From d6a2fa77830fb94975fcc3969b886a2026741fc2 Mon Sep 17 00:00:00 2001 From: Andrzej Telszewski Date: Sat, 9 Apr 2022 16:53:16 +0200 Subject: network/sshguard: Updated for version 2.4.2. Signed-off-by: Andrew Clemons Signed-off-by: Willy Sudiarto Raharjo --- network/sshguard/README | 34 ++++++++++++++++++++-------------- 1 file changed, 20 insertions(+), 14 deletions(-) (limited to 'network/sshguard/README') diff --git a/network/sshguard/README b/network/sshguard/README index 9e31763a32..fd59f1d8b6 100644 --- a/network/sshguard/README +++ b/network/sshguard/README @@ -1,17 +1,23 @@ -SSHGuard protects hosts from brute-force attacks against SSH and -other services. It has been written entirely in C and has no external -dependencies and no configuration file. SSHGuard aggregates system -logs and blocks repeat offenders. It can read log messages from -standard input (suitable for piping from syslog) or monitor one or -more log files. Log messages are parsed, line-by-line, for recognized -patterns. If an attack, such as several login failures within a few -seconds, is detected, the offending IP is blocked. Offenders are -unblocked after a set interval, but can be semi-permanently banned -using the blacklist option. +sshguard protects hosts from brute-force attacks against SSH and other +services. It aggregates system logs and blocks repeat offenders using +one of several firewall backends, including iptables, ipfw, and pf. + +sshguard can read log messages from standard input (suitable for piping +from syslog) or monitor one or more log files. Log messages are parsed, +line-by-line, for recognized patterns. If an attack, such as several +login failures within a few seconds, is detected, the offending IP is +blocked. Offenders are unblocked after a set interval, but can be semi- +permanently banned using the blacklist option. IMPORTANT: -You will need to properly set up "sshguard" chain in iptables. For -further information PLEASE CONSULT MAN PAGE, installed together with -this package. The information available on the website tends to be -outdated, (it is well worth reading anyway). +1. You will need to properly set up an "sshguard" chain in your firewall + backend. For further information consult `sshguard-setup(7)`. + +2. Starting with version 2.0.0, SSHGuard **requires** a config file + to start. `sshguard.conf` as shipped with this SlackBuild provides + defaults such that they reassemble the values that were previously + specified on the command line in the `rc.sshguard` script. + + See `examples/sshguard.conf.sample` in the doc directory for + additional config options. -- cgit v1.2.3