Fedora 14 Update: psad-2.1.7-1.fc14

updates at fedoraproject.org updates at fedoraproject.org
Wed Jan 5 21:24:53 UTC 2011 

--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2010-18177
2010-11-26 00:21:25
--------------------------------------------------------------------------------

Name        : psad
Product     : Fedora 14
Version     : 2.1.7
Release     : 1.fc14
URL         : http://www.cipherdyne.org/psad/
Summary     : Port Scan Attack Detector (psad) watches for suspect traffic
Description :
Port Scan Attack Detector (psad) is a collection of three lightweight
system daemons written in Perl and in C that are designed to work with Linux
iptables firewalling code to detect port scans and other suspect traffic.  It
features a set of highly configurable danger thresholds (with sensible
defaults provided), verbose alert messages that include the source,
destination, scanned port range, begin and end times, tcp flags and
corresponding nmap options, reverse DNS info, email and syslog alerting,
automatic blocking of offending ip addresses via dynamic configuration of
iptables rulesets, and passive operating system fingerprinting.  In addition,
psad incorporates many of the tcp, udp, and icmp signatures included in the
snort intrusion detection system (http://www.snort.org) to detect highly
suspect scans for various backdoor programs (e.g. EvilFTP, GirlFriend,
SubSeven), DDoS tools (mstream, shaft), and advanced port scans (syn, fin,
xmas) which are easily leveraged against a machine via nmap.  psad can also
alert on snort signatures that are logged via fwsnort
(http://www.cipherdyne.org/fwsnort/), which makes use of the
iptables string match module to detect application layer signatures.

--------------------------------------------------------------------------------
ChangeLog:

* Thu Nov 25 2010 Peter Vrabec <pvrabec at redhat.com>  2.1.7-1
- upgrade
* Tue Aug 11 2009 Ville Skyttä <ville.skytta at iki.fi> - 2.1.3-4
- Use bzipped upstream tarball.
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #609756 - SELinux is preventing /usr/bin/perl "write" access      on psad.
        https://bugzilla.redhat.com/show_bug.cgi?id=609756
  [ 2 ] Bug #583538 - psad has a few issues - I attached a selinux policy which may help
        https://bugzilla.redhat.com/show_bug.cgi?id=583538
--------------------------------------------------------------------------------

This update can be installed with the "yum" update program.  Use 
su -c 'yum update psad' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.

All packages are signed with the Fedora Project GPG key.  More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------

More information about the package-announce mailing list