Chapter 5. INTRODUCING PSAD: THE PORT SCAN ATTACK DETECTOR

In this chapter I'll introduce the Port Scan Attack Detector, or psad for short. We will cover installation, administration, and configuration issues in this chapter and leave the heavy lifting on psad operations and auto-response for the next two chapters.

History

The software project that became psad began as a part of Bastille Linux in the fall of 1999, when the Bastille development team decided that Bastille should offer a lightweight network intrusion detection component. At the time, Peter Watkins was developing the excellent firewalling scripts that are still bundled with Bastille today, so it was a natural next step to develop an IDS tool based on information provided in firewall ...

Get Linux Firewalls now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Linux Firewalls by

Chapter 5. INTRODUCING PSAD: THE PORT SCAN ATTACK DETECTOR

History

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly