Source: psad
Section: admin
Priority: optional
Maintainer: Franck Joncourt <franck.joncourt@gmail.com>
Build-Depends: debhelper (>= 9)
Standards-Version: 3.9.8
Vcs-git: https://anonscm.debian.org/git/collab-maint/psad.git
Vcs-Browser: https://anonscm.debian.org/cgit/collab-maint/psad.git
Homepage: http://www.cipherdyne.org/psad/

Package: psad
Architecture: linux-any
Depends: ${misc:Depends}, ${shlibs:Depends}, ${perl:Depends},
 libunix-syslog-perl, iptables, rsyslog | system-log-daemon,
 libnet-ip-perl, libdate-calc-perl, libcarp-clan-perl,
 whois, psmisc, libiptables-parse-perl, libiptables-chainmgr-perl,
 default-mta | mail-transport-agent, bsd-mailx | mailx | mailutils,
 lsb-base, net-tools, iproute2
Suggests: fwsnort
Description: Port Scan Attack Detector
 PSAD is a collection of four lightweight system daemons (in Perl and
 C) designed to work with iptables to detect port scans. It features:
  * a set of highly configurable danger thresholds (with sensible
    defaults provided);
  * verbose alert messages that include the source, destination,
    scanned port range, beginning and end times, TCP flags, and
    corresponding Nmap options;
  * reverse DNS information;
  * alerts via email;
  * automatic blocking of offending IP addresses via dynamic firewall
    configuration.
 .
 When combined with fwsnort and the iptables string match extension,
 PSAD is capable of detecting many attacks described in the Snort rule
 set that involve application layer data.