Michael Rash, Security Researcher

Software Release - psad-1.3.4

The 1.3.4 release of psad is ready for download. Here is an excerpt from the ChangeLog:
  • Bugfix for init script directory on Slackware systems.
  • Bugfix for null prefix counters.
  • Added --whois-analysis argument since whois lookups are now disabled by default when running in analysis (-A) mode.
  • Updated psad_init() to rework setup() and import orderings vs. --fw-analyze and --Benchmark modes.
  • Added bidirectional iptables auto-blocking support for all chains except for the INPUT and OUTPUT chains.
  • Better syslog message support when run in auto-blocking mode.
  • Added iptables auto-block rules section to --Status output.
  • Added init script for Fedora systems.
  • Added default_log() function to IPTables::Parse. This function parses user defined chains in an effort to find default logging rules.