[Dshield] psad-1.2 release

Michael Rash mbr at cipherdyne.com
Thu Jun 19 19:40:13 GMT 2003


Sorry, I forgot to include a link to psad-1.2:

http://www.cipherdyne.org/psad/download/psad-1.2.tar.gz

--Mike

Michael Rash
http://www.cipherdyne.org
Key fingerprint = 53EA 13EA 472E 3771 894F  AC69 95D8 5D6B A742 839F


On Jun 19, 2003, Michael Rash wrote:

> (I'm posting this since psad now includes the ability to send alerts
> in the dshield format to dshield.)
> 
> Here are the changes since psad-1.1.1:
> 
>     -Added passive OS fingerprinting based on packet ttl, length,
>      tos, and id fields.
>     -Added dshield.org alerting capability.
>     -Added exec_external_script() for external script execution.
>     -Added auto blocked timeouts.
>     -Implemented config re-imports via HUP signals in a manner
>      similar to various other system daemons (sysylog, apache
>      etc.)
>     -Better --Status output that shows packet counts per protocol
>      for each ip.
>     -Added --ip-status for more verbose status output for a
>      particular ip address.
>     -Added config preservation code to install.pl.
>     -Added Psad::psyslog().
>     -Split psad.conf into a separate config file for each of the
>      four psad daemons.
>     -Completely re-worked the auto blocking code (made dedicated
>      files for iptables and ipchains block methods).
>     -Added danger level hash.
>     -Minor code cleanups (shorter hash keys, etc.).
> 
> --Mike
> 
> Michael Rash
> http://www.cipherdyne.com
> Key fingerprint = 53EA 13EA 472E 3771 894F  AC69 95D8 5D6B A742 839F
> 
> _______________________________________________
> list mailing list
> list at dshield.org
> To change your subscription options (or unsubscribe), see: http://www.dshield.org/mailman/listinfo/list




More information about the list mailing list