a c block of ips for proxies? a fast one, with reliable results, that can load an ip list, or set an ip range, and specify ports thanks! (1 Reply)
Discussion started by: user
1 Replies
Login or Register to Ask a Question

LEARN ABOUT DEBIAN

fwcheck_psad

FWCHECK_PSAD(8) 					      System Manager's Manual						   FWCHECK_PSAD(8)

NAME

       fwcheck_psad - look for iptables rules that log and block unwanted packets.

SYNOPSIS

       fwcheck_psad [options]

DESCRIPTION

       fwcheck_psad  parses the iptables ruleset on the underlying system to see if iptables has been configured to log and block unwanted packets
       by default. This program is called by psad , but can also be executed manually from the command line.

OPTIONS

	--config
	      Specify path to the psad configuration file. By default this is /etc/psad/psad.conf.

	--fw-file
	      Allow the user to analyze a specific rulset from a file rather than the local policy.

	--fw-analyze
	      Analyze the local iptables ruleset and exit.

	--no-fw-search-all
	      Look for specific log prefix defined through the FW_MSG_SEARCH variable(s) in the configuration file.

	--Lib-dir
	      Specify path to psad lib directory.

	--help
	      Display the help message.

SEE ALSO

       iptables(8), psad(8)

AUTHOR

       Michael Rash <mbr@cipherdyne.org>

BUGS

       Send bug reports to mbr@cipherdyne.org.	Suggestions and/or comments are always welcome as well.

DISTRIBUTION

       psad is distributed under the GNU General Public License (GPL), and the latest version may be downloaded from: http://www.cipherdyne.org/

Debian GNU/Linux						     Aug, 2008							   FWCHECK_PSAD(8)