Tree:
99d3722f66
11.0
12.0
12.1
12.2
13.0
13.1
13.37
14.0
14.1
14.2
15.0
bedlam
bedlam-name-fixes
dive
erik
gitignore
libressl-gopher-test
master
misc-fixes
python-renames
rworkman
urchlay
user/aclemons/updates
user/anddt/development/acpica
user/anddt/development/glm
user/anddt/development/gnustep-base
user/anddt/development/gnustep-make
user/anddt/games/assaultcube-reloaded
user/anddt/games/doomseeker
user/anddt/games/prboom-plus
user/anddt/games/rocksndiamonds
user/anddt/games/rottexpr
user/anddt/games/srb2
user/anddt/graphics/blender
user/anddt/graphics/maim
user/anddt/ham/chirp
user/anddt/ham/hamlib
user/anddt/libraries/girara
user/anddt/libraries/goffice
user/anddt/libraries/gtksourceview4
user/anddt/libraries/imlib2
user/anddt/libraries/jsoncpp
user/anddt/libraries/libnova
user/anddt/libraries/libopenmpt
user/anddt/libraries/libtorrent
user/anddt/libraries/wxGTK3
user/anddt/libraries/xmlrpc-c
user/anddt/misc/discount
user/anddt/misc/slop
user/anddt/network/nethogs
user/anddt/network/putty
user/anddt/network/rclone
user/anddt/network/rtorrent
user/anddt/network/sshguard
user/anddt/network/strongswan
user/anddt/network/umurmur
user/anddt/network/yt-dlp
user/anddt/network/znc
user/anddt/office/gnumeric
user/anddt/office/sigil
user/anddt/system/FontAwesome
user/anddt/system/conky
user/anddt/system/fakeroot
user/anddt/system/hplip-plugin
user/anddt/system/postgresql
user/anddt/system/testdisk
user/anddt/system/worker
user/anddt/system/xen
user/anddt/system/zzzfm
user/belka/updates
user/chris.willing/updates
user/dslackw/updates
user/elyk/updates
user/kingbeowulf/updates
user/mario/updates
user/ponce/updates
user/pprkut/updates
willysr
wxWidgets-wip
GPG-KEY
15.0-20230325.1
15.0-20230318.1
15.0-20230312.1
15.0-20230304.1
15.0-20230225.1
15.0-20230218.1
15.0-20230211.1
15.0-20230204.1
15.0-20230128.1
15.0-20230121.1
15.0-20230114.1
15.0-20230107.1
15.0-20221231.1
15.0-20221223.1
15.0-20221217.1
15.0-20221210.1
15.0-20221203.1
15.0-20221126.1
15.0-20221119.1
15.0-20221112.1
15.0-20221105.1
15.0-20221029.1
15.0-20221020.1
15.0-20221015.1
15.0-20221008.1
15.0-20221001.1
15.0-20220925.1
15.0-20220917.1
15.0-20220910.1
15.0-20220903.1
15.0-20220827.1
15.0-20220820.1
15.0-20220813.1
15.0-20220806.1
15.0-20220730.1
15.0-20220723.1
15.0-20220716.1
15.0-20220709.1
15.0-20220702.1
15.0-20220618.1
15.0-20220611.1
15.0-20220604.1
15.0-20220528.1
15.0-20220521.1
15.0-20220514.1
15.0-20220507.1
15.0-20220430.1
15.0-20220423.1
15.0-20220416.1
15.0-20220409.1
15.0-20220402.1
15.0-20220326.1
15.0-20220320.1
15.0-20220317.1
15.0-20220312.1
15.0-20220311.1
14.2-20210417.1
14.2-20210410.1
14.2-20210403.1
14.2-20210327.1
14.2-20210320.1
14.2-20210313.1
14.2-20210306.1
14.2-20210227.1
14.2-20210220.1
14.2-20210213.1
14.2-20210206.1
14.2-20210130.1
14.2-20210123.1
14.2-20210117.1
14.2-20210109.1
14.2-20210102.1
14.2-20201226.1
14.2-20201219.1
14.2-20201212.1
14.2-20201206.1
14.2-20201128.1
14.2-20201121.1
14.2-20201114.1
14.2-20201107.1
14.2-20201031.1
14.2-20201024.1
14.2-20201017.1
14.2-20201010.1
14.2-20201003.1
14.2-20200926.1
14.2-20200919.1
14.2-20200912.1
14.2-20200905.1
14.2-20200829.1
