Michael Rash, Security Researcher

Software Release - psad-1.4.3

The 1.4.3 release of psad is ready for download. Here is an excerpt from the ChangeLog:
  • Bugfixes for auto-blocking code. Timeouts should be handled properly, including cached IP addresses in the auto_blocked_iptables file that are referenced upon psad startup. Communication with the running psad is performed over a Unix domain socket in --fw-block mode.
  • Bugfix to seek to the end of the fwdata file instead of reading the entire thing into memory and then looking for newly written logging messages. This drastically reduces the amount of memory required by psad.
  • Updated to only display psad chains if --verbose is set.
  • Updated to automatically flush the psad auto-response Netfilter chains at start time (subject to a new config keyword "FLUSH_IPT_AT_INIT").