Daniel Black
a4718eb644
ENH: apache-overflow filter to have HTTP-2.4 message IDs and test samples
2013-11-11 10:38:02 +11:00
Daniel Black
87516eb92b
ENH: apache-overflows - more detail on "request failed: URI too long (longer than %d)" with test case
2013-11-11 09:46:40 +11:00
Daniel Black
e8aa676cf5
Merge pull request #429 from grooverdan/filter-develop-doco
...
DOC: Filter development doco
2013-11-10 14:10:10 -08:00
Daniel Black
191c4fda1b
Merge pull request #428 from grooverdan/ssh-dos
...
TST: test case that shows injection into username
2013-11-10 13:39:03 -08:00
Daniel Black
d90130234d
TST: end of json in sshd sample log
2013-11-11 08:29:54 +11:00
Daniel Black
061a26c408
TST: fix space in sshd sample log
2013-11-11 08:28:09 +11:00
Daniel Black
d955714d26
TST: test case that shows injection
2013-11-11 08:11:32 +11:00
Daniel Black
b8f40fef1b
DOC: more on filter regexes - DEVELOP
2013-11-11 08:08:10 +11:00
Daniel Black
c5021b55f6
Merge pull request #427 from yarikoptic/bf/nginx-regex-injection
...
BF: anchor introduced nginx-http-auth at the end
2013-11-08 17:23:03 -08:00
Daniel Black
724c6bfd92
DOC: filter regex debugging
2013-11-09 10:35:13 +11:00
Yaroslav Halchenko
ccd26578ec
Merge pull request #425 from grooverdan/asterisk-simplify
...
ENH: condense asterisk regexs for speed
2013-11-08 14:42:35 -08:00
Yaroslav Halchenko
ac061155f0
BF: anchor introduced nginx-http-auth at the end
...
needed since request probably could be not a correct HTTP statement but continue with
all those to match till the end and then injected ", client: VICTIM, server..." thus allowing
injection. We better anchor at the end then
2013-11-08 14:40:52 -08:00
Yaroslav Halchenko
49024fe6ea
DOC: minor typos in ChangeLog
2013-11-08 14:36:56 -08:00
Yaroslav Halchenko
ea8fce6308
Merge pull request #426 from yarikoptic/bf/openssh6.3-regex-injection
...
openssh 6.3 regex injection vectors: inject into ruser and/or exploiting pre-specified limits set for user provided data
2013-11-08 14:35:18 -08:00
Yaroslav Halchenko
bf245f9640
DOC: adding DEV Notes for for non-greedy matchin within sshd.conf
2013-11-08 14:34:31 -08:00
Daniel Black
d6bbe03861
Merge pull request #424 from grooverdan/nginx-auth
...
ENH: add filter.d/nginx-http-auth. Partially forfils #405
2013-11-08 14:24:02 -08:00
Yaroslav Halchenko
a169badb95
Merge pull request #423 from yarikoptic/enh/gen_badbots
...
badbots filter: adding the script which was used + updated filter
2013-11-08 10:10:46 -08:00
Yaroslav Halchenko
750e0c1e3d
BF: disallow exploiting of non-greedy .* in previous fix by providing too long rhost -- do not impose length limits for user-provided input
...
since daemon might eventually change reported length and we would need to adjust anyways. So limiting
in length does not provide additional security but allows for a possible injection vector
2013-11-08 10:10:33 -08:00
Yaroslav Halchenko
abb012ae5c
BF: fixing injection for OpenSSH 6.3 -- making .* before <HOST> non-greedy
2013-11-08 10:00:37 -08:00
Yaroslav Halchenko
eace931c19
Changelog for prior changes (gen_buildbots)
2013-11-07 15:47:25 -08:00
Daniel Black
d7560d4041
ENH: condense asterisk regexs for speed
2013-11-08 10:24:50 +11:00
Daniel Black
ab9d921162
BF: missed action in nginx-http-auth
2013-11-08 10:09:19 +11:00
Daniel Black
a148d35d70
ENH: add filter.d/nginx-http-auth. Partially forfills #405
2013-11-08 10:06:40 +11:00
Yaroslav Halchenko
4522308354
ENH: regenerated config/filter.d/apache-badbots.conf
2013-11-07 14:26:18 -08:00
Yaroslav Halchenko
6f321068f1
NF: gen_badbots script to (re)generate/update config/filter.d/apache-badbots.conf
2013-11-07 14:25:57 -08:00
Daniel Black
e91d40ee34
Merge pull request #420 from yarikoptic/enh/release-0.8.11
...