14.2-20200628.1
14.2-20200620.1
14.2-20200614.1
14.2-20200606.1
14.2-20200601.1
14.2-20200523.1
14.2-20200516.1
14.2-20200510.1
14.2-20200503.1
14.2-20200424.1
14.2-20200419.1
14.2-20200411.1
14.2-20200406.1
14.2-20200404.1
14.2-20200328.1
14.2-20200321.1
14.2-20200314.1
14.2-20200307.1
14.2-20200229.1
14.2-20200223.1
14.2-20200215.1
14.2-20200208.1
14.2-20200201.1
14.2-20200126.1
14.2-20200118.1
14.2-20200112.1
14.2-20200103.1
14.2-20191231.1
14.2-20191221.1
14.2-20191215.1
14.2-20191207.1
14.2-20191201.1
14.2-20191123.1
14.2-20191116.1
14.2-20191109.1
14.2-20191102.1
14.2-20191026.1
14.2-20191019.1
14.2-20191012.1
14.2-20191005.1
14.2-20190928.1
14.2-20190921.1
14.2-20190914.1
14.2-20190907.1
14.2-20190831.1
14.2-20190824.1
14.2-20190818.1
14.2-20190810.1
14.2-20190803.1
14.2-20190727.1
14.2-20190720.1
14.2-20190713.1
14.2-20190706.2
14.2-20190706.1
14.2-20190629.1
14.2-20190622.1
14.2-20190615.1
14.2-20190608.1
14.2-20190601.1
14.2-20190525.1
14.2-20190518.1
14.2-20190511.1
14.2-20190504.1
14.2-20190427.1
14.2-20190420.1
14.2-20190413.1
14.2-20190406.1
14.2-20190330.1
14.2-20190323.1
14.2-20190316.1
14.2-20190302.1
14.2-20190223.1
14.2-20190217.1
14.2-20190209.1
14.2-20190202.1
14.2-20190126.1
14.2-20190119.1
14.2-20190112.1
14.2-20190105.1
14.2-20181229.1
14.2-20181225.1
14.2-20181222.1
14.2-20181215.1
14.2-20181209.1
14.2-20181201.1
14.2-20181124.1
14.2-20181117.1
14.2-20181110.1
14.2-20181103.1
14.2-20181027.1
14.2-20181020.1
14.2-20181013.1
14.2-20181006.1
14.2-20180929.1
14.2-20180923.1
14.2-20180922.1
14.2-20180915.1
14.2-20180908.1
14.2-20180901.1
14.2-20180825.1
14.2-20180818.1
14.2-20180811.1
14.2-20180804.1
14.2-20180728.1
14.2-20180721.1
14.2-20180717.1
14.2-20180714.1
14.2-20180707.1
14.2-20180630.1
14.2-20180623.1
14.2-20180618.1
14.2-20180614.1
14.2-20180609.1
14.2-20180602.1
14.2-20180526.1
14.2-20180520.1
14.2-20180519.1
14.2-20180512.1
14.2-20180504.1
14.2-20180427.1
14.2-20180421.1
14.2-20180414.1
14.2-20180407.1
14.2-20180401.1
14.2-20180331.1
14.2-20180324.1
14.2-20180317.1
14.2-20180310.1
14.2-20180305.1
14.2-20180303.1
14.2-20180224.1
14.2-20180217.1
14.2-20180210.1
14.2-20180203.1
14.2-20180127.1
14.2-20180120.1
14.2-20180117.1
14.2-20180113.1
14.2-20180110.1
14.2-20180106.1
14.2-20171228.1
14.2-20171223.1
14.2-20171221.1
14.2-20171216.1
14.2-20171209.1
14.2-20171201.1
14.2-20171124.1
14.2-20171120.1
14.2-20171118.1
14.2-20171111.1
14.2-20171104.1
14.2-20171101
14.2-20171028.1
14.2-20171021.1
14.2-20171014.2
14.2-20171014.1
14.2-20171010.1
14.2-20171007.1
14.2-20170930.1
14.2-20170923.1
14.2-20170917.1
14.2-20170916.1
14.2-20170909.1
14.2-20170902.1
14.2-20170826.1
14.2-20170819.1
14.2-20170813.1
14.2-20170812.1
14.2-20170805.1
14.2-20170729.1
14.2-20170726.1
14.2-20170722.1
14.2-20170715.1
14.2-20170712.1
14.2-20170708.1
14.2-20170701.1
14.2-20170624.1
14.2-20170617.1
14.2-20170615.1
14.2-20170610.1
14.2-20170606.1
14.2-20170603.1
14.2-20170527.1
14.2-20170520.1
14.2-20170513.1
14.2-20170506.1
14.2-20170429.1
14.2-20170422.1
14.2-20170415.1
14.2-20170413.1
14.2-20170408.2
14.2-20170408.1
14.2-20170401.1
14.2-20170326.1
14.2-20170325.1
