Re: [SSHGuard-users] Remove ip from blocked table

SourceForge Headquarters 1320 Columbia Street Suite 310 San Diego, CA 92101 +1 (858) 422-6466

On 06/10/16 23:34, Henri Shustak wrote:
> A couple of further questions relating to this discussion (sorry for thread hijacking) : 
> 
>  (Q1) The main page makes no mention of this db file. 
>       Is there a default location for this argument which 
>       allows you to specify a path to the blocked db file? 
>       Man Page Link : http://www.sshguard.net/docs/man/sshguard/1_5/

We've been calling it the 'db' file, but it's actually just the
blacklist. You can specify the path and threshold using the '-b' option.

>  (Q2) Is it possible to have SSH guard just hold the blocked IP 
>       addresses in memory (rather than disk) so that a restart 
>       will clear all the blocked entires?

Yes, just don't use the '-b' option. Some startup scripts (for example,
FreeBSD's rc.d) enables blacklisting by default.

Best,
Kevin

-- 
Kevin Zheng
kev...@gm... | ke...@be... | PGP: 0xC22E1090

Re: [SSHGuard-users] Remove ip from blocked table

Intelligently block brute-force attacks by aggregating system logs

Re: [SSHGuard-users] Remove ip from blocked table