From BackTrack Linux
- URL : http://www.nanotechfibers.com/
- Twitter: http://twitter.com/#!/rickflores_
- Email : email@example.com
psad: Intrusion Detection and Log Analysis with iptables
What is PSAD?
PSAD is a collection of three lightweight system daemons (two main daemons and one helper daemon) that run on Linux machines and analyze #iptables log messages to detect port scans and other suspicious traffic. A typical deployment is to run psad on the iptables firewall where it #has #the fastest access to log data.
- Verify md5sum, and public key:
root@bt:~# cd /usr/local/src root@bt: /usr/local/src# wget http://cipherdyne.org/psad/download/psad-2.1.7.tar.bz2 root@bt: /usr/local/src# wget http://cipherdyne.org/psad/download/psad-2.1.7.tar.bz2.md5 root@bt: /usr/local/src# wget http://cipherdyne.org/psad/download/psad-2.1.7.tar.bz2.asc root@bt: /usr/local/src# wget http://cipherdyne.org/public_key root@bt: /usr/local/src# md5sum -c psad-2.1.7.tar.bz2.md5 psad-2.1.7.tar.bz2: OK root@bt: /usr/local/src# gpg --import public_key root@bt: /usr/local/src# gpg --verify psad-2.1.7.tar.bz2.asc #gpg: Signature made Wed 14 Jul 2010 06:01:06 PM EDT using DSA key ID 0D3E7410 #gpg: Good signature from "Michael Rash (Signing key for cipherdyne.org projects) <firstname.lastname@example.org>"
- Install PSAD:
root@bt: /usr/local/src# tar xfj psad-2.1.7.tar.bz2 root@bt: /usr/local/src# cd psad-2.1.7 root@bt: /usr/local/src/psad-2.1.7# ./install.pl # Would you like to install the latest signatures from # http://www.cipherdyne.org/psad/signatures (y/n)? y
- Start PSAD:
Notice you will get the following error:
root@bt:/usr/local/src/psad-2.1.7# /etc/init.d/psad start Starting psad: [*] Could not find mail, edit /etc/psad/psad.conf at /usr/sbin/psad line 9679.
To fix this we will need to edit psad.conf located in /etc/psad/ and add an email address as follows:
root@bt:/usr/local/src/psad-2.1.7# vim /etc/psad/psad.conf
Also check out: More References
- Author Bio: My passions are nanoEngineering, Ruby programming, software exploitation, exploit development, embedded hardware hacking. I also enjoy lifting weights, combat-swimming, Ninjutsu, Parkour (free-running), Krav Maga and MMA. I 'believe" you can evolve into anything you wish with the right mental discipline, toughness and physical conditioning.