Install psad on CentOS 6

Psad is a tool used to analyse iptables log messages to detect port scans and other suspicious traffic.


# yum install perl-IPTables-ChainMgr perl-Date-Calc perl-Unix-Syslog
# rpm -Uvh

Start the daemon and check status:

# /etc/init.d/psad start
# psad --Status

Note that if a firewall is not configured to log packets, then psad will not detect port scans or anything else.

Leave a Reply

Your email address will not be published. Required fields are marked *