Menu
▾
▴
Re: [Sshguard-users] sshguard 1.4.4 and vsftpd 2.2.2
|
From: Mij <mi...@ss...> - 2010-08-10 20:08:57
|
Hi J, When you doubt that SSHGuard is detecting a message, have a quick glance at http://www.sshguard.net/docs/reference/attack-signatures/ and see if that's supposed to be supported. In this specific case, though, notice that vsftpd support has been added in 1.5beta3, and was not present in 1.4. (See http://freshmeat.net/projects/sshguard/releases ). cheers On Aug 10, 2010, at 21:33 , op...@ni... wrote: > Hello, > > I have been pulling my hair for the past hour trying to get sshguard > (1.4.4) to play nice with vsftpd (2.2.2). Frustrated, I tried to parse > my log message in the debug mode, here is the result: > > Started successfully [(a,p,s)=(4, 420, 1200)], now ready to scan. > [testuser] FAIL LOGIN: Client "192.168.1.12" > Starting parse > Entering state 0 > Reading a token: --accepting rule at line 183 ("[") > Next token is token '[' () > Cleanup: discarding lookahead token '[' () > Stack now 0 > >> From that I gather that sshguard did not recognize the message? Is it > a bug, or am I doing something wrong? > > Some help would be appreciated. > > Regards, > J. |