DOC: release 0.8.11 - ChangeLog tidy
2013-11-06 12:48:09 -08:00
Yaroslav Halchenko
28ee7ba123
DOC: keeping Changelog release-phrases uniform, simplified intro, unified
2013-11-06 14:04:30 -05:00
Yaroslav Halchenko
f26fba9c19
DOC: Untabifying and reindenting a bit ChangeLog
2013-11-06 13:47:45 -05:00
Daniel Black
0730db9b2b
Merge pull request #416 from grooverdan/debian-bug-665925-wuftpd-pam
...
BF: wuftpd pam filter fix (Debian bug 665925)
2013-11-05 18:39:01 -08:00
Daniel Black
20693ffb8e
Merge pull request #417 from grooverdan/debian-bug-709324-dovecot
...
BF: dovecot allow for newer fail message - Debian bug 709324
2013-11-05 18:38:29 -08:00
Daniel Black
5ebc386833
DOC: few more links for DEVELOP
2013-11-06 13:35:04 +11:00
Daniel Black
e55b24c533
BF: fix dovecot filter for newer failure message. Closes Debian bug #709324
2013-11-06 12:51:21 +11:00
Daniel Black
8b54523316
BF: fix to filter.d/wuftp to support pam authentication - Debian bug #665925
2013-11-06 12:13:37 +11:00
Daniel Black
d22214da79
Add Fedora git repo of fail2ban package to DEVELOP
2013-11-06 12:03:19 +11:00
Daniel Black
ac1f45d18c
Merge pull request #412 from grooverdan/firewalld
...
ENH: enhance firewall-cmd to use firewall-0.8.3's --remove-rules
2013-11-05 16:46:18 -08:00
Daniel Black
87f68d7564
firewalld-0.3.8 release that support --remove-rules out so documenting this.
2013-11-06 11:37:56 +11:00
Daniel Black
ee1edfbf0c
BF: remove duplication definition secion in webmin-auth
2013-11-04 17:54:36 +11:00
Daniel Black
a9fe3d5df9
DOC: alter release notes a bit more and versions in README.md
2013-10-31 14:44:14 +11:00
Daniel Black
5cefb8aff9
BF/DOC: fix hopefully final MANIFEST and release instructions
2013-10-31 11:30:07 +11:00
Daniel Black
6db9e64934
DOC: final updates to release doco
2013-10-31 10:56:45 +11:00
Daniel Black
4ec0e3f087
DOC: version 0.8.11.pre1
2013-10-31 10:51:37 +11:00
Daniel Black
3b2083b06d
DOC: ChangeLog header and merge
2013-10-31 10:44:40 +11:00
Daniel Black
f860307b57
DOC: update man pages. Add references to jail.conf from fail2ban-client man page
2013-10-31 10:27:30 +11:00
Daniel Black
fff996c8df
ENH: fix fail2ban-regex output to generate a man page with copyright notices
2013-10-31 10:26:49 +11:00
Daniel Black
a38be3f9ab
Merge branch 'master' of https://github.com/fail2ban/fail2ban
2013-10-31 09:13:57 +11:00
Daniel Black
b5c10488c1
Merge pull request #409 from grooverdan/filter-doco
...
DOC: in filters, put user relevant doc at top, and developer info at bot...
2013-10-30 15:11:46 -07:00
Daniel Black
5eddd5d12d
DOC: document required firewalld version as > 0.3.7.1
2013-10-31 09:10:59 +11:00
Daniel Black
2810f97fe5
DOC: merge ChangeLog
2013-10-31 09:07:06 +11:00
Daniel Black
27d257d5a6
Merge pull request #408 from grooverdan/dropbear
...
BF: filter.d/dropbear
2013-10-30 14:43:07 -07:00
Daniel Black
8ac6081555
ENH: fix to use upstream --remove-rules
...
https://fedorahosted.org/firewalld/ticket/10
2013-10-31 01:23:00 +11:00