psad - Port Scan Attack Detector

Property Value
Distribution Debian 8 (Jessie)
Repository Debian Main i386
Package name psad
Package version 2.2.3
Package release 1
Package architecture i386
Package type deb
Installed size 751 B
Download size 169.92 KB
Official Mirror
PSAD is a collection of four lightweight system daemons (in Perl and
C) designed to work with iptables to detect port scans. It features:
* a set of highly configurable danger thresholds (with sensible
defaults provided);
* verbose alert messages that include the source, destination,
scanned port range, beginning and end times, TCP flags, and
corresponding Nmap options;
* reverse DNS information;
* alerts via email;
* automatic blocking of offending IP addresses via dynamic firewall
When combined with fwsnort and the iptables string match extension,
PSAD is capable of detecting many attacks described in the Snort rule
set that involve application layer data.


Package Version Architecture Repository
psad_2.2.3-1_amd64.deb 2.2.3 amd64 Debian Main
psad - - -


Name Value
bsd-mailx -
default-mta -
initscripts >= 2.88dsf-13.3
iptables -
libc6 >= 2.4
libcarp-clan-perl -
libdate-calc-perl -
libiptables-chainmgr-perl -
libiptables-parse-perl -
libnet-ip-perl -
libunix-syslog-perl -
lsb-base -
mail-transport-agent -
mailutils -
mailx -
perl -
psmisc -
rsyslog -
system-log-daemon -
whois -


Type URL
Binary Package psad_2.2.3-1_i386.deb
Source Package psad

Install Howto

  1. Update the package index:
    # sudo apt-get update
  2. Install psad deb package:
    # sudo apt-get install psad




2014-08-25 - Franck Joncourt <>
psad (2.2.3-1) unstable; urgency=low
* Imported Upstream version 2.2.3
- Closes: #724267 - permissions of /etc/hosts.deny are modified
* Bumped up debian policy to 3.9.5 (no changes)
* Updated Vcs URIs to use canonical names.
2014-01-17 - Franck Joncourt <>
psad (2.2.2-1) unstable; urgency=low
* Imported Upstream version 2.2.2
2013-07-04 - gregor herrmann <>
psad (2.2.1-2.1) unstable; urgency=low
* Non-maintainer upload with maintainer's permission.
* Fix "prompting due to modified conffiles which were not modified by
the user":
d/psad.preinst: also revert changes to conffile when we install with an
old version.
(Closes: #675231)
2013-01-06 - Franck Joncourt <>
psad (2.2.1-2) unstable; urgency=low
* Enabled back the kmsgsd daemon.
- Refreshed patch fixes_build.diff.
- d.rules: Added back the kmsgsd daemon.
* d.rules: Added missing protocols files into /etc/psad.
2013-01-03 - Franck Joncourt <>
psad (2.2.1-1) unstable; urgency=low
* Acknowledged NMU (2.2-3.1).
* d.rules : do not install the kmsgd daemon anymore since it is not
used anymore.
* Allowed the makefile to use the hardening flags :
- d.rules : added the hardening stanza
- fixes_build.diff : updated the Makefile to use the CFLAGS, CPPFLAGS
- d.control : Added BD on dpkg-dev (>= 1.16.1~)
* Imported Upstream version 2.2.1
- Removed applied patch t_upstream_hyphen.diff.
* Bumped up Standards-Version to 3.9.4:
- Added dependency ind.control against initscripts (>= 2.88dsf-13.3)
to ensure the run directory is available.
* d.control: Removed BD against lsb-base.
2012-11-18 - gregor herrmann <>
psad (2.2-3.1) unstable; urgency=low
* Non-maintainer upload with maintainer's approval.
* Fix "modifies conffiles (policy 10.7.3): /etc/psad/psad.conf", second try:
- add back changes to d.psad.preinst that revert changes to
- but only for upgrades from versions before 2.2-3
(Closes: #688891)
2012-10-28 - Franck Joncourt <>
psad (2.2-3) unstable; urgency=low
* Fix "modifies conffiles (policy 10.7.3): /etc/psad/psad.conf"
(Closes: #688891). Thanks gregoa to help me fix this.
- Reverted the changes from 2.2-2 in d.psad.preinst.
- Removed the d.psad.postinst script which updated the HOSTNAME variable
from psad.conf. The psad daemon can start without the default value in
psad.conf (_CHANGEME_).
* Removed the /var/run/psad directory in d.psad.postrm when purging the
2012-06-05 - Franck Joncourt <>
psad (2.2-2) unstable; urgency=low
* d.psad.preinst: Revert the changes done by the postinst script in the
preinst script so that dpkg does not see any configuration changes and
does not trigger the user during upgrade. (Closes: #675231).
2012-05-28 - Franck Joncourt <>
psad (2.2-1) unstable; urgency=low
* Imported Upstream version 2.2
+ Bug fix for ICMP packet handling (Closes: #596240 )
+ Bug fix for 'qw(...) usage as parenthesis' warnings for perl > 5.14
(Closes: #655040)
+ Updated perl dependency from libnetwork-ipv4addr-perl to libnet-ip-perl
in d.control.
+ Added the icmp6_types file in /etc/psad through d.rules.
* Refreshed patch fixes_build.diff.
* Bumped up Standards-Version to 3.9.3:
+ Refreshed copyright holders and updated d.copyright to comply with the
1.0 machine-readable copyright file specification.
* d.psad.init:
+ Added LSB description in d.psad.init.
+ Added use of log_daemon_msg, log_end_msg...
+ Made the initscript to end successfully when a start action is performed
and the daemon is already running
2012-04-22 - Robert Millan <>
psad (2.1.7-1.1) unstable; urgency=low
* Non-maintainer upload.
* Set Architecture to linux-any.  (Closes: #647657)

See Also

Package Description
pscan_1.2-9_i386.deb Format string security checker for C files
psensor-common_1.1.3-2+deb8u1_all.deb common files for Psensor and Psensor server
psensor-server_1.1.3-2+deb8u1_i386.deb Psensor server for monitoring hardware sensors remotely
psensor_1.1.3-2+deb8u1_i386.deb display graphs for monitoring hardware temperature
psf-unifont_7.0.06-1_all.deb PSF (console) version of GNU Unifont with APL support
psgml_1.4.0-5_all.deb Emacs major mode for editing SGML documents
psi-plus-common_0.16.330-1_all.deb common files for Psi+
psi-plus-l10n_0.16.330-1_all.deb localization files for Psi+
psi-plus-plugin-psimedia_1.0.4-1_i386.deb Plugin for Psi/Psi+ for audio and video calls
psi-plus-plugins_0.16.330-1+b1_i386.deb plugins for Psi+
psi-plus-skins_0.16.330-1_all.deb skins for Psi+
psi-plus-sounds_0.16.330-1_all.deb sound files for Psi+
psi-plus-webkit_0.16.330-1+b1_i386.deb Qt-based XMPP/Jabber client (WebKit version)
psi-plus_0.16.330-1+b1_i386.deb Qt-based XMPP/Jabber client (basic version)
psi-translations_1.11_all.deb Translations for psi