| Key | Value |
|---|---|
| FileName | ./usr/sbin/kmsgsd |
| FileSize | 24128 |
| MD5 | 9C4A817D4F58CE4582DA1B8EF89A0A94 |
| SHA-1 | 1516578C272F9657623FC06B31D0BE2990C9D5C1 |
| SHA-256 | 6FB39CC8CC79C9FCE1DA19B802E7FBBA5727E9E63C19B1A9C2660309AE75F388 |
| SSDEEP | 384:DRkiDPx5jzVCwyOWdV4ZtouYif6D/bWtMq:1kk55jY2WdVegTO |
| TLSH | T1C3B2B686DF052D12D0E7CF35455A9375273C2867A352A32BFE8C41B45F1BBCC9E6104A |
| hashlookup:parent-total | 1 |
| hashlookup:trust | 55 |
The searched file hash is included in 1 parent files which include package known and seen by metalookup. A sample is included below:
| Key | Value |
|---|---|
| FileSize | 178368 |
| MD5 | 1789B82B6D40774D2BEA9EF98865DFD9 |
| PackageDescription | Port Scan Attack Detector PSAD is a collection of four lightweight system daemons (in Perl and C) designed to work with iptables to detect port scans. It features: * a set of highly configurable danger thresholds (with sensible defaults provided); * verbose alert messages that include the source, destination, scanned port range, beginning and end times, TCP flags, and corresponding Nmap options; * reverse DNS information; * alerts via email; * automatic blocking of offending IP addresses via dynamic firewall configuration. . When combined with fwsnort and the iptables string match extension, PSAD is capable of detecting many attacks described in the Snort rule set that involve application layer data. |
| PackageMaintainer | Franck Joncourt <franck.joncourt@gmail.com> |
| PackageName | psad |
| PackageSection | admin |
| PackageVersion | 2.4.3-1.2 |
| SHA-1 | 69A5F4FC914398CA46AE814C7F85C647C80B2E71 |
| SHA-256 | 719BAA654CDF1676123563271CDC889C1725DDD4356C4E66FBDFA4D201812757 |