15 lines
891 B
Plaintext
15 lines
891 B
Plaintext
SSHGuard protects hosts from brute-force attacks against SSH and other services.
|
|
It has been written entirely in C and has no external dependencies and no
|
|
configuration file. SSHGuard aggregates system logs and blocks repeat offenders.
|
|
It can read log messages from standard input (suitable for piping from syslog)
|
|
or monitor one or more log files. Log messages are parsed, line-by-line, for
|
|
recognized patterns. If an attack, such as several login failures within a few
|
|
seconds, is detected, the offending IP is blocked. Offenders are unblocked after
|
|
a set interval, but can be semi-permanently banned using the blacklist option.
|
|
|
|
IMPORTANT:
|
|
You will need to properly set up "sshguard" chain in iptables. For further
|
|
information PLEASE CONSULT MAN PAGE, installed together with this package.
|
|
The information available on the website tends to be outdated, (it is well
|
|
worth reading anyway).
|