Index | index by Group | index by Distribution | index by Vendor | index by creation date | index by Name | Mirrors | Help | Search |
Name: sshguard | Distribution: SUSE Linux Enterprise 15 SP4 |
Version: 2.4.2 | Vendor: openSUSE |
Release: bp154.1.25 | Build date: Thu May 12 08:52:22 2022 |
Group: Productivity/Networking/Security | Build host: s390zl25 |
Size: 1762848 | Source RPM: sshguard-2.4.2-bp154.1.25.src.rpm |
Packager: https://bugs.opensuse.org | |
Url: https://www.sshguard.net/ | |
Summary: SSH brute force attack protector |
Sshguard protects networked hosts from brute force attacks against ssh servers. It detects such attacks and blocks the attacker's address with a firewall rule.
ISC
* Sun May 16 2021 Enrico Belleri <idesmi@protonmail.com> - Changed 'BACKEND' to "/usr/libexec/sshg-fw-iptables" from incorrect syntax * Wed May 12 2021 Ferdinand Thiessen <rpm@fthiessen.de> - Update to version 2.4.2 * Recognize rejections from Postfix's postscreen daemon * The parser can now be changed using the 'PARSER' and 'POST_PARSER' options * Remove some false positive attack signatures for SSH and Cyrus * Adjust log verbosity of some log messages * The *firewalld* backend now uses *firewall-cmd* instead of 'iptables' to flush block lists * Wed Aug 26 2020 Joop Boonen <joop.boonen@opensuse.org> - Build version 2.4.1 * Recognize RFC 5424 syslog banners * Recognize busybox syslog -S banners * Recognize rsyslog banners * Recognize web services TYPO3, Contao, and Joomla * Update signatures for Dovecot * Update signatures for OpenSSH * Whitelist entire 127.0.0.0/8 and ::1 block * Whitelist file allows inline comments * Fix FILES and LOGREADER configuration file options - boo#1124121 * Tue Jun 11 2019 Joop Boonen <joop.boonen@opensuse.org> - Build version 2.4.0 * Match "Failed authentication attempt" for Gitea * Log human-readable service names instead of service code * Correctly terminate child processes when sshguard is killed * No longer accept logs given via standard input * Wed Feb 06 2019 joop.boonen@opensuse.org - Removed not needed files and service files as sshguard can now parse journal files - /etc/sysconfig/sshguard is not used any more as sshguard uses it's own config file * Mon Feb 04 2019 Jan Engelhardt <jengelh@inai.de> - Use noun phrase in summary. - Join %service_* to reduce generated boilerplate. * Thu Jan 24 2019 liedke@rz.uni-mannheim.de - Build version 2.3.1 * Fix OpenSSH "Did not receive identification string" * Fix syslog banner detection on macOS - Build version 2.3.0 * Add signatures for Courier IMAP/POP and OpenVPN * Add signatures for TLS failures against Cyrus IMAP * Match more attacks against SSHD, Cockpit, and Dovecot * Update SSH invalid user signature for macOS * Add to and remove from ipfw table quietly * Reduce "Connection closed... [preauth]" score to 2 * Switch ipsets to hash:net * Don't recreate existing ipsets * Match more log banners (Fix greedy SYSLOG_BANNER) - Build version 2.2.0 * Add '--disable-maintainer-mode' in configure for package maintainers * BusyBox log banner detection * Match Exim "auth mechanism not supported" * Match Exim "auth when not advertised" * Match Postfix greylist early retry * OpenSMTPD monitoring support * Recognize IPv6 addresses with interface name * Ignore CR in addition to LF * Only log attacks if not already blocked or whitelisted * Use correct signal names in driver shell script - Build version 2.1.0 * Add nftables backend * Add monitoring support for new service: Cockpit, Linux server dashboard * Match "maximum authentication attempts" for SSH * Match Debian-style "Failed password for invalid user" for SSH * Add monitoring support for new service: Common webserver probes, in Common Log Format * Match 'Disconnecting invalid user' for SSH * Add monitoring support for new service: WordPress, in Common Log Format * Add monitoring support for new service: SSHGuard * Firewall backends now support blocking subnets. * Add new IPV6_SUBNET and IPV4_SUBNET configuration options. Defaults to traditional single-address blocking. * Add monitoring support for new service: OpenSMTPD * Log whitelist matches with higher priority * Match port number in "invalid user" attack * FirewallD backend reloads firewall configuration less often. - Build version 2.0.0 * Add firewalld backend * Add ipset backend * Annotate logs using -a flag to sshg-parser * Match "no matching cipher" for SSH * Preliminary support for Capsicum and pledge() * Resurrect ipfilter backend * Support reading from os_log on macOS 10.12 and systemd journal * Add warning when reading from standard input * Build and install all backends by default * Improve log messages and tweak logging priorities * Runtime flags now configurable in the configuration file * SSHGuard requires a configuration file to start * Remove process validation (-f