Displaying 20 results from an estimated 36 matches for "sshguard".
2010 Dec 09
4
Asterisk SIP attacks and sshguard
...that runs once a minute and creates little spikes in the
usage and I/O graphs, and is slower to respond than I'd really prefer.
I felt that it'd be much cooler to get something more comprehensive
put together. We don't use fail2ban because I don't like having to
install python.
sshguard is a high-performance compiled C application that can run
off a log file or a pipe from syslogd to sshguard, meaning that it
can respond a lot more quickly than once a minute, and works with
very modest overhead on the host system. It also has features such
as touchiness, so that it can get toughe...
2018 Feb 25
2
RFC 8305 Happy Eyeballs in OpenSSH
Has anyone checked to make sure that this won't upset sshguard? [1]
Offhand, it looks like it will [2][3].
[1] https://www.sshguard.net/
[2] https://bitbucket.org/sshguard/sshguard/src/2ed7e0aee18b7271daab92d5335c14e04bb2cc89/src/parser/attacks.txt?at=master&fileviewer=file-view-default#attacks.txt-9
[3] https://bitbucket.org/sshguard/sshguard/src/2ed7e0...
2020 May 22
4
fail2ban setup centos 7 not picking auth fail?
I use SSHGuard on well ssh (doh!), but supposedly you can use it for postfix and dovecot also. I can tell you it is well supported. I am on Centos 7 using firewalld.
? Original Message ?
From: adi at ddns.com.au
Sent: May 21, 2020 11:01 PM
To: voytek at sbt.net.au
Cc: dovecot at dovecot.org
Subject: Re: fa...
2019 Nov 21
2
Is there an sshguard script for logwatch?
Hi all,
I wonder if there is a script to analyze logfiles for llogwatch and
sshguard?
Anyone knows?
Adrian
--
Adri P. van Bloois
"Elegance is not a dispensable luxury but a factor that decides between
success and failure."
Edsger W. Dijkstra
2020 May 23
1
fail2ban setup centos 7 not picking auth fail?
...'re discussing the subject, I've got a soft spot for CSF as a replacement for fail2ban, and it has a lot of additional features as well.
https://www.configserver.com/cp/csf.html
P.
On 22/05/2020 18.32, Jerry wrote:
> On Thu, 21 May 2020 23:22:04 -0700, lists stated:
>> I use SSHGuard on well ssh (doh!), but supposedly you can use it for
>> postfix and dovecot also. I can tell you it is well supported. I am
>> on Centos 7 using firewalld.
>
> SSHGuard works fairly well with Postfix; however, it is virtually
> useless with Dovecot. It never picks up on &quo...
2019 Nov 21
0
Is there an sshguard script for logwatch?
On Thu, 2019-11-21 at 13:44 +0100, Adrian van Bloois wrote:
> I wonder if there is a script to analyze logfiles for llogwatch and
> sshguard?
> Anyone knows?
You can take an existing script, for another piece of software reported
by Logwatch, retain the beginning and ending parts, and create your own
version. The completed script should be placed in /etc to ensure it is
not over-written by software updates.
It can be difficult sor...
2014 Oct 04
0
CentOS-docs Digest, Vol 95, Issue 5
Good suggestion for sshguard. pjwelsh
https://wiki.gentoo.org/wiki/Sshguard
http://www.funtoo.org/Package:Sshguard
There you go, I give permission to cross license & plagiarize my *ntoo
content to centos's wiki. it should be very similar to a cent box
except for yum install sshguard && chkconfig sshguard (...
2016 Aug 29
1
.htaccess file
...isco.ca.us> wrote:
> On 2016-08-28, TE Dukes <tdukes at palmettoshopper.com> wrote:
>
>> Right now, I'm just trying to take some load off my
>> home server from badbots but I am getting hit on other services as well.
>
> Another possibility for you to look at is sshguard. It can protect
> against brute force ssh attacks (using iptables rules, which is how I
> use it) but IIRC it can also protect against http attacks (I've never
> used it that way, so I don't know how difficult this is).
I use fail2ban, provides similar functionality like sshguard...
2019 Sep 25
1
Spam Blocking by filtering on username / id
...log in, its just that there are so many attempts logged, that it fills up 90% of my logs with noise, and prevents me from seeing the other important events.
> Are users able to login without the @domain part?
No. All valid mail accounts are in the form user at domain.com
> There is also sshguard that will do the same thing.
> One of these should probably be running anyway as they help mitigate issues where someone keep hammering on your system, however in the days of DDOS, they are less helpful than they used to be.
I'll take a look at sshguard, although it looks like its retroacti...
2008 Jul 21
20
Ideas for stopping ssh brute force attacks
...have noticed my web server and email box have attempted to ssh'd to
using weird names like admin,appuser,nobody,etc.... None of these are
valid users. I know that I can block sshd all together with iptables but
that will not work for us. I did a little research on google and found
programs like sshguard and sshdfilter. Just wanted to know if anyone had
any experience with anything like these programs or have any other advice.
