mirror of
https://github.com/Ponce/slackbuilds
synced 2024-11-25 10:03:03 +01:00
…
|
||
---|---|---|
.. | ||
doinst.sh | ||
rc.sshguard | ||
README | ||
slack-desc | ||
sshguard.conf | ||
sshguard.info | ||
sshguard.SlackBuild |
sshguard protects hosts from brute-force attacks against SSH and other services. It aggregates system logs and blocks repeat offenders using one of several firewall backends, including iptables, ipfw, and pf. sshguard can read log messages from standard input (suitable for piping from syslog) or monitor one or more log files. Log messages are parsed, line-by-line, for recognized patterns. If an attack, such as several login failures within a few seconds, is detected, the offending IP is blocked. Offenders are unblocked after a set interval, but can be semi- permanently banned using the blacklist option. IMPORTANT: 1. You will need to properly set up an "sshguard" chain in your firewall backend. For further information consult `sshguard-setup(7)`. 2. Starting with version 2.0.0, SSHGuard **requires** a config file to start. `sshguard.conf` as shipped with this SlackBuild provides defaults such that they reassemble the values that were previously specified on the command line in the `rc.sshguard` script. See `examples/sshguard.conf.sample` in the doc directory for additional config options.