Menu
▾
▴
#17 patterm misspell for proftpd
I've noticed that sshguard doesn't block incorrect password attempts for proftpd.
Guess, the code has a misspell in file src/parser/attack_scanner.l (on line 188):
/\* another log entry from ProFTPd \*/
{HOSTADDR}" ("[[]+"[" { BEGIN(proftpd_loginerr); return PROFTPD_LOGINERR_PREF; }
"]) - USER "{WORD}" (Login failed): ".* { BEGIN(INITIAL); return PROFTPD_LOGINERR_SUFF; }
Shouldn't ("[[]+"[" be ("[^\[]+"[" ?
