Linux Today: Linux News On Internet Time.

NewsForge: Detecting Suspicious Network Traffic with psad

Apr 27, 2005, 05:30 (0 Talkback[s])
(Other stories by Paul Virijevich)

"Have you ever wondered how many people are scanning your server looking for weaknesses? One way to find out is to install the Port Scan Attack Detector (psad), is a collection of three lightweight system daemons that alert you to suspicious network activity by analyzing iptables log files.

"With psad you can:

  • "Detect port scans
  • "View a report of all attacks, along with system resources consumed by PSAD..."

Complete Story

Related Stories: