psad-2.4.6-13.fc37 RPM for noarch

From Fedora 37 for ppc64le / p

Port Scan Attack Detector (psad) is a lightweight
system daemon written in Perl designed to work with Linux
iptables firewalling code to detect port scans and other suspect traffic.  It
features a set of highly configurable danger thresholds (with sensible
defaults provided), verbose alert messages that include the source,
destination, scanned port range, begin and end times, tcp flags and
corresponding nmap options, reverse DNS info, email and syslog alerting,
automatic blocking of offending ip addresses via dynamic configuration of
iptables rulesets, and passive operating system fingerprinting.  In addition,
psad incorporates many of the tcp, udp, and icmp signatures included in the
snort intrusion detection system (https://www.snort.org) to detect highly
suspect scans for various backdoor programs (e.g. EvilFTP, GirlFriend,
SubSeven), DDoS tools (mstream, shaft), and advanced port scans (syn, fin,
xmas) which are easily leveraged against a machine via nmap.  psad can also
alert on snort signatures that are logged via fwsnort
(https://www.cipherdyne.org/fwsnort/), which makes use of the
iptables string match module to detect application layer signatures.

Provides

• psad
• config(psad)

Requires

• /bin/ps
• /bin/sh
• /bin/sh
• /bin/sh
• /usr/bin/killall
• /usr/bin/perl
• /usr/sbin/semodule
• /usr/sbin/semodule
• config(psad) = 2.4.6-13.fc37
• gzip
• iproute
• iptables
• perl(Bit::Vector)
• perl(Carp::Clan)
• perl(Data::Dumper)
• perl(Date::Calc)
• perl(File::Copy)
• perl(File::Path)
• perl(Getopt::Long)
• perl(IO::Handle)
• perl(IO::Select)
• perl(IO::Socket)
• perl(IPTables::ChainMgr)
• perl(IPTables::Parse)
• perl(NetAddr::IP)
• perl(POSIX)
• perl(Socket)
• perl(Storable)
• perl(Unix::Syslog)
• perl(strict)
• policycoreutils >= 2.4
• rpmlib(CompressedFileNames) <= 3.0.4-1
• rpmlib(FileDigests) <= 4.6.0-1
• rpmlib(PayloadFilesHavePrefix) <= 4.0-1
• rpmlib(PayloadIsZstd) <= 5.4.18-1

License

GPLv2+

Changelog

* Fri Jul 22 2022 Fedora Release Engineering <releng@fedoraproject.org> - 2.4.6-13
  - Rebuilt for https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild
  - complete move to /run (fixes rhbz#2113605) (Dominik Mierzejewski)
* Fri Jun 10 2022 Dominik Mierzejewski <rpm@greysector.net> - 2.4.6-12
  - move PID file to /run
  - silence some new SELinux getattr AVC denials
* Fri Jan 21 2022 Fedora Release Engineering <releng@fedoraproject.org> - 2.4.6-11
  - Rebuilt for https://fedoraproject.org/wiki/Fedora_36_Mass_Rebuild
* Fri Jul 23 2021 Fedora Release Engineering <releng@fedoraproject.org> - 2.4.6-10
  - Rebuilt for https://fedoraproject.org/wiki/Fedora_35_Mass_Rebuild
* Tue Mar 02 2021 Zbigniew Jędrzejewski-Szmek <zbyszek@in.waw.pl> - 2.4.6-9
  - Rebuilt for updated systemd-rpm-macros
    See https://pagure.io/fesco/issue/2583.
* Wed Jan 27 2021 Fedora Release Engineering <releng@fedoraproject.org> - 2.4.6-8
  - Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild
* Tue Jul 28 2020 Fedora Release Engineering <releng@fedoraproject.org> - 2.4.6-7
  - Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild

