Submitted by tensai on
Hot off the text editor, grab your copy of SSH Lockout now. Supplies are infinite. New features in this version include:
- CIDR style addressing for whitelists
- syslog logging
- SYS V init script
To implement CIDR, SSH Lockout now depends on NetAddr::IP. See your local CPAN mirror for a copy.
3 Comments
Thanks
Submitted by Robert (not verified) on
Thanks for making this public - This is just what I needed.
I had to tweak it a bit (my logfile is at /var/log/secure) and add some additional patterns...examples below.
Here's what I see when I goof up my password:
sshd[9067]: Failed password for rpaxton from 207.44.202.100 port 45641 ssh2
And here is what I see (a LOT) from the script kiddies:
sshd[8502]: Illegal user amber123456789 from 205.177.72.76
Re: Thanks
Submitted by tensai on
Glad I could help. I'll be releasing a new version Real Soon Now that has a number of new features, including new log parsing code that will match the two lines you posted. I've been running it on my server (*this* server, in fact) for a few months working out all the bugs.
Thanx for this great tool. It
Submitted by Anonymous (not verified) on
Thanx for this great tool. It's exactly what the doctor ordered. Looking forward to the new release :D