'sshdfilter' blocks ssh brute force attacks by reading sshd log output in real time and adding iptables rules based on authentication failures. Block rules are created by logging on with an invalid user name, or wrongly guessing the password for an existing account; they are removed after a week to maintain a small list of blocks. Tha package also comes with a LogWatch filter.
released on 20 July 2005
|License||Verified by||Verified on||Notes|
|SimplePermissiveNoNonWarranty||Janet Casey||20 July 2005|
Leaders and contributors
Resources and communication
|Weak prerequisite||LogWatch 6.1.x or later (to use LogWatch scripts)|
This entry (in part or in whole) was last reviewed on 20 July 2005.
Permission is granted to copy, distribute and/or modify this document under the terms of the GNU Free Documentation License, Version 1.3 or any later version published by the Free Software Foundation; with no Invariant Sections, no Front-Cover Texts, and no Back-Cover Texts. A copy of the license is included in the page “GNU Free Documentation License”.
The copyright and license notices on this page only apply to the text on this page. Any software or copyright-licenses or other similar notices described in this text has its own copyright notice and license, which can usually be found in the distribution or license text itself.