fail2ban

Commit Graph

Author	SHA1	Message	Date
Yaroslav Halchenko	7af58b9984	Merge branch 'apache-noscripts' of https://github.com/grooverdan/fail2ban * 'apache-noscripts' of https://github.com/grooverdan/fail2ban: ENH: apache-noscript now matched php-cgi scripts. Closes gh-503 Conflicts: ChangeLog -- two new entries collided, Reformatted the merged one a bit	11 years ago
Daniel Black	a9b7d33c51	ENH: apache-noscript now matched php-cgi scripts. Closes gh-503	11 years ago
Steven Hiscocks	d22716ab63	ENH: Add nsd filter and amend DateEpoch to match date format	11 years ago
Daniel Black	9d532828fc	BF: multiple _ separated values according to http://wiki.squid-cache.org/SquidFaq/SquidLogs#Squid_result_codes . Thanks Steven	11 years ago
Daniel Black	66374913ec	ENH: add squid filter	11 years ago
Daniel Black	db4c21acde	BF/DOC: fix filename in documentation for filter.d/proftpd	11 years ago
Daniel Black	e8eab11615	DOC: proftp - turn off ReverseDNS	11 years ago
Yaroslav Halchenko	3a5983ab0b	Merge branch 'bf/syslog-format' of https://github.com/yarikoptic/fail2ban * 'bf/syslog-format' of https://github.com/yarikoptic/fail2ban: Changelog entries for the last changes ENH: added optional [PID] matching in recidive.conf ENH: reintroducing levelnameinto syslog msgs, time stamp and indentation in non-syslog msgs BF/ENH: include [PID] into logging msgs, remove indentation from syslog messages Conflicts: ChangeLog	11 years ago
Yaroslav Halchenko	a26d4f42b7	ENH: added optional [PID] matching in recidive.conf	11 years ago
Daniel Black	9a82bc3c61	BF: kernel messages can have space. Thanks ag4ve(shawn). Closes #448	11 years ago
Yaroslav Halchenko	629e9ae445	Merge pull request #443 from grooverdan/apache-authfix BF: apache filters using error log weren't matched when referer existed ...	11 years ago
Daniel Black	284f811c91	BF: apache filters using error log weren't matched when referer existed in HTTP header	11 years ago
Daniel Black	1ea68b2d0c	DOC: filter.d/solid-pop3d - document lack of PAM support. Thanks to Jacques for the log messages	11 years ago
Daniel Black	0eea0a35db	ENH: filter.d/solid-pop3d - added log messages and regexes	11 years ago
Daniel Black	88eff70774	ENH: filter.d/solid-pop3d added	11 years ago
Daniel Black	286d78e13c	Merge pull request #430 from grooverdan/apache-overflows ENH: Apache overflows - httpd-2.4 message IDs + samples	11 years ago
Daniel Black	50ca16e50e	Merge pull request #431 from grooverdan/apache-noscript ENH: apache-2.4 message IDs for filter apache-noscript	11 years ago
Daniel Black	947c6ff9cc	Merge pull request #433 from grooverdan/asterisk BF/ENH: asterisk connection ID is a hex not decimal number. Add "Rejecting unknown SIP connection from " regex thanks to Jonathan Lanning	11 years ago
Daniel Black	38503a5848	Merge pull request #434 from grooverdan/dos-resistant-dropbear ENH: DoS resistant dropbear filter	11 years ago
Daniel Black	62b1f98dff	Merge pull request #435 from grooverdan/dos-resistant-exim BF: exim filter to be DoS resistant	11 years ago
Daniel Black	be60518218	BF/ENH: DoS resistant roundcube-auth with test cases and more variation in IMAP error given	11 years ago
Daniel Black	52972164a2	BF: exim filter to be DoS resistant	11 years ago
Daniel Black	c272573fe3	ENH: DoS resistant dropbear filter	11 years ago
Daniel Black	eb9663eb4f	BF/ENH: asterisk connection ID is a hex not decimal number. Add "Rejecting unknown SIP connection from <HOST>" regex thanks to Jonathan Lanning	11 years ago
Daniel Black	648d48c355	ENH: apache-2.4 message IDs for filter apache-noscript	11 years ago
Daniel Black	a4718eb644	ENH: apache-overflow filter to have HTTP-2.4 message IDs and test samples	11 years ago
Daniel Black	87516eb92b	ENH: apache-overflows - more detail on "request failed: URI too long (longer than %d)" with test case	11 years ago
