github
/
fail2ban
mirror of https://github.com/fail2ban/fail2ban
1
0
Fork 0
Code Issues Releases Wiki Activity

adjusted failregex for SSH

debian-releases/etch
Yaroslav Halchenko 2005-10-09 17:12:46 +00:00
parent 782dabdc7e
commit 9a374592e7
2 changed files with 5 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
config/fail2ban.conf.default
View File

@ -301,4 +301,4 @@ timepattern = %%b %%d %%H:%%M:%%S
# Notes.: regex to match the password failures messages in the logfile.
# Values: TEXT Default: (?:Authentication failure|Failed (?:keyboard-interactive/pam|password)) for(?: illegal user)? .* from (?:::f{4,6}:)?(?P<host>\S*)
#
failregex = (?:Authentication failure|Failed (?:keyboard-interactive/pam|password)) for(?: illegal user)? .* from (?:::f{4,6}:)?(?P<host>\S*)
failregex = : (?:Authentication failure for |Failed (?:keyboard-interactive/pam|password|unknown) for )?(?:[iI]llegal user )?.* from (?:::f{4,6}:)?(?P<host>\S*)

5
debian/changelog vendored
View File

@ -1,8 +1,11 @@
fail2ban (0.5.4-5.1) unstable; urgency=low
fail2ban (0.5.4-5.2) unstable; urgency=low
* Added a notification regarding the importance of 0.5.4-5 change of
failregex in the config file
* Adjusted address to FSF
* Adjusted failregex for SSH so it bans "Illegal user" entries as well, and
restricted full failregex more to include ":" at the beginning, because
otherwise it might not be sufficient and would revive bug 330827
-- Yaroslav Halchenko <debian@onerussian.com> Mon, 3 Oct 2005 22:26:28 -1000