Menu
▾
▴
[SSHGuard-users] Feedback needed on 1.7.0
|
From: Kevin Z. <kev...@gm...> - 2016-07-25 23:23:23
|
Dear SSHGuard users, SSHGuard 1.7.0 was planned for August, bringing bug fixes, backend changes, and minor attack signature improvements. Some of these changes need feedback and testing, and the release won't happen without you! In no particular order, items that need feedback: Backends have been rewritten. PF is well-tested, IPFW should work, but iptables is untested because I don't have a Linux box handy. The hosts backend should work but needs more testing. If it turns out that nobody cares about testing/running it I'll drop it from 1.7.0. Does process validation still work? Should it be dropped from 1.7.0? LogSucker is deprecated. If you're having issues, use sshg-logtail to monitor your logs and pipe it into SSHGuard. In future releases "-l" may just be a convenience flag that invokes sshg-logtail. External hooks are gone. If you need hooks, edit the sshg-fw script. sshg-fw and sshg-parser are installed in libexec. Only sshg-fw is currently needed for SSHGuard to run, but sshg-parser is useful for checking if your logs are correctly parsed. To test, check out the 'master' branch from SSHGuard's Bitbucket repository. If there's anything I can do to make testing easier, please let me know. Thanks, Kevin -- Kevin Zheng kev...@gm... | ke...@be... | PGP: 0xC22E1090 |
