sshguard v. 1.0 is coming in some weeks, with a couple of relevant
changes that
maintainers should be aware of:
1) attack recognition is no longer done by mean of regular
expressions, but
with a yacc/bison grammar specification.
Effects:
- sensible improvement in power of recognition (from regular languages
to context-free ones)
- can recognize hostnames ("UseDNS no" sshd setting recommendation now
superseded)
- can recognize IPv6 addresses
- any customization made to the regexp recognizing attacks on your
system is lost
(I recommend reporting any unrecognized attack pattern to me for
inclusion in the original source.
You can do it directly or via
http://sshguard.sourceforge.net/newattackpatt.php )
2) the path of iptables can be set with ./configure
--with-iptables=/path.../iptables
|