I really appreciate it.
--
Bo Lynch
2020 May 22
0
fail2ban setup centos 7 not picking auth fail?
On Thu, 21 May 2020 23:22:04 -0700, lists stated:
>I use SSHGuard on well ssh (doh!), but supposedly you can use it for
>postfix and dovecot also. I can tell you it is well supported. I am
>on Centos 7 using firewalld.
SSHGuard works fairly well with Postfix; however, it is virtually
useless with Dovecot. It never picks up on "auth fail" and a f...
2018 Feb 23
6
RFC 8305 Happy Eyeballs in OpenSSH
Hello,
I use hosts that are dual stack configured (IPv4 and IPv6) and it
happens that connectivity through one or the other is broken and
timeouts. In these case connection to the SSH server can take quite some
time as ssh waits for the first address to timeout before trying the
next.
So I gave a stab at implementing RFC 8305. This patch implements part of
it in sshconnect.c.
* It does not do
2013 Jun 20
2
init.d scripts not starting at boot
...le is crond;
Chkconfig output:
crond 0:off 1:off 2:on 3:on 4:on 5:on 6:off
permissions in init.d:
-rwxr-xr-x 1 root root 2793 Jul 18 2011 crond
The processes that aren't loading are;
Clamd, directadmin, exim, freshclam, httpd, mysqld, ossec, proftpd, sshguard
Any ideas what I need to check/change to resolve this problem?
Thanks everyone!
2016 Aug 28
5
.htaccess file
> -----Original Message-----
> From: centos-bounces at centos.org [mailto:centos-bounces at centos.org] On
> Behalf Of Keith Keller
> Sent: Sunday, August 28, 2016 4:23 PM
> To: centos at centos.org
> Subject: Re: [CentOS] .htaccess file
>
> On 2016-08-28, TE Dukes <tdukes at palmettoshopper.com> wrote:
> >
> > I'm just not following or understanding.
2019 Sep 23
4
Spam Blocking by filtering on username / id
This is probably quite an easy question, but I haven't been able to find the answer. I'm running a server where all the email addresses are in the format "user at domain.com". I've noticed that a large number of fake login attempts use the format "user" eg. reception, service, root, admin.
Is it possible to prevent any such logins to these email users without an
2015 Feb 03
3
Another Fedora decision
On Tue, 2015-02-03 at 15:51 -0500, Jonathan Billings wrote:
> Also, it isn't up to the *installer* to set up a system that resists
> brute-force password attacks.
Give us the tools to do the job !
My amalgamated idea is:-
(1) When external access gets a password wrong 'n' occasions, as
determined by the SysAdmin, the external IP address is automatically
permanently blocked
2019 Mar 08
3
[Bug 1326] New: `nft list' is very slow when output contains meters that has lots of elements
...type filter hook forward priority 0; policy accept;
}
chain output {
type filter hook output priority 0; policy accept;
}
}
real 0m2.837s
user 0m0.320s
sys 0m1.200s
Even for a completely unrelated table:
# time nft list table ip sshguard
table ip sshguard {
set attackers {
type ipv4_addr
flags interval
elements = { 118.25.1.73, 120.92.15.82,
122.2.16.126, 193.112.52.201,
222.186.30.71 }
}
chain blacklis...
2014 Oct 03
2
CentOS-docs Digest, Vol 95, Issue 2
...-docs mailing list
> CentOS-docs at centos.org
> http://lists.centos.org/mailman/listinfo/centos-docs
>
>
> End of CentOS-docs Digest, Vol 95, Issue 2
> ******************************************
>
i think the rate limiting section sucks too... it should instead be
suggesting sshguard which can ban multiple failed login attempts for
variable amounts of time. i have mine set to ban for a week. fail2ban
can do the same for passwords but you can stream keys to it.
-666threesixes666
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists...
2008 Aug 21
12
machine hangs on occasion - correlated with ssh break-in attempts
Hello!
A machine I manage remotely for a friend comes under a distributed ssh
break-in attack every once in a while. Annoyed (and alarmed) by the
messages like:
Aug 12 10:21:17 symbion sshd[4333]: Invalid user mythtv from 85.234.158.180
Aug 12 10:21:18 symbion sshd[4335]: Invalid user mythtv from 85.234.158.180
Aug 12 10:21:20 symbion sshd[4337]: Invalid user mythtv from 85.234.158.180
Aug 12
2008 Aug 21
12
machine hangs on occasion - correlated with ssh break-in attempts
Hello!
A machine I manage remotely for a friend comes under a distributed ssh
break-in attack every once in a while. Annoyed (and alarmed) by the
messages like:
Aug 12 10:21:17 symbion sshd[4333]: Invalid user mythtv from 85.234.158.180
Aug 12 10:21:18 symbion sshd[4335]: Invalid user mythtv from 85.234.158.180
Aug 12 10:21:20 symbion sshd[4337]: Invalid user mythtv from 85.234.158.180
Aug 12