[Dshield] psad-1.2 release

Michael Rash mbr at cipherdyne.com
Thu Jun 19 19:40:13 GMT 2003

Sorry, I forgot to include a link to psad-1.2:



Michael Rash
Key fingerprint = 53EA 13EA 472E 3771 894F  AC69 95D8 5D6B A742 839F

On Jun 19, 2003, Michael Rash wrote:

> (I'm posting this since psad now includes the ability to send alerts
> in the dshield format to dshield.)
> Here are the changes since psad-1.1.1:
>     -Added passive OS fingerprinting based on packet ttl, length,
>      tos, and id fields.
>     -Added dshield.org alerting capability.
>     -Added exec_external_script() for external script execution.
>     -Added auto blocked timeouts.
>     -Implemented config re-imports via HUP signals in a manner
>      similar to various other system daemons (sysylog, apache
>      etc.)
>     -Better --Status output that shows packet counts per protocol
>      for each ip.
>     -Added --ip-status for more verbose status output for a
>      particular ip address.
>     -Added config preservation code to install.pl.
>     -Added Psad::psyslog().
>     -Split psad.conf into a separate config file for each of the
>      four psad daemons.
>     -Completely re-worked the auto blocking code (made dedicated
>      files for iptables and ipchains block methods).
>     -Added danger level hash.
>     -Minor code cleanups (shorter hash keys, etc.).
> --Mike
> Michael Rash
> http://www.cipherdyne.com
> Key fingerprint = 53EA 13EA 472E 3771 894F  AC69 95D8 5D6B A742 839F
> _______________________________________________
> list mailing list
> list at dshield.org
> To change your subscription options (or unsubscribe), see: http://www.dshield.org/mailman/listinfo/list

More information about the list mailing list