From 046f219eafdb917848be8ec1482fd3336634d56a Mon Sep 17 00:00:00 2001
From: Yaroslav Halchenko <debian@onerussian.com>
Date: Fri, 3 Mar 2006 21:14:34 +0000
Subject: [PATCH] adjusted

---
 debian/README.Debian | 12 ++++++++++++
 1 file changed, 12 insertions(+)

diff --git a/debian/README.Debian b/debian/README.Debian
index d8ad922c..17f29ee3 100644
--- a/debian/README.Debian
+++ b/debian/README.Debian
@@ -74,6 +74,8 @@ happening with firestarter), errors get reported during the exit of
 fail2ban, but they are "safe" and can be ignored.
 
 
+** SSHD Configuration Specific Problems
+
 * Ban "Not allowed" attempts:
 
 Make sure that you have
@@ -85,6 +87,16 @@ Details from the bug report #350980 [2]
 [2]  http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=350980
 
 
+* Not caught attempts to login as root
+
+On the boxes running older versions of openssh (e.g. sarge
+distribution) in the case when PermitRootLogin is set to something
+else than "yes" and iff AllowUsers is active, failed root logins do
+not confirm to the standard logging message -- they omit the source
+IP, thus allowing attack to persist since such messages are not caught
+by fail2ban.
+
+
 * Bantime:
 
 An IP is banned for "bantime" not since the last failed login attempt