[Bastille-linux-discuss] psad-1.3.4 release
This tool locks down Linux and UNIX systems.
Brought to you by:
jay
Menu
▾
▴
[Bastille-linux-discuss] psad-1.3.4 release
|
From: Michael R. <mb...@ci...> - 2004-10-21 04:15:58
|
Hi all - psad-1.3.4 has been released. Here are the changes: - Bugfix for init script directory on Slackware systems. - Bugfix for null prefix counters. - Added --whois-analysis argument since whois lookups are now disabled by default when running in analysis (-A) mode. - Updated psad_init() to rework setup() and import orderings vs. --fw-analyze and --Benchmark modes. - Added bidirectional iptables auto-blocking support for all chains except for the INPUT and OUTPUT chains. - Better syslog message support when run in auto-blocking mode. - Added iptables auto-block rules section to --Status output. - Added init script for Fedora systems. - Added default_log() function to IPTables::Parse. This function parses user defined chains in an effort to find default logging rules. - Added EMAIL_LIMIT_STATUS_MSG to control whether or not psad sends a status email when the PSAD_EMAIL_LIMIT threshold has been reached by an IP address. - Added ENABLE_SCAN_ARCHIVE to control whether or not psad archives old scan data within /var/log/psad/scan_archive at start time. I think I got everyone in the credits file who made suggestions, but if not please don't hesitate to send me an email. As usual, psad can be downloaded here: http://www.cipherdyne.org/psad/download/ Thanks to Daniel Gubser for creating a Debian package of psad: http://www.gutreu.ch/debian Also, there is a new documentation link that describes all of the important psad configuration keywords here: http://www.cipherdyne.org/psad/config.html --Mike Michael Rash http://www.cipherdyne.org/ Key fingerprint = 53EA 13EA 472E 3771 894F AC69 95D8 5D6B A742 839F |