Daniel Black	c5021b55f6	Merge pull request #427 from yarikoptic/bf/nginx-regex-injection BF: anchor introduced nginx-http-auth at the end	11 years ago
Yaroslav Halchenko	ccd26578ec	Merge pull request #425 from grooverdan/asterisk-simplify ENH: condense asterisk regexs for speed	11 years ago
Yaroslav Halchenko	ac061155f0	BF: anchor introduced nginx-http-auth at the end needed since request probably could be not a correct HTTP statement but continue with all those to match till the end and then injected ", client: VICTIM, server..." thus allowing injection. We better anchor at the end then	11 years ago
Yaroslav Halchenko	ea8fce6308	Merge pull request #426 from yarikoptic/bf/openssh6.3-regex-injection openssh 6.3 regex injection vectors: inject into ruser and/or exploiting pre-specified limits set for user provided data	11 years ago
Yaroslav Halchenko	bf245f9640	DOC: adding DEV Notes for for non-greedy matchin within sshd.conf	11 years ago
Daniel Black	d6bbe03861	Merge pull request #424 from grooverdan/nginx-auth ENH: add filter.d/nginx-http-auth. Partially forfils #405	11 years ago
Yaroslav Halchenko	750e0c1e3d	BF: disallow exploiting of non-greedy .* in previous fix by providing too long rhost -- do not impose length limits for user-provided input since daemon might eventually change reported length and we would need to adjust anyways. So limiting in length does not provide additional security but allows for a possible injection vector	11 years ago
Yaroslav Halchenko	abb012ae5c	BF: fixing injection for OpenSSH 6.3 -- making .* before <HOST> non-greedy	11 years ago
Daniel Black	d7560d4041	ENH: condense asterisk regexs for speed	11 years ago
Daniel Black	a148d35d70	ENH: add filter.d/nginx-http-auth. Partially forfills #405	11 years ago
Yaroslav Halchenko	4522308354	ENH: regenerated config/filter.d/apache-badbots.conf	11 years ago
Daniel Black	0730db9b2b	Merge pull request #416 from grooverdan/debian-bug-665925-wuftpd-pam BF: wuftpd pam filter fix (Debian bug 665925)	11 years ago
Daniel Black	e55b24c533	BF: fix dovecot filter for newer failure message. Closes Debian bug #709324	11 years ago
Daniel Black	8b54523316	BF: fix to filter.d/wuftp to support pam authentication - Debian bug #665925	11 years ago
Daniel Black	ee1edfbf0c	BF: remove duplication definition secion in webmin-auth	11 years ago
Daniel Black	b5c10488c1	Merge pull request #409 from grooverdan/filter-doco DOC: in filters, put user relevant doc at top, and developer info at bot...	11 years ago
Daniel Black	c3f9c9aa60	BF: filter.d/dropbear Add PAM failures which is in dropbear-2013.60 in srv-authpam.c Patch http://www.unchartedbackwaters.co.uk/files/dropbear/dropbear-0.52.patch obviously has exit with lower case e so adjust regex for both. svr-authpasswd.c in 2013.60 (at bottom) for second regex ends after the IP so the regex was altered. .\s can be compressed to .*	11 years ago
Daniel Black	89fd792dfb	DOC: in filters, put user relevant doc at top, and developer info at bottom, and remove all the repetative blindly copied stuff that appears in the jail man page	11 years ago
Daniel Black	de9977441a	DOC: move named and mysql instructions into the filters from jail.conf	11 years ago
Daniel Black	95f3f38682	MRG: merge ChangeLog and jail.conf	11 years ago
Daniel Black	e3150044fd	BF: fix selinux TST: ignore *common.conf files in test cases as these are included BF: Remove USER_LOGIN from selinux-ssh as its a duplicate message ENH: add sample jail.conf	11 years ago
Daniel Black	0f85aef609	Merge pull request #407 from grooverdan/dovecot-jail ENH: Dovecot jail	11 years ago
Daniel Black	cde389cadc	ENH: additional tweek to dovecot regex based on http://chrisgilligan.com/portfolio/fail2ban-regex/	11 years ago

1 2 3 4 5 ...

331 Commits (7af58b9984287b740b49a851bd054589371023c4)