14.2-20170318.1
14.2-20170311.1
14.2-20170305.1
14.2-20170304.1
14.2-20170225.1
14.2-20170221.1
14.2-20170218.1
14.2-20170211.1
14.2-20170204.1
14.2-20170128.1
14.2-20170124.1
14.2-20170121.1
14.2-20170114.1
14.2-20170110.1
14.2-20170109.1
14.2-20170107.1
14.2-20161231.1
14.2-20161224.1
14.2-20161217.2
14.2-20161217.1
14.2-20161210.1
14.2-20161204.1
14.2-20161203.1
14.2-20161126.1
14.2-20161119.1
14.2-20161115.1
14.2-20161114.1
14.2-20161112.1
14.2-20161111.1
14.2-20161105.1
14.2-20161029.1
14.2-20161022.1
14.2-20161015.1
14.2-20161008.1
14.2-20161001.2
14.2-20161001.1
14.2-20160925.1
14.2-20160924.1
14.2-20160917.1
14.2-20160914.2
14.2-20160914.1
14.2-20160911.2
14.2-20160911.1
14.2-20160903.1
14.2-20160827.1
14.2-20160820.1
14.2-20160814.1
14.2-20160813.1
14.2-20160807.1
14.2-20160805.1
14.2-20160730.1
14.2-20160724.1
14.2-20160721.1
14.2-20160720.2
14.2-20160720.1
14.2-20160717.2
14.2-20160717.1
14.2-20160709.1
14.2-20160702.2
14.2-20160702.1
14.1-20160902.1
14.1-20160629.1
14.1-20160627.2
14.1-20160627.1
14.1-20160625.1
14.1-20160623.1
14.1-20160619.2
14.1-20160619.1
14.1-20160512.1
14.1-20160419.1
14.1-20160407.1
14.1-20160403.1
14.1-20160321.1
14.1-20160227.1
14.1-20160117.1
14.1-20160113.1
14.1-20160111.1
14.1-20160109.1
14.1-20160101.1
14.1-20151225.2
14.1-20151225.1
14.1-20151219.1
14.1-20151212.1
14.1-20151205.1
14.1-20151128.1
14.1-20151121.1
14.1-20151114.1
14.1-20151107.1
14.1-20151031.1
14.1-20151024.1
14.1-20151018.1
14.1-20151010.1
14.1-20151003.1
14.1-20150926.1
14.1-20150919.1
14.1-20150912.1
14.1-20150906.1
14.1-20150905.1
14.1-20150829.2
14.1-20150829.1
14.1-20150822.1
14.1-20150815.1
14.1-20150809.1
14.1-20150801.1
14.1-20150725.1
14.1-20150716.1
14.1-20150712.1
14.1-20150708.1
14.1-20150704.1
14.1-20150628.2
14.1-20150628.1
14.1-20150620.2
14.1-20150620.1
14.1-20150614.2
14.1-20150614.1
14.1-20150607.1
14.1-20150531.1
14.1-20150524.1
14.1-20150517.1
14.1-20150510.1
14.1-20150503.1
14.1-20150426.1
14.1-20150419.1
14.1-20150412.1
14.1-20150405.1
14.1-20150329.1
14.1-20150322.1
14.1-20150314.1
14.1-20150307.1
14.1-20150228.2
14.1-20150228.1
14.1-20150221.1
14.1-20150215.1
14.1-20150208.1
14.1-20150207.1
14.1-20150131.1
14.1-20150124.1
14.1-20150118.1
14.1-20150110.1
14.1-20150103.1
14.1-20141231.1
14.1-20141228.1
14.1-20141225.1
14.1-20141220.1
14.1-20141213.1
14.1-20141206.1
14.1-20141129.2
14.1-20141129.1
14.1-20141122.1
14.1-20141115.1
14.1-20141107.1
14.1-20141101.1
14.1-20141025.1
14.1-20141018.2
14.1-20141018.1
14.1-20141011.1
14.1-20141005.1
14.1-20140927.1
14.1-20140920.1
14.1-20140913.1
14.1-20140905.2
14.1-20140905.1
14.1-20140830.2
14.1-20140830.1
14.1-20140822.1
14.1-20140815.1
14.1-20140809.1
14.1-20140803.1
14.1-20140722.1
14.1-20140717.1
14.1-20140707.1
14.1-20140705.1
14.1-20140629.2
14.1-20140629.1
14.1-20140623.1
14.1-20140618.1
14.1-20140611.1
14.1-20140604.1
14.1-20140528.1
14.1-20140520.1
14.1-20140514.1
14.1-20140505.1
14.1-20140429.1
14.1-20140427.1
14.1-20140423.1
14.1-20140414.1
14.1-20140413.1
14.1-20140412.1
14.1-20140322.1
14.1-20140321.1
14.1-20140312.1
14.1-20140307.1
14.1-20140221.1
14.1-20140218.1
14.1-20140216.1
14.1-20140211.1
