fail2ban

Commit Graph

Author	SHA1	Message	Date
Daniel Black	28d8aec511	DOC: Arch Linux link	11 years ago
Daniel Black	24c143b411	Merge pull request #445 from grooverdan/suhosin TST: more test cases for suhosin	11 years ago
Daniel Black	015b403df0	TST: more test cases for suhosin	11 years ago
Yaroslav Halchenko	629e9ae445	Merge pull request #443 from grooverdan/apache-authfix BF: apache filters using error log weren't matched when referer existed ...	11 years ago
Daniel Black	284f811c91	BF: apache filters using error log weren't matched when referer existed in HTTP header	11 years ago
Yaroslav Halchenko	491165c929	Merge pull request #438 from grooverdan/solid-pop3d ENH: filter for Solid-pop3d	11 years ago
Daniel Black	1ea68b2d0c	DOC: filter.d/solid-pop3d - document lack of PAM support. Thanks to Jacques for the log messages	11 years ago
Daniel Black	0eea0a35db	ENH: filter.d/solid-pop3d - added log messages and regexes	11 years ago
Daniel Black	2c63b1fe93	Merge pull request #439 from yarikoptic/bf/proftpd-millisec ENH: proftpd in Debian (now or forever) has ",milliseconds" in its date format	11 years ago
Daniel Black	b3b9ea4559	ENH: jail for solid-pop3d	11 years ago
Yaroslav Halchenko	82174ea4c4	Changelog for preceding proftpd date format change	11 years ago
Yaroslav Halchenko	d4f6ca4f85	ENH: adding custom date format for proftpd when logging in its own log file (default on Debian) -- includes milliseconds Should resolve Debian #648276	11 years ago
Daniel Black	88eff70774	ENH: filter.d/solid-pop3d added	11 years ago
Daniel Black	ed212fcdcc	DOC: new ChangeLog header	11 years ago
Daniel Black	a7604c899f	DOC: list Wiki pages to update after a release	11 years ago
Daniel Black	752ea054db	DOC: post release version change	11 years ago
Daniel Black	fc213a103e	Merge pull request #437 from grooverdan/0.8.11_release DOC: finalise 0.8.11 release	11 years ago
Daniel Black	d0498bec69	DOC: finalise 0.8.11 release	11 years ago
Daniel Black	286d78e13c	Merge pull request #430 from grooverdan/apache-overflows ENH: Apache overflows - httpd-2.4 message IDs + samples	11 years ago
Daniel Black	50ca16e50e	Merge pull request #431 from grooverdan/apache-noscript ENH: apache-2.4 message IDs for filter apache-noscript	11 years ago
Daniel Black	947c6ff9cc	Merge pull request #433 from grooverdan/asterisk BF/ENH: asterisk connection ID is a hex not decimal number. Add "Rejecting unknown SIP connection from " regex thanks to Jonathan Lanning	11 years ago
Daniel Black	38503a5848	Merge pull request #434 from grooverdan/dos-resistant-dropbear ENH: DoS resistant dropbear filter	11 years ago
Daniel Black	62b1f98dff	Merge pull request #435 from grooverdan/dos-resistant-exim BF: exim filter to be DoS resistant	11 years ago
Daniel Black	0d47ea3348	Merge pull request #436 from grooverdan/dos-resistant-roundcube-auth BF/ENH: DoS resistant roundcube-auth with test cases and more variation from IMAP responses	11 years ago
Daniel Black	be60518218	BF/ENH: DoS resistant roundcube-auth with test cases and more variation in IMAP error given	11 years ago
Daniel Black	52972164a2	BF: exim filter to be DoS resistant	11 years ago
Daniel Black	c272573fe3	ENH: DoS resistant dropbear filter	11 years ago
Daniel Black	eb9663eb4f	BF/ENH: asterisk connection ID is a hex not decimal number. Add "Rejecting unknown SIP connection from <HOST>" regex thanks to Jonathan Lanning	11 years ago
Daniel Black	648d48c355	ENH: apache-2.4 message IDs for filter apache-noscript	11 years ago
Daniel Black	c81ed53805	TST: change source URL	11 years ago
Daniel Black	a4718eb644	ENH: apache-overflow filter to have HTTP-2.4 message IDs and test samples	11 years ago
Daniel Black	87516eb92b	ENH: apache-overflows - more detail on "request failed: URI too long (longer than %d)" with test case	11 years ago
Daniel Black	e8aa676cf5	Merge pull request #429 from grooverdan/filter-develop-doco DOC: Filter development doco	11 years ago
Daniel Black	191c4fda1b	Merge pull request #428 from grooverdan/ssh-dos TST: test case that shows injection into username	11 years ago
Daniel Black	d90130234d	TST: end of json in sshd sample log	11 years ago
Daniel Black	061a26c408	TST: fix space in sshd sample log	11 years ago
Daniel Black	d955714d26	TST: test case that shows injection	11 years ago
Daniel Black	b8f40fef1b	DOC: more on filter regexes - DEVELOP	11 years ago
Daniel Black	c5021b55f6	Merge pull request #427 from yarikoptic/bf/nginx-regex-injection BF: anchor introduced nginx-http-auth at the end	11 years ago
Daniel Black	724c6bfd92	DOC: filter regex debugging	11 years ago
Yaroslav Halchenko	ccd26578ec	Merge pull request #425 from grooverdan/asterisk-simplify ENH: condense asterisk regexs for speed	11 years ago
Yaroslav Halchenko	ac061155f0	BF: anchor introduced nginx-http-auth at the end needed since request probably could be not a correct HTTP statement but continue with all those to match till the end and then injected ", client: VICTIM, server..." thus allowing injection. We better anchor at the end then	11 years ago
Yaroslav Halchenko	49024fe6ea	DOC: minor typos in ChangeLog	11 years ago
Yaroslav Halchenko	ea8fce6308	Merge pull request #426 from yarikoptic/bf/openssh6.3-regex-injection openssh 6.3 regex injection vectors: inject into ruser and/or exploiting pre-specified limits set for user provided data	11 years ago
Yaroslav Halchenko	bf245f9640	DOC: adding DEV Notes for for non-greedy matchin within sshd.conf	11 years ago
Daniel Black	d6bbe03861	Merge pull request #424 from grooverdan/nginx-auth ENH: add filter.d/nginx-http-auth. Partially forfils #405	11 years ago
Yaroslav Halchenko	a169badb95	Merge pull request #423 from yarikoptic/enh/gen_badbots badbots filter: adding the script which was used + updated filter	11 years ago
Yaroslav Halchenko	750e0c1e3d	BF: disallow exploiting of non-greedy .* in previous fix by providing too long rhost -- do not impose length limits for user-provided input since daemon might eventually change reported length and we would need to adjust anyways. So limiting in length does not provide additional security but allows for a possible injection vector	11 years ago
Yaroslav Halchenko	abb012ae5c	BF: fixing injection for OpenSSH 6.3 -- making .* before <HOST> non-greedy	11 years ago
Yaroslav Halchenko	eace931c19	Changelog for prior changes (gen_buildbots)	11 years ago

1 2 3 4 5 ...

1668 Commits (28d8aec511a96470db3816aa0ba9d35b3c5f6239) All Branches Search

1668 Commits (28d8aec511a96470db3816aa0ba9d35b3c5f6239)

All Branches