option) * Fix ipfw backend on FreeBSD 11 * Fix initial block time * Update Dovecot pattern for macOS * Use standard score for Sendmail auth attack * Thu Nov 08 2018 joop.boonen@opensuse.org - Corrected the service scripts, start after network.target * Thu Nov 23 2017 rbrown@suse.com - Replace references to /var/adm/fillup-templates with new %_fillupdir macro (boo#1069468) * Wed Mar 01 2017 joop.boonen@opensuse.org - Add a systemd journal tail so sshguard can parse this file * Thu Dec 29 2016 joop.boonen@opensuse.org - Build version 1.7.1 - Add sample Mac OS X 10.12 style launchd.plist - Allow multiple forward slashes in process name - Log released addresses only when debugging - Process validation (``-f`` option) is deprecated - Adjust TIMESTAMP_ISO8601 for Mac OS X 10.12 - Fix build error in hosts backend - Fix empty functions in firewall scripts causing errors with Bash - Flush stdout after every line in sshg-parser - Add *sshg-logtail* - Add *sshg-parser* - Control firewall using *sshg-fw* - Match "no matching key exchange method" for SSH - Hosts backend is deprecated - Logsuck (``-l`` option) is deprecated, use *sshg-logtail* instead - Process validation (``-f`` option) is deprecated - Remove external hooks (``-e`` option) - Remove support for genfilt and ipfilter backends - Accept socklog messages without a timestamp - Fix excessive logging causing endless looping in logsuck - Fix undefined assignment of initial inode number - Match Postfix pre-authentication disconnects - Fix bashisms in iptables backend - Fix size argument in inet_ntop() call - Remove excessive logging when polling from files - Keep looking for unreadable files while polling - Update Dovecot signature for POP3 - Match "Connection reset" message for SSH - Resurrect PID file option by popular demand - Adjust default abuse threshold * Fri Feb 19 2016 joop.boonen@opensuse.org - Added a corrected attack treshold value (40 default) * Thu Feb 18 2016 eshmarnev@suse.com - Build version 1.6.3 - Disable blacklisting by default - Implement logging as wrappers around syslog(2) - Improve log and error messages - Match sendmail authentication failures - Remove PID file option - Remove SIGTSTP and SIGCONT handler - Remove reverse mapping attack signature - Remove safe_fgets() and exit on interrupt - Terminate state entries for hosts blocked with pf - Update and shorten command-line usage - Use 'configure' to set feature-test macros - Updated patch file for new version of sshguard * Mon Jan 11 2016 joop.boonen@opensuse.org - Added ip6tables support handles via init and service files * Fri Oct 16 2015 joop.boonen@opensuse.org - Corrected a iptables error, that prevented sshguard from functioning correctly * Thu Oct 15 2015 joop.boonen@opensuse.org - Moved blacklist.db to /var/lib/sshguard/db/blacklist.db analog most SUSE packages * Thu Oct 15 2015 joop.boonen@opensuse.org - Corrected the blacklist as it's auto generated - Improved sysconfig * Wed Oct 14 2015 joop.boonen@opensuse.org - Build version 1.6.2 + Make '-w' option backwards-compatible for iptables (James Harris) + Remove support for ip6fw and 'ipfw-range' option + Rewrite ipfw backend using command framework - The white and black list now initially reside in files /etc/sshguard/whitelist|blacklist * Mon Sep 28 2015 joop.boonen@opensuse.org - Build version 1.6.1 - Added sshguard-gcc5.patch so it also builds via gcc5 - Created a sshguard.service file so it'll run on systemd systems
/etc/sshguard /etc/sshguard.conf /etc/sshguard/whitelist /usr/lib/sshg-blocker /usr/lib/sshg-fw-firewalld /usr/lib/sshg-fw-hosts /usr/lib/sshg-fw-ipfilter /usr/lib/sshg-fw-ipfw /usr/lib/sshg-fw-ipset /usr/lib/sshg-fw-iptables /usr/lib/sshg-fw-nft-sets /usr/lib/sshg-fw-null /usr/lib/sshg-fw-pf /usr/lib/sshg-logtail /usr/lib/sshg-parser /usr/lib/systemd/system/sshguard.service /usr/sbin/rcsshguard /usr/sbin/sshguard /usr/share/doc/packages/sshguard /usr/share/doc/packages/sshguard/CHANGELOG.rst /usr/share/doc/packages/sshguard/README.rst /usr/share/doc/packages/sshguard/doc /usr/share/doc/packages/sshguard/doc/sshguard-setup.7 /usr/share/doc/packages/sshguard/doc/sshguard-setup.7.rst /usr/share/doc/packages/sshguard/doc/sshguard.8 /usr/share/doc/packages/sshguard/doc/sshguard.8.rst /usr/share/doc/packages/sshguard/doc/sshguard.dot /usr/share/doc/packages/sshguard/examples /usr/share/doc/packages/sshguard/examples/net.sshguard.plist /usr/share/doc/packages/sshguard/examples/sshguard.conf.sample /usr/share/doc/packages/sshguard/examples/sshguard.service /usr/share/doc/packages/sshguard/examples/whitelistfile.example /usr/share/licenses/sshguard /usr/share/licenses/sshguard/COPYING /usr/share/man/man7/sshguard-setup.7.gz /usr/share/man/man8/sshguard.8.gz /var/lib/sshguard /var/lib/sshguard/db
Generated by rpm2html 1.8.1
Fabrice Bellet, Tue Jul 9 16:14:43 2024