edge
1st July 2006, 00:43
Anyone here who tested this?
The Port Scan Attack Detector (psad) is a collection of three lightweight system daemons written in Perl and C that are designed to work with the Linux Netfilter firewalling code to detect port scans and other suspect traffic.
More info @ http://www.cipherdyne.com/psad/
I'm playing with it on a test server, and it does look like a nice tool!
It's sending me a lot of warning emails for port scans (me doing this as test) and it's even blocking access to the server when I over_do_it
Are there any other "tools" like this?
The Port Scan Attack Detector (psad) is a collection of three lightweight system daemons written in Perl and C that are designed to work with the Linux Netfilter firewalling code to detect port scans and other suspect traffic.
More info @ http://www.cipherdyne.com/psad/
I'm playing with it on a test server, and it does look like a nice tool!
It's sending me a lot of warning emails for port scans (me doing this as test) and it's even blocking access to the server when I over_do_it
Are there any other "tools" like this?