The Port Scan Attack Detector (also known as psad) is an open source set of system daemons, which are designed to detect port scans and other suspect traffic.
The Port Scan Attack Detector project features a set of highly configurable danger thresholds (with sensible defaults), verbose alert messages, email alerting, DShield reporting, and automatic blocking of offending IP addresses.
What's New in This Release: [ read full changelog ]
· SELinux policy files were added to make psad compatible with SELinux.
· The files are located in a new "selinux" directory in the sources.
· A bug was fixed in which local server ports were not reported correctly under netstat parsing.
· A bug was fixed in the start() function in the Gentoo init script which caused psad to not be started and the error "* ERROR: psad failed to start" to be generated.
· A bug that occurred when ENABLE_SYSLOG_FILE is enabled was fixed.