[SSHGuard-users] More debugging output

SourceForge Headquarters 225 Broadway Suite 1600 San Diego, CA 92101 +1 (858) 422-6466

Hi,

just a little proposal for an improvment: trying to figure out why certain
actions get the matches/score they do, it would be very helpful if the
"Attack from..." messages could contain the rule that matched. Like
"Attack from xxx on service 100 (SSH_MAXAUTH) with danger.."

I had to patch that myself to figure out why so many rules matched
for my ssh, but I just added stupid print statements in attack_scanner.c,
so I cannot offer a valid patch for this.

cu,
Frank

-- 
Dipl.-Inform. Frank Steiner   Web:  http://www.bio.ifi.lmu.de/~steiner/
Lehrstuhl f. Bioinformatik    Mail: http://www.bio.ifi.lmu.de/~steiner/m/
LMU, Amalienstr. 17           Phone: +49 89 2180-4049
80333 Muenchen, Germany       Fax:   +49 89 2180-99-4049
* Rekursion kann man erst verstehen, wenn man Rekursion verstanden hat. *

[SSHGuard-users] More debugging output

Intelligently block brute-force attacks by aggregating system logs

[SSHGuard-users] More debugging output