Detecting suspicious network traffic with psad    Tuesday, April 26 2005 @ 08:35 PM EDT Contributed by: glosser We go to the NewsForge for this tutorial on "psad". Have you ever wondered how many people are scanning your server looking for weaknesses? One way to find out is to install the Port Scan Attack Detector (psad), is a collection of three lightweight system daemons that alert you to suspicious network activity by analyzing iptables log files. With psad you can: * Detect port scans * View a report of all attacks, along with system resources consumed by PSAD * Detect application layer attacks using Snort rulesets * Block IP addresses in real time * Receive comprehensive email alerts * Report attacks to Dshield psad requires only an iptables firewall with logging enabled. Full tutorial   [ Views: 1414 ]

Detecting suspicious network traffic with psad | 0 comments | Create New Account

Newest First Oldest First Flat Nested No Comments Threaded

The following comments are owned by whoever posted them. This site is not responsible for what they say.

No user comments.