套件:psad(2.4.6-3 以及其他的) [debports]
Port Scan Attack Detector
PSAD is a collection of four lightweight system daemons (in Perl and C) designed to work with iptables to detect port scans. It features:
* a set of highly configurable danger thresholds (with sensible defaults provided); * verbose alert messages that include the source, destination, scanned port range, beginning and end times, TCP flags, and corresponding Nmap options; * reverse DNS information; * alerts via email; * automatic blocking of offending IP addresses via dynamic firewall configuration.
When combined with fwsnort and the iptables string match extension, PSAD is capable of detecting many attacks described in the Snort rule set that involve application layer data.
其他與 psad 有關的套件
|
|
|
|
-
- dep: init-system-helpers (>= 1.54~)
- helper tools for all init systems
-
- dep: default-mta
- 本虛擬套件由這些套件填實: exim4-daemon-light
- 或者 mail-transport-agent
- 本虛擬套件由這些套件填實: courier-mta, dma, esmtp-run, exim4-daemon-heavy, exim4-daemon-light, msmtp-mta, nullmailer, opensmtpd, postfix, sendmail-bin, ssmtp
-
- dep: iproute2
- networking and traffic control tools
-
- dep: iptables
- administration tools for packet filtering and NAT
-
- dep: libc6 (>= 2.34)
- GNU C 函式庫:共用函式庫
同時作為一個虛擬套件由這些套件填實: libc6-udeb
-
- dep: libcarp-clan-perl
- Perl enhancement to Carp error logging facilities
-
- dep: libdate-calc-perl
- Perl library for accessing dates
-
- dep: libiptables-chainmgr-perl
- Perl extension for manipulating iptables policies
-
- dep: libiptables-parse-perl
- Perl extension for parsing iptables firewall rulesets
-
- dep: libnet-ip-perl
- Perl extension for manipulating IPv4/IPv6 addresses
-
- dep: libunix-syslog-perl
- Perl interface to the UNIX syslog(3) calls
-
- dep: lsb-base
- transitional package for Linux Standard Base init script functionality
-
- dep: net-tools
- NET-3 networking toolkit
-
- dep: perl
- Larry Wall's Practical Extraction and Report Language
-
- dep: psmisc
- utilities that use the proc file system
-
- dep: rsyslog
- reliable system and kernel logging daemon
- 或者 system-log-daemon
- 本虛擬套件由這些套件填實: busybox-syslogd, inetutils-syslogd, rsyslog, socklog-run, syslog-ng-core
-
- dep: whois
- intelligent WHOIS client
-
- sug: fwsnort
- Snort-to-iptables rule translator