14.1-20140208.1
14.1-20140202.2
14.1-20140202.1
14.1-20140201.1
14.1-20140130.1
14.1-20140107.1
14.1-20131225.1
14.1-20131217.1
14.1-20131214.1
14.1-20131206.1
14.1-20131202.1
14.1-20131130.1
14.1-20131128.1
14.1-20131126.1
14.1-20130321.1
14.0-20131116.1
14.0-20131114.2
14.0-20131114.1
14.0-20131112.1
14.0-20131111.1
14.0-20131106.1
14.0-20131104.1
14.0-20131031.1
14.0-20131030.1
14.0-20131028.1
14.0-20131012.1
14.0-20130714.2
14.0-20130714.1
14.0-20130707.1
14.0-20130702.1
14.0-20130629.1
14.0-20130623.1
14.0-20130616.1
14.0-20130609.1
14.0-20130605.1
14.0-20130604.1
14.0-20130513.1
14.0-20130428.1
14.0-20130415.2
14.0-20130415.1
14.0-20130322.1
14.0-20130304.1
14.0-20130225.1
14.0-20130223.1
14.0-20130214.1
14.0-20130206.1
14.0-20130120.1
14.0-20130110.1
14.0-20130101.1
14.0-20121230.1
14.0-20121225.1
14.0-20121223.1
14.0-20121212.1
14.0-20121124.1
14.0-20121118.1
14.0-20121104.1
14.0-20121018.1
14.0-20121007.2
14.0-20121007.1
14.0-20121002.1
13.37-20120815.1
13.37-20120801.1
13.37-20120721.1
13.37-20120702.1
13.37-20120701.1
13.37-20120603.1
13.37-20120527.1
13.37-20120521.1
13.37-20120514.1
13.37-20120508.1
13.37-20120507.1
13.37-20120430.1
13.37-20120422.1
13.37-20120416.1
13.37-20120409.1
13.37-20120402.1
13.37-20120330.1
13.37-20120329.1
13.37-20120220.2
13.37-20120220.1
13.37-20120218.1
13.37-20120212.1
13.37-20120113.1
13.37-20111231.1
13.37-20111227.1
13.37-20111223.1
13.37-20111222.1
13.37-20111218.2
13.37-20111218.1
13.37-20111211.1
13.37-20111126.2
13.37-20111126.1
13.37-20111105.1
13.37-20111022.1
13.37-20111012.1
13.37-20110929.1
13.37-20110921.1
13.37-20110906.1
13.37-20110905.1
13.37-20110829.1
13.37-20110811.1
13.37-20110722.1
13.37-20110714.1
13.37-20110620.1
13.37-20110613.1
13.37-20110519.1
13.37-20110517.1
13.37-20110503.1
13.37-20110427.1
13.1-20120121.1
13.1-20110406.1
13.1-20110327.1
13.1-20110314.1
13.1-20110310.1
13.1-20110308.1
13.1-20110304.1
13.1-20110301.1
13.1-20110228.1
13.1-20110207.1
13.1-20110116.1
13.1-20110110.1
13.1-20110102.1
13.1-20110101.1
13.1-20101229.1
13.1-20101227.1
13.1-20101221.1
13.1-20101217.1
13.1-20101212.2
13.1-20101212.1
13.1-20101207
13.1-20101205
13.1-20101129.1
13.1-20101122.1
13.1-20101025.1
13.1-20101020.1
13.1-20101018.1
13.1-20101012.1
13.1-20100922.1
13.1-20100912.1
13.1-20100830.1
13.1-20100829.1
13.1-20100823.1
13.1-20100818.1
13.1-20100816.1
13.1-20100815.1
13.1-20100811.1
13.1-20100801.1
13.1-20100726.1
13.1-20100721.1
13.1-20100716.1
13.1-20100711.1
13.1-20100710.1
13.1-20100708.2
13.1-20100708.1
13.1-20100706.1
13.1-20100704.2
13.1-20100704.1
13.1-20100703.2
13.1-20100703.1
13.1-20100702.1
13.1-20100701.2
13.1-20100701.1
13.1-20100630.1
13.1-20100629.1
13.1-20100623.1
13.1-20100620.1
13.1-20100617.2
13.1-20100617.1
13.1-20100616.2
13.1-20100616.1
13.1-20100615.1
13.1-20100614.2
13.1-20100614.1
13.1-20100613
13.1-20100612
13.1-20100609
13.1-20100606
13.1-20100605
13.1-20100527.2
13.1-20100527.1
13.1-20100517
13.1-20100428
13.1-20100422
13.1-20100410
13.1-20100407
13.1-20100324
13.1-20100322
13.1-20100321.2
13.1-20100321
13.1-20100217.1
B. Watson
3150fab611
network/psad: Wrap README at 72 columns.
