Menu
▾
▴
[Sshguard-users] New name, new game?
|
From: Johan B. <bu...@be...> - 2010-07-05 12:05:19
|
Hello, Since switching to 1.5, sshguard has slowly evolved in my server park from a "ssh blocker" to something completely different. The way I see it, sshguard's strengths are scanning multiple logfiles and acting upon a specific behavior. Instead of throwing ssh in getting pf out, I would for instance like to shove it failed wordpress attempts and feed them to a nginx config or perhaps a pf tarpit. With this in mind, a couple of things makes "living" with sshguard a tad more complex: - writing recognition patterns is a tedious and compile-time-only process - only allows for calls to pf/iptables/whatnot - not having a config file (recently raised on list) Some issues are cured with simple solutions such as letting nginx write custom logs which match a current filter and to wrap calls to pf in shell scripts - but the question remains; In what direction is sshguard heading? See this more as an open question rather than a feature request since it's more about roadmap than anything else. Cheers, Johan |
