fail2ban

Commit Graph

Author	SHA1	Message	Date
Daniel Black	28d8aec511	DOC: Arch Linux link	2013-11-21 07:05:21 +11:00
Daniel Black	24c143b411	Merge pull request #445 from grooverdan/suhosin TST: more test cases for suhosin	2013-11-19 15:23:59 -08:00
Daniel Black	015b403df0	TST: more test cases for suhosin	2013-11-20 10:01:06 +11:00
Yaroslav Halchenko	629e9ae445	Merge pull request #443 from grooverdan/apache-authfix BF: apache filters using error log weren't matched when referer existed ...	2013-11-18 15:53:39 -08:00
Daniel Black	284f811c91	BF: apache filters using error log weren't matched when referer existed in HTTP header	2013-11-19 10:27:55 +11:00
Yaroslav Halchenko	491165c929	Merge pull request #438 from grooverdan/solid-pop3d ENH: filter for Solid-pop3d	2013-11-17 17:34:46 -08:00
Daniel Black	1ea68b2d0c	DOC: filter.d/solid-pop3d - document lack of PAM support. Thanks to Jacques for the log messages	2013-11-18 09:44:26 +11:00
Daniel Black	0eea0a35db	ENH: filter.d/solid-pop3d - added log messages and regexes	2013-11-18 08:58:23 +11:00
Daniel Black	2c63b1fe93	Merge pull request #439 from yarikoptic/bf/proftpd-millisec ENH: proftpd in Debian (now or forever) has ",milliseconds" in its date format	2013-11-17 12:44:44 -08:00
Daniel Black	b3b9ea4559	ENH: jail for solid-pop3d	2013-11-18 07:42:45 +11:00
Yaroslav Halchenko	82174ea4c4	Changelog for preceding proftpd date format change	2013-11-16 22:18:51 -05:00
Yaroslav Halchenko	d4f6ca4f85	ENH: adding custom date format for proftpd when logging in its own log file (default on Debian) -- includes milliseconds Should resolve Debian #648276	2013-11-16 22:15:58 -05:00
Daniel Black	88eff70774	ENH: filter.d/solid-pop3d added	2013-11-16 09:43:15 +11:00
Daniel Black	ed212fcdcc	DOC: new ChangeLog header	2013-11-16 09:40:05 +11:00
Daniel Black	a7604c899f	DOC: list Wiki pages to update after a release	2013-11-13 09:43:36 +11:00
Daniel Black	752ea054db	DOC: post release version change	2013-11-13 09:01:52 +11:00
Daniel Black	fc213a103e	Merge pull request #437 from grooverdan/0.8.11_release DOC: finalise 0.8.11 release	2013-11-12 13:06:54 -08:00
Daniel Black	d0498bec69	DOC: finalise 0.8.11 release	2013-11-13 08:05:08 +11:00
Daniel Black	286d78e13c	Merge pull request #430 from grooverdan/apache-overflows ENH: Apache overflows - httpd-2.4 message IDs + samples	2013-11-12 12:46:52 -08:00
Daniel Black	50ca16e50e	Merge pull request #431 from grooverdan/apache-noscript ENH: apache-2.4 message IDs for filter apache-noscript	2013-11-12 12:46:09 -08:00
Daniel Black	947c6ff9cc	Merge pull request #433 from grooverdan/asterisk BF/ENH: asterisk connection ID is a hex not decimal number. Add "Rejecting unknown SIP connection from " regex thanks to Jonathan Lanning	2013-11-12 12:45:52 -08:00
Daniel Black	38503a5848	Merge pull request #434 from grooverdan/dos-resistant-dropbear ENH: DoS resistant dropbear filter	2013-11-12 12:45:12 -08:00
Daniel Black	62b1f98dff	Merge pull request #435 from grooverdan/dos-resistant-exim BF: exim filter to be DoS resistant	2013-11-12 12:44:53 -08:00
Daniel Black	0d47ea3348	Merge pull request #436 from grooverdan/dos-resistant-roundcube-auth BF/ENH: DoS resistant roundcube-auth with test cases and more variation from IMAP responses	2013-11-12 12:44:36 -08:00
Daniel Black	be60518218	BF/ENH: DoS resistant roundcube-auth with test cases and more variation in IMAP error given	2013-11-12 18:57:01 +11:00
Daniel Black	52972164a2	BF: exim filter to be DoS resistant	2013-11-12 18:13:35 +11:00
Daniel Black	c272573fe3	ENH: DoS resistant dropbear filter	2013-11-12 18:06:16 +11:00
