Menu
▾
▴
Re: [SSHGuard-users] key exchange ssh not being blocked
|
From: <li...@la...> - 2017-05-26 01:22:14
|
I can't find the location of sshg-parser. The program isn't in my search path and I have looked in the obvious places. On FreeBSD, sshguard is located in /usr/local/sbin. Once I have sshg-parser, I will feed it an archived log. Original Message From: Kevin Zheng Sent: Thursday, May 25, 2017 5:33 PM To: ssh...@li... Subject: Re: [SSHGuard-users] key exchange ssh not being blocked On 05/25/2017 17:04, li...@la... wrote: > sshguard 1.7 is not catching key exchange ssh hacks. The number of > fools attempting such a hack is small, but some are persistent. I've > been blocking them by hand. I can't reproduce your issue. Specifically, I checked out the 1.7.1 sshg-parser and ran: $ echo "May 24 20:37:06 theranch sshd[60250]: fatal: Unable to negotiate with 172.81.185.192 port 50267: no matching key exchange method found. Their offer: diffie-hellman-group1-sha1 [preauth]" | sshg-parser And got an attack. -- Kevin Zheng kev...@gm... | ke...@be... | PGP: 0xC22E1090 ------------------------------------------------------------------------------ Check out the vibrant tech community on one of the world's most engaging tech sites, Slashdot.org! http://sdm.link/slashdot _______________________________________________ sshguard-users mailing list ssh...@li... https://lists.sourceforge.net/lists/listinfo/sshguard-users |
