Install psad on CentOS 6

Psad is a tool used to analyse iptables log messages to detect port scans and other suspicious traffic.

Installation

# yum install perl-IPTables-ChainMgr perl-Date-Calc perl-Unix-Syslog
# rpm -Uvh http://www.cipherdyne.org/psad/download/psad-2.4.1-1.x86_64.rpm

Start the daemon and check status:

# /etc/init.d/psad start
# psad --Status

Note that if a firewall is not configured to log packets, then psad will not detect port scans or anything else.

Leave a Reply

Your email address will not be published. Required fields are marked *