Menu
▾
▴
Re: [Sshguard-users] Is sshguard working?
|
From: <do...@sa...> - 2015-08-31 18:19:35
|
I am running FreeBSD of various versions 7-10. All show this problem. My question goes back to the original question except that I am apparently the only one on the list using inetd. My initial reasons for this being I am several hours away from my servers and this seemed more prudent as testing mistakes are slightly less fatal than with ipfw. And much more easily circumvented. Anyway, the inet version exhibits the same characteristic as originally described. That is I see 50-100 entries logged within a minute before sshguard gets a block inserted. Restarting inetd is not required to pickup changes in the file. I was assuming this to be a scheduling issue. In my case all the instances of this are with PAM errors. One way to do this would be to launch all 100 (or so) attempts. The time stamps suggests they are arriving about 1/sec but this could be PAM queuing the requests. _____ Douglas Denault http://www.safeport.com do...@sa... Voice: 301-217-9220 Fax: 301-217-9277 |
