fail2ban

Commit Graph

Author	SHA1	Message	Date
Serg G. Brester	f59df2e156	Avoid any injecting on protocol (e. g. tries using camel-case) The phrase "AUTH command used when not advertised" is precise enough as anchor here, so prevent by any foreign-input (any auth protocol error).	7 years ago
Peter Nowee	aa158ac05f	Exim failregex: Include lower/mixed case AUTH When reporting the error `AUTH command used when not advertised`, Exim starts with `SMTP protocol error in "........."`. Here, Exim logs the SMTP command as it was provided by the connecting client. https://github.com/Exim/exim/blob/exim-4_89+fixes/src/src/smtp_in.c#L2850 According to RFC 5321 (SMTP) "[..] a command verb [..] MAY be encoded in upper case, lower case, or any mixture of upper and lower case with no impact on its meaning." https://tools.ietf.org/html/rfc5321#section-2.4 Lower case `auth login` brute-force attempts were seen in the wild and were not caught by the current failregex. This commit makes the failregex case-insensitive for the `AUTH` command, so that lower case (`auth`) or mixed case (`aUtH`) now also match. The failregex was already case-insensitive for the command arguments (e.g. `AUTH login` already matched).	7 years ago
SlowRiot	660d57e6ba	updating my email address	7 years ago
sebres	5708b8b90e	fixed test-cases covering dns2ip (IP of www.epfl.ch changed)	7 years ago
Allan Nordhøy	855f5d0ced	to be found	7 years ago
Allan Nordhøy	fe9e85c71d	"Fail2Ban", other language improvements	7 years ago
Serg G. Brester	a87af7bf41	Merge pull request #1948 from itoffshore/alpine gentoo-initd: add descriptions	7 years ago
Stuart Cardall	18d2761dc0	gentoo-initd: add descriptions add descriptions to stop syslog errors for extra_started_commands when running: rc-service ipset describe Oct 28 15:13:30 xxxx daemon.warn /etc/init.d/fail2ban[26446]: ^[[1m^[[36mreload^[[m: no description Oct 28 15:13:30 xxxx daemon.warn /etc/init.d/fail2ban[26447]: ^[[1m^[[36mshowlog^[[m: no description	7 years ago
Serg G. Brester	e07a8cda07	Update jail.conf Documentation of parameters for action blocklist_de, closes gh-1940	7 years ago
Serg G. Brester	0aeb91d1e2	Merge pull request #1929 from miken32/patch-1 Remove invalid (vulnerable) regex using IP from foreign input (not the originator).	7 years ago
Serg G. Brester	d81405adbc	Update ChangeLog typo	7 years ago
Serg G. Brester	b6ab0aa83f	Update ChangeLog more detailed entry	7 years ago
Michael Newton	894a05b843	Update ChangeLog	7 years ago
Michael Newton	3f715e8577	Remove tests	7 years ago
Michael Newton	d5d1fe679f	Remove invalid regex Resolves #1927	7 years ago
Serg G. Brester	c42dd6941c	Merge pull request #1921 from harry-wood/patch-1 typo	7 years ago
Harry Wood	ea1b663f85	typo spell "positive" (...but also somebody should finish this sentence)	7 years ago
sebres	ea36e1b3fc	filter.d/dovecot.conf: fixed failregex to recognize pam_authenticate failures with "Permission denied" (gh-1897)	7 years ago
sebres	a2120a9de5	filter.d/postfix-*.conf - added optional port regex (closes gh-1902)	7 years ago
Serg G. Brester	983b128c54	Update ChangeLog several fixes of 0.9th branch	7 years ago
Serg G. Brester	bb97e66627	Merge pull request #1882 from coderua/patch-1 Add Jorgee Vulnerability Scanner protect	7 years ago
Serg G. Brester	99a9a9136e	Merge pull request #1887 from fail2ban/exim-gh-1886 filter.d/exim.conf: fixed failregex for case of flood attempts with `D=0s`	7 years ago
Serg G. Brester	db121a6f85	Update exim Test case covers flood attempts with `D=0s`	7 years ago
Serg G. Brester	2cd02b731b	filter.d/exim.conf: fixed failregex for case of `D=0s` Closes gh-1886	7 years ago
sebres	4bc226a692	optimized regex	7 years ago
Vladimir Chumak	fafefc0293	Add Jorgee Vulnerability Scanner protect Details for Jorgee Vulnerability Scanner: https://www.symantec.com/security_response/attacksignatures/detail.jsp?asid=30164	7 years ago
sebres	acd9e8155b	Merge pull request #1376 from j-marz/master: Added ZoneMinder filter	7 years ago
sebres	4163f32968	small review, prefix replaced with `%(_apache_error_client)s` from apache-common.conf include	7 years ago
john	ac95449bbb	changed zoneminder regex as per Sebres and yarikoptic recommendations	7 years ago
john	7013729a1f	removed redundant options for zoneminder from jail.conf	7 years ago
john	5c3a666380	fixed incomplete regex after adding anchors	7 years ago
john	3d45fd2713	implemented yarikoptic's suggestions in fail2ban pull request #1376	7 years ago
john	776d463e92	added missing colon to failJSON	7 years ago
john	4d8ba7b668	fixed test log file	7 years ago
john	44c4496e49	added sample log files	7 years ago
john	08878d22dd	added zoneminder.conf filter	7 years ago
john	a90f6c4ae8	added zoneminder jail and filter # Conflicts: # config/jail.conf	7 years ago
sebres	c312962029	filter.d/dovecot.conf: partially cherry-pick to 0.9 PR #1880 from sebres/0.10-fix-dovecot-regex (`d926e11a5c`) fixed failregex (without new mode aggressive)	7 years ago
Serg G. Brester	a287d0a05c	Merge pull request #1872 from kmzby/master Added filter for phpMyAdmin+syslog	7 years ago
Pavel Mihadyuk	4c1abe1cbf	phpmyadmin-syslog: removed excess file, fixed test, updated failregex	7 years ago
Pavel Mihadyuk	d09304b897	phpmyadmin-syslog: added default jail config	7 years ago
Pavel Mihadyuk	41994fcb56	Added filter for phpMyAdmin+syslog (>=4.7.0)	7 years ago
Pavel Mihadyuk	5b4bc2aafd	Added filter for phpMyAdmin+syslog (>=4.7.0). Closes #1713	7 years ago
Serg G. Brester	124e5587c6	Merge pull request #1869 from sebres/fix-gh-1389 action.d/bsd-ipfw.conf: replace not posix-compliant grep option	7 years ago
Serg G. Brester	b0e5efb631	bsd-ipfw.conf: sh-compliant redirect of stderr together with stdout	7 years ago
sebres	3be32adefb	Replace not posix-compliant grep option: fgrep with `-q` option can cause 141 exit code in some cases (see gh-1389).	7 years ago
Serg G. Brester	c540217844	Update ChangeLog action.d/cloudflare.conf - Cloudflare API v4 implementation (gh-1651)	7 years ago
Serg G. Brester	c0eb7752a8	Merge pull request #1651 from szepeviktor/patch-9 Introduce Cloudflare API v4	7 years ago
Serg G. Brester	2ed8a38eca	Update cloudflare.conf Switch to API v1 to API v4 per default	7 years ago
Serg G. Brester	da7072d40e	Merge pull request #1846 from Chocobozzz/patch-3 Fix empty logfile.log in xarf login attack action	7 years ago

1 2 3 4 5 ...

3735 Commits (2ed414ed09b3bb4c478abc9366a1ff22024a33c9) All Branches Search

3735 Commits (2ed414ed09b3bb4c478abc9366a1ff22024a33c9)

All Branches