[Sshguard-users] sshguar has not stopped attack

SourceForge Headquarters 1320 Columbia Street Suite 310 San Diego, CA 92101 +1 (858) 422-6466

sshguar has not stopped attack from IP, which were sent 1 ssh in 1 
second - to 2-10 seconds.
In my opinion attack needs to be stopped if from one IP more -a<> hits 
in -p<> seconds.

Mar 10 14:30:27 router sshd[28492]: Invalid user raimundo from 83.15.28.2
Mar 10 14:30:28 router sshd[28494]: Invalid user joan from 83.15.28.2
Mar 10 14:30:33 router sshd[28496]: Invalid user johan from 83.19.51.22
Mar 10 14:30:34 router sshd[28498]: Invalid user sebastian from 83.15.28.2
Mar 10 14:30:35 router sshd[28500]: Invalid user agata from 83.15.28.2
Mar 10 14:30:40 router sshd[28502]: Invalid user administrator from 
83.19.51.22
Mar 10 14:30:42 router sshd[28506]: Invalid user alexandre from 83.19.51.22
Mar 10 14:30:43 router sshd[28508]: Invalid user joseluis from 83.15.28.2
Mar 10 14:30:44 router sshd[28510]: Invalid user ppazmino from 83.15.28.2
Mar 10 14:30:46 router sshd[28512]: Invalid user utilidades from 83.19.51.22
Mar 10 14:30:47 router sshd[28514]: Invalid user utilidad from 83.15.28.2
Mar 10 14:30:48 router sshd[28516]: Invalid user amstelecom from 83.15.28.2
Mar 10 14:30:50 router sshd[28518]: Invalid user dedlogistica from 
83.15.28.2
Mar 10 14:30:51 router sshd[28520]: Invalid user dsantiago from 83.19.51.22
Mar 10 14:30:52 router sshd[28522]: Invalid user marcia from 83.15.28.2
Mar 10 14:30:54 router sshd[28524]: Invalid user consultoria from 83.15.28.2
Mar 10 14:30:55 router sshd[28526]: Invalid user primaveras from 83.15.28.2
Mar 10 14:30:56 router sshd[28528]: Invalid user salvatore from 83.19.51.22
Mar 10 14:30:58 router sshd[28530]: Invalid user comerciais from 83.15.28.2
Mar 10 14:30:59 router sshd[28532]: Invalid user cartas from 83.19.51.22
Mar 10 14:31:00 router sshd[28534]: Invalid user carta from 83.15.28.2
Mar 10 14:31:01 router sshd[28536]: Invalid user moralez from 83.15.28.2
Mar 10 14:31:10 router sshd[28538]: Invalid user nieves from 83.19.51.22
Mar 10 14:31:11 router sshd[28540]: Invalid user sol from 83.15.28.2
Mar 10 14:31:12 router sshd[28542]: Invalid user perla from 83.15.28.2
Mar 10 14:31:13 router sshd[28544]: Invalid user rocio from 83.19.51.22
Mar 10 14:31:15 router sshd[28546]: Invalid user simon from 83.19.51.22
Mar 10 14:31:16 router sshd[28548]: Invalid user sergio from 83.19.51.22
Mar 10 14:31:17 router sshd[28550]: Invalid user altagracia from 83.15.28.2
Mar 10 14:31:19 router sshd[28552]: Invalid user piedad from 83.19.51.22
........

Now I try svn rev. 85 with:
router:~/sshguard_svn_090310/sshguard/src# ./sshguard -d -a 2 -b 
1:/var/cache/sshguard/blacklist

-- 
Leonid Shulov <Leo...@en...>
Entropic Communications Israel

[Sshguard-users] sshguar has not stopped attack

Intelligently block brute-force attacks by aggregating system logs

[Sshguard-users] sshguar has not stopped attack