Menu
▾
▴
Re: [SSHGuard-users] Feedback needed on 1.7.0
|
From: <li...@la...> - 2016-07-26 03:21:40
|
Once the install to tmp is done, I should do a service sshguard stop. I gather I should find the options used by the daemon used by 1.6.4 and then run the binary in tmp using those options. Here is a reminder on how to build for those who stumble on those auto tools that seem anything but auto to me: http://www.sshguard.net/docs/setup/compile-install/ As an aside, I've seen a major uptick in hacking starting last Thursday. Without naming names, a country that recently thwarted a coup has been running masscan (something like zmap). I have obvious scripts been run on port 80. The exact same sequence of hacks originating from all over the place, which I assume are compromised systems. You should never have your guard down, but now seems like a bad time. So if there are problems, I want to switch back to the existing sshguard pronto. Original Message From: Kevin Zheng Sent: Monday, July 25, 2016 7:59 PM To: li...@la...; ssh...@li... Subject: Re: [SSHGuard-users] Feedback needed on 1.7.0 On 07/25/2016 19:51, li...@la... wrote: > Since this is a major change, can 1.7.0 be tested without being the > daemon? That build the code, but don't do the make install step, then > run the code from where it was built. You'll need to run `make install` because SSHGuard looks for the helper script sshg-fw in PREFIX. However, you can install to a different prefix: $ ./configure --prefix /tmp/sshguard $ make install SSHGuard will be installed using /tmp/sshguard as a prefix, which means you don't even have to be root to run `make install`. To test, running /tmp/sshguard/sbin/sshguard will suffice. > While I have your ear, is there some way to flush/reset table 22? > Mine seems to be on permanent block. As root, run: # ipfw table 22 flush If this results in an error we'll have to troubleshoot. Best, Kevin -- Kevin Zheng kev...@gm... | ke...@be... | PGP: 0xC22E1090 |
