git: sshlockout - Add sshlockout utility
matt at gsicomp.on.ca
Thu Jan 1 08:33:57 PST 2015
Question - why are we adding tools to base (eg sshlockout) when there are general-purpose tools that already exist that do this quite well (example - fail2ban)?
From: Users [mailto:users-bounces at dragonflybsd.org] On Behalf Of bycn82
Sent: Thursday, January 01, 2015 6:21 AM
To: Matthew Dillon
Cc: users at dragonflybsd.org
Subject: Re: git: sshlockout - Add sshlockout utility
I am interested in this topic.
But IMHO. I think it will be good to use IPFW, because we can use "dynamic rule" to block the traffic, and each "dynamic rule" should have it's own expiry.
So this sshlockout just need to monitor the ssh log and determine when and how to insert a correct "dynamic rule".
On 1 January 2015 at 11:24, Matthew Dillon <dillon at crater.dragonflybsd.org> wrote:
Author: Matthew Dillon <dillon at apollo.backplane.com>
Date: Wed Dec 31 19:21:47 2014 -0800
sshlockout - Add sshlockout utility
* Add sshlockout utility, typically setup as a syslog pipe. This utility
monitors for failed ssh login attempts and excessive preauth failures
and will add a rule via IPFW to block the originating IP.
The operator also typically sets up a cron job to clean out the IPFW rules
that have accumulated once a day.
* See man page for details. Still under construction (feel free to submit
TODO - IPV6
TODO - Use a PF table instead of IPFW, which will greatly improve
performance if a lot of rules have to be added.
Summary of changes:
usr.sbin/Makefile | 1 +
usr.sbin/sshlockout/Makefile | 6 +
.../monitor.1 => usr.sbin/sshlockout/sshlockout.8 | 72 +++---
usr.sbin/sshlockout/sshlockout.c | 279 +++++++++++++++++++++
4 files changed, 327 insertions(+), 31 deletions(-)
create mode 100644 usr.sbin/sshlockout/Makefile
copy usr.bin/monitor/monitor.1 => usr.sbin/sshlockout/sshlockout.8 (60%)
create mode 100644 usr.sbin/sshlockout/sshlockout.c
DragonFly BSD source repository
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Users