FICHA · AUR
psad
Port Scan Attack Detector: Makes use of iptables log messages to detect, alert, and (optionally) block port scans and other suspect traffic
- Port scan detection daemon
- SERVICE
- NETWORK
- Launchable
- Runs in terminal
- Background service
· official+codex · reviewed · Jun 3, 2026 description in en
Port scans and suspicious traffic can be detected from iptables log messages with alerting and optional blocking. This daemon is for administrators who monitor exposed Linux systems and want intrusion-detection signals. Blocking rules can disrupt legitimate traffic, and logs may contain IP addresses and network metadata.
How to run
psad
Commands: psad
Permissions
Permissions not analysed for this source yet.