diff --git a/CHANGELOG b/CHANGELOG
index ff01e993..a547cb5d 100644
--- a/CHANGELOG
+++ b/CHANGELOG
@@ -13,6 +13,7 @@ ver. 0.9.0 (2007/??/??) - alpha
 - Made interactive mode optional in fail2ban-client
 - Fixed vulnerability in sshd.conf. Thanks to Daniel B. Cid
 - Expand <HOST> in ignoreregex. Thanks to Yaroslav Halchenko
+- Improved regular expressions. Thanks to Yaroslav Halchenko
 
 ver. 0.8.0 (2007/05/03) - stable
 ----------
diff --git a/config/filter.d/sshd-ddos.conf b/config/filter.d/sshd-ddos.conf
index 2a907e88..9720ab4a 100644
--- a/config/filter.d/sshd-ddos.conf
+++ b/config/filter.d/sshd-ddos.conf
@@ -14,7 +14,7 @@
 #          (?:::f{4,6}:)?(?P<host>\S+)
 # Values:  TEXT
 #
-failregex = sshd\[\S*\]: Did not receive identification string from <HOST>
+failregex = sshd(?:\[\d+\])?: Did not receive identification string from <HOST>$
 
 # Option:  ignoreregex
 # Notes.:  regex to ignore. If this regex matches, the line is ignored.
diff --git a/config/filter.d/vsftpd.conf b/config/filter.d/vsftpd.conf
index 34e3da92..3c4bb11b 100644
--- a/config/filter.d/vsftpd.conf
+++ b/config/filter.d/vsftpd.conf
@@ -14,7 +14,7 @@
 #          (?:::f{4,6}:)?(?P<host>\S+)
 # Values: TEXT
 #
-failregex = vsftpd: .* authentication failure; .* rhost=<HOST>$
+failregex = vsftpd(?:\[\d+\])?: .* authentication failure; .* rhost=<HOST>$
             \[.+\] FAIL LOGIN: Client "<HOST>"$
 
 # Option:  ignoreregex
diff --git a/config/filter.d/wuftpd.conf b/config/filter.d/wuftpd.conf
index e7981e1e..2d08022d 100644
--- a/config/filter.d/wuftpd.conf
+++ b/config/filter.d/wuftpd.conf
@@ -2,7 +2,7 @@
 #
 # Author: Yaroslav Halchenko
 #
-# $Revision:  $
+# $Revision$
 #
 
 [Definition]
@@ -11,4 +11,4 @@
 # Notes.: regex to match the password failures messages in the logfile.
 # Values: TEXT
 #
-failregex = wu-ftpd\[\d+\]:\s+\(pam_unix\)\s+authentication failure.* rhost=<HOST>
+failregex = wu-ftpd(?:\[\d+\])?:\s+\(pam_unix\)\s+authentication failure.* rhost=<HOST>$