FICHA · AUR

psad

Port Scan Attack Detector: Makes use of iptables log messages to detect, alert, and (optionally) block port scans and other suspect traffic

  • Port scan detection daemon
  • SERVICE
  • NETWORK
  • Launchable
  • Runs in terminal
  • Background service
official+codex · reviewed · Jun 3, 2026 description in en

Description

Port scans and suspicious traffic can be detected from iptables log messages with alerting and optional blocking. This daemon is for administrators who monitor exposed Linux systems and want intrusion-detection signals. Blocking rules can disrupt legitimate traffic, and logs may contain IP addresses and network metadata.

How to run

psad

Commands: psad

Permissions

Permissions not analysed for this source yet.