PCISP

The Port Scan Attack Detector (psad) is a
collection of three system daemons that are
designed to work with the Linux iptables
firewalling code to detect port scans and other
suspect traffic. It features a set of highly
configurable danger thresholds (with sensible
defaults), verbose alert messages, email alerting,
DShield reporting, and automatic blocking of
offending IP addresses. Psad incorporates many of
the packet signatures included in Snort to detect
various kinds of suspicious scans, and implements
the same passive OS fingerprinting algorithm used
by p0f.

hr /
strongLicense:/strong GNU General Public License (GPL)
hr /
strongChanges:/strongbr /
SELinux policy files were added to make psad compatible with SELinux. The files are located in a new "selinux" directory in the sources. A bug was fixed in which local server ports were not reported correctly under netstat parsing. A bug was fixed in the start() function in the Gentoo init script which caused psad to not be started and the error "* ERROR: psad failed to start" to be generated. A bug that occurred when ENABLE_SYSLOG_FILE is enabled was fixed.br clear=both style=clear: both;/
br clear=both style=clear: both;/
a href=http://www.pheedo.com/click.phdo?s=f9bf759cefbbeb7918cd6d7056c0b860p=1img alt= style=border: 0; border=0 src=http://www.pheedo.com/img.phdo?s=f9bf759cefbbeb7918cd6d7056c0b860p=1//a