|
2 years ago | |
|---|---|---|
| .. | ||
| README | 3150fab611 network/psad: Wrap README at 72 columns. | 2 years ago |
| doinst.sh | ceb90dda6e network/psad: Added (Intrusion Detection and Log Analysis). | 7 years ago |
| psad.SlackBuild | 63daf9f79a All: Support $PRINT_PACKAGE_NAME env var | 3 years ago |
| psad.info | 672514e23b network/psad: Updated for version 2.4.5. | 7 years ago |
| signatures | 772c39bce1 network/psad: Do not download signature by default. | 7 years ago |
| slack-desc | 99d0739ba8 network/psad: Fix slack-desc. | 7 years ago |
README
psad (Intrusion Detection and Log Analysis with iptables)
psad is a collection of three lightweight system daemons (two main
daemons and one helper daemon) that run on Linux machines and analyze
iptables log messages to detect port scans and other suspicious
traffic. A typical deployment is to run psad on the iptables firewall
where it has the fastest access to log data.
You can set email for alerts by setting ALERTSEMAIL:
ALERTSEMAIL=alerts@example.com ./psad.SlackBuild
You need at least these rules:
iptables -A INPUT -j LOG
iptables -A FORWARD -j LOG
but more usefull will be something like this:
iptables -A INPUT -i lo -j ACCEPT
iptables -A INPUT -m conntrack --ctstate ESTABLISHED,RELATED -j ACCEPT
iptables -A INPUT -p tcp --dport 22 -j ACCEPT
iptables -A INPUT -p tcp --dport 80 -j ACCEPT
iptables -A INPUT -j LOG
iptables -A INPUT -j DROP
please see documentation for more information.
NOTE:
psad requires several perl modules:
perl-Bit-Vector
perl-Date-Calc
perl-IPTables-Parse
perl-IPTables-ChainMgr
perl-NetAddr-IP
perl-Unix-Syslog
these are included in sources, so you don't need to install them.
But if you get some weird perl modules errors, you must uninstall
previous psad version before bulding new one.
Alternatively you can manually install this modules, all are available
on SlackBuilds.
NOTE:
The default option is NOT to download signatures.
We provide a signature file, but may be outdated as time goes by.
You can download them manually from:
http://www.cipherdyne.org/psad/signatures
...and place them in /etc/psad
psad is a collection of three lightweight system daemons (two main
daemons and one helper daemon) that run on Linux machines and analyze
iptables log messages to detect port scans and other suspicious
traffic. A typical deployment is to run psad on the iptables firewall
where it has the fastest access to log data.
You can set email for alerts by setting ALERTSEMAIL:
ALERTSEMAIL=alerts@example.com ./psad.SlackBuild
You need at least these rules:
iptables -A INPUT -j LOG
iptables -A FORWARD -j LOG
but more usefull will be something like this:
iptables -A INPUT -i lo -j ACCEPT
iptables -A INPUT -m conntrack --ctstate ESTABLISHED,RELATED -j ACCEPT
iptables -A INPUT -p tcp --dport 22 -j ACCEPT
iptables -A INPUT -p tcp --dport 80 -j ACCEPT
iptables -A INPUT -j LOG
iptables -A INPUT -j DROP
please see documentation for more information.
NOTE:
psad requires several perl modules:
perl-Bit-Vector
perl-Date-Calc
perl-IPTables-Parse
perl-IPTables-ChainMgr
perl-NetAddr-IP
perl-Unix-Syslog
these are included in sources, so you don't need to install them.
But if you get some weird perl modules errors, you must uninstall
previous psad version before bulding new one.
Alternatively you can manually install this modules, all are available
on SlackBuilds.
NOTE:
The default option is NOT to download signatures.
We provide a signature file, but may be outdated as time goes by.
You can download them manually from:
http://www.cipherdyne.org/psad/signatures
...and place them in /etc/psad