Files

/etc/logrotate.d
/etc/logrotate.d/psad
/etc/psad
/etc/psad/auto_dl
/etc/psad/icmp6_types
/etc/psad/icmp_types
/etc/psad/ip_options
/etc/psad/pf.os
/etc/psad/posf
/etc/psad/protocols
/etc/psad/psad.conf
/etc/psad/signatures
/etc/psad/snort_rule_dl
/etc/psad/snort_rules
/etc/psad/snort_rules/VERSION
/etc/psad/snort_rules/attack-responses.rules
/etc/psad/snort_rules/backdoor.rules
/etc/psad/snort_rules/bad-traffic.rules
/etc/psad/snort_rules/chat.rules
/etc/psad/snort_rules/classification.config
/etc/psad/snort_rules/ddos.rules
/etc/psad/snort_rules/deleted.rules
/etc/psad/snort_rules/dns.rules
/etc/psad/snort_rules/dos.rules
/etc/psad/snort_rules/emerging-all.rules
/etc/psad/snort_rules/experimental.rules
/etc/psad/snort_rules/exploit.rules
/etc/psad/snort_rules/finger.rules
/etc/psad/snort_rules/ftp.rules
/etc/psad/snort_rules/icmp-info.rules
/etc/psad/snort_rules/icmp.rules
/etc/psad/snort_rules/imap.rules
/etc/psad/snort_rules/info.rules
/etc/psad/snort_rules/local.rules
/etc/psad/snort_rules/misc.rules
/etc/psad/snort_rules/multimedia.rules
/etc/psad/snort_rules/mysql.rules
/etc/psad/snort_rules/netbios.rules
/etc/psad/snort_rules/nntp.rules
/etc/psad/snort_rules/oracle.rules
/etc/psad/snort_rules/other-ids.rules
/etc/psad/snort_rules/p2p.rules
/etc/psad/snort_rules/policy.rules
/etc/psad/snort_rules/pop2.rules
/etc/psad/snort_rules/pop3.rules
/etc/psad/snort_rules/porn.rules
/etc/psad/snort_rules/reference.config
/etc/psad/snort_rules/rpc.rules
/etc/psad/snort_rules/rservices.rules
/etc/psad/snort_rules/scan.rules
/etc/psad/snort_rules/shellcode.rules
/etc/psad/snort_rules/smtp.rules
/etc/psad/snort_rules/snmp.rules
/etc/psad/snort_rules/sql.rules
/etc/psad/snort_rules/telnet.rules
/etc/psad/snort_rules/tftp.rules
/etc/psad/snort_rules/virus.rules
/etc/psad/snort_rules/web-attacks.rules
/etc/psad/snort_rules/web-cgi.rules
/etc/psad/snort_rules/web-client.rules
/etc/psad/snort_rules/web-coldfusion.rules
/etc/psad/snort_rules/web-frontpage.rules
/etc/psad/snort_rules/web-iis.rules
/etc/psad/snort_rules/web-misc.rules
/etc/psad/snort_rules/web-php.rules
/etc/psad/snort_rules/x11.rules
/run/psad
/run/psad/psad.cmd
/usr/bin/nf2csv
/usr/lib/systemd/system/psad.service
/usr/lib/tmpfiles.d/psad.conf
/usr/sbin/fwcheck_psad
/usr/sbin/psad
/usr/share/doc/psad
/usr/share/doc/psad/BENCHMARK
/usr/share/doc/psad/CREDITS
/usr/share/doc/psad/ChangeLog
/usr/share/doc/psad/FW_EXAMPLE_RULES
/usr/share/doc/psad/README.SYSLOG
/usr/share/doc/psad/README.md
/usr/share/doc/psad/SCAN_LOG
/usr/share/licenses/psad
/usr/share/licenses/psad/LICENSE
/usr/share/man/man1/nf2csv.1.gz
/usr/share/man/man8/fwcheck_psad.8.gz
/usr/share/man/man8/psad.8.gz
/var/lib/psad
/var/lib/psad/psadfifo
/var/log/psad

Generated by rpm2html 1.8.1

Fabrice Bellet, Tue Apr 9 21:14:35 2024