SSH Lockout 0.4.0 Released

Hot off the text editor, grab your copy of SSH Lockout now. Supplies are infinite. New features in this version include:

  • CIDR style addressing for whitelists
  • syslog logging
  • SYS V init script

To implement CIDR, SSH Lockout now depends on NetAddr::IP. See your local CPAN mirror for a copy.

SSH Lockout 0.4.0

3 Comments

Thanks

Thanks for making this public - This is just what I needed.

I had to tweak it a bit (my logfile is at /var/log/secure) and add some additional patterns...examples below.

Here's what I see when I goof up my password:
sshd[9067]: Failed password for rpaxton from 207.44.202.100 port 45641 ssh2

And here is what I see (a LOT) from the script kiddies:
sshd[8502]: Illegal user amber123456789 from 205.177.72.76

Re: Thanks

Glad I could help. I'll be releasing a new version Real Soon Now that has a number of new features, including new log parsing code that will match the two lines you posted. I've been running it on my server (*this* server, in fact) for a few months working out all the bugs.

Thanx for this great tool. It

Thanx for this great tool. It's exactly what the doctor ordered. Looking forward to the new release :D

Subscribe to Comments for "SSH Lockout 0.4.0 Released" Subscribe to zmonkey.org - All comments