[SSHGuard-users] Call for testing and feedback for SSHGuard 2.0

SourceForge Headquarters 225 Broadway Suite 1600 San Diego, CA 92101 +1 (858) 454-5900

Hi there,

A lot of work to get SSHGuard working with new log sources (journalctl, 
macOS log) and backends (firewalld, ipset) has happened in 2.0.

The new version also uses a configuration file.

Some deprecated backends have been resurrected (hosts, ipfilter).

Most importantly, SSHGuard has been split into several processes piped 
into one another (sshg-logmon | sshg-parser | sshg-blocker | sshg-fw). 
sshg-parser can run with capsicum(4) and pledge(2). sshg-blocker can be 
sandboxed in its default configuration (without pid file, whitelist, 
blacklisting) and has not been tested sandboxed in other configurations.

The sshguard program is now a driver script that glues everything 
together. It's probably still a little fragile.

Some cleanup work remains. Documentation is also being updated.

I encourage package maintainers and people with suitable test 
environments to give the new code a shot and provide feedback.

The experimental code is available on SourceForge as 1.99.0 [1].

Thanks,
Kevin

[1] https://sourceforge.net/projects/sshguard/files/sshguard/1.99.0/

-- 
Kevin Zheng
kev...@gm... | ke...@be... | PGP: 0xC22E1090

[SSHGuard-users] Call for testing and feedback for SSHGuard 2.0

Intelligently block brute-force attacks by aggregating system logs

[SSHGuard-users] Call for testing and feedback for SSHGuard 2.0