Menu
▾
▴
Re: [Sshguard-users] Failed password attempts
|
From: Mij <mi...@bi...> - 2007-10-31 21:19:34
|
forrest, You know that syslog has the capability to dispatch logs depending on rules, not only deterministically to one same file. Please follow the instructions on http://sshguard.sourceforge.net/doc/ setup/setup.html and particularly, for the syslog setup, follow the "Older flavour setup" On 31/ott/07, at 17:05, Forrest Aldrich wrote: > It seems reasonable that sshguard should be able to detect failed > password attempts, too. I realize there is "faillog" on Linux > systems > for that, but not on FreeBSD. My system log was jammed with over > 1000 of > these entries from last night: > > Oct 31 10:03:22 gw sshd[55652]: Failed password for root from > 213.186.38.84 port 53650 ssh2 > Oct 31 10:03:23 gw sshd[55654]: Failed password for root from > 213.186.38.84 port 44049 ssh2 > Oct 31 10:03:24 gw sshd[55656]: Failed password for root from > 213.186.38.84 port 49587 ssh2 > Oct 31 10:03:25 gw sshd[55658]: Failed password for root from > 213.186.38.84 port 41421 ssh2 > Oct 31 10:03:25 gw sshd[55660]: Failed password for root from > 213.186.38.84 port 36564 ssh2 > Oct 31 10:03:26 gw sshd[55662]: Failed password for root from > 213.186.38.84 port 35111 ssh2 > Oct 31 10:03:27 gw sshd[55664]: Failed password for root from > 213.186.38.84 port 49382 ssh2 > > > > > ---------------------------------------------------------------------- > --- > This SF.net email is sponsored by: Splunk Inc. > Still grepping through log files to find problems? Stop. > Now Search log events and configuration files using AJAX and a > browser. > Download your FREE copy of Splunk now >> http://get.splunk.com/ > _______________________________________________ > Sshguard-users mailing list > Ssh...@li... > https://lists.sourceforge.net/lists/listinfo/sshguard-users |