Daniel Black	eb9663eb4f	BF/ENH: asterisk connection ID is a hex not decimal number. Add "Rejecting unknown SIP connection from <HOST>" regex thanks to Jonathan Lanning	2013-11-12 09:22:41 +11:00
Daniel Black	648d48c355	ENH: apache-2.4 message IDs for filter apache-noscript	2013-11-11 10:49:11 +11:00
Daniel Black	c81ed53805	TST: change source URL	2013-11-11 10:40:12 +11:00
Daniel Black	a4718eb644	ENH: apache-overflow filter to have HTTP-2.4 message IDs and test samples	2013-11-11 10:38:02 +11:00
Daniel Black	87516eb92b	ENH: apache-overflows - more detail on "request failed: URI too long (longer than %d)" with test case	2013-11-11 09:46:40 +11:00
Daniel Black	e8aa676cf5	Merge pull request #429 from grooverdan/filter-develop-doco DOC: Filter development doco	2013-11-10 14:10:10 -08:00
Daniel Black	191c4fda1b	Merge pull request #428 from grooverdan/ssh-dos TST: test case that shows injection into username	2013-11-10 13:39:03 -08:00
Daniel Black	d90130234d	TST: end of json in sshd sample log	2013-11-11 08:29:54 +11:00
Daniel Black	061a26c408	TST: fix space in sshd sample log	2013-11-11 08:28:09 +11:00
Daniel Black	d955714d26	TST: test case that shows injection	2013-11-11 08:11:32 +11:00
Daniel Black	b8f40fef1b	DOC: more on filter regexes - DEVELOP	2013-11-11 08:08:10 +11:00
Daniel Black	c5021b55f6	Merge pull request #427 from yarikoptic/bf/nginx-regex-injection BF: anchor introduced nginx-http-auth at the end	2013-11-08 17:23:03 -08:00
Daniel Black	724c6bfd92	DOC: filter regex debugging	2013-11-09 10:35:13 +11:00
Yaroslav Halchenko	ccd26578ec	Merge pull request #425 from grooverdan/asterisk-simplify ENH: condense asterisk regexs for speed	2013-11-08 14:42:35 -08:00
Yaroslav Halchenko	ac061155f0	BF: anchor introduced nginx-http-auth at the end needed since request probably could be not a correct HTTP statement but continue with all those to match till the end and then injected ", client: VICTIM, server..." thus allowing injection. We better anchor at the end then	2013-11-08 14:40:52 -08:00
Yaroslav Halchenko	49024fe6ea	DOC: minor typos in ChangeLog	2013-11-08 14:36:56 -08:00
Yaroslav Halchenko	ea8fce6308	Merge pull request #426 from yarikoptic/bf/openssh6.3-regex-injection openssh 6.3 regex injection vectors: inject into ruser and/or exploiting pre-specified limits set for user provided data	2013-11-08 14:35:18 -08:00
Yaroslav Halchenko	bf245f9640	DOC: adding DEV Notes for for non-greedy matchin within sshd.conf	2013-11-08 14:34:31 -08:00
Daniel Black	d6bbe03861	Merge pull request #424 from grooverdan/nginx-auth ENH: add filter.d/nginx-http-auth. Partially forfils #405	2013-11-08 14:24:02 -08:00
Yaroslav Halchenko	a169badb95	Merge pull request #423 from yarikoptic/enh/gen_badbots badbots filter: adding the script which was used + updated filter	2013-11-08 10:10:46 -08:00
Yaroslav Halchenko	750e0c1e3d	BF: disallow exploiting of non-greedy .* in previous fix by providing too long rhost -- do not impose length limits for user-provided input since daemon might eventually change reported length and we would need to adjust anyways. So limiting in length does not provide additional security but allows for a possible injection vector	2013-11-08 10:10:33 -08:00
Yaroslav Halchenko	abb012ae5c	BF: fixing injection for OpenSSH 6.3 -- making .* before <HOST> non-greedy	2013-11-08 10:00:37 -08:00
Yaroslav Halchenko	eace931c19	Changelog for prior changes (gen_buildbots)	2013-11-07 15:47:25 -08:00

1 2 3 4 5 ...

1668 Commits (28d8aec511a96470db3816aa0ba9d35b3c5f6239) All Branches Search

1668 Commits (28d8aec511a96470db3816aa0ba9d35b3c5f6239)

All Branches