Source: psad
Section: admin
Priority: optional
Maintainer: Franck Joncourt <franck@debian.org>
Uploaders: Daniel Gubser <guterm@debian.org>
Build-Depends: debhelper (>= 7), dpkg-dev (>= 1.16.1~)
Standards-Version: 3.9.5
Vcs-git: git://anonscm.debian.org/collab-maint/psad.git
Vcs-Browser: https://anonscm.debian.org/gitweb/?p=collab-maint/psad.git
Homepage: http://www.cipherdyne.org/psad/

Package: psad
Architecture: linux-any
Depends: ${misc:Depends}, ${shlibs:Depends}, ${perl:Depends},
 libunix-syslog-perl, iptables, rsyslog | system-log-daemon,
 libnet-ip-perl, libdate-calc-perl, libcarp-clan-perl,
 whois, psmisc, libiptables-parse-perl, libiptables-chainmgr-perl,
 default-mta | mail-transport-agent, bsd-mailx | mailx | mailutils,
 lsb-base, initscripts (>= 2.88dsf-13.3)
Suggests: fwsnort, bastille
Description: Port Scan Attack Detector
 PSAD is a collection of four lightweight system daemons (in Perl and
 C) designed to work with iptables to detect port scans. It features:
  * a set of highly configurable danger thresholds (with sensible
    defaults provided);
  * verbose alert messages that include the source, destination,
    scanned port range, beginning and end times, TCP flags, and
    corresponding Nmap options;
  * reverse DNS information;
  * alerts via email;
  * automatic blocking of offending IP addresses via dynamic firewall
    configuration.
 .
 When combined with fwsnort and the iptables string match extension,
 PSAD is capable of detecting many attacks described in the Snort rule
 set that involve application layer data.
