Commit Graph

17 Commits (b39729a2ab1abea9835fb4f5377c60d56308df9b)

Author SHA1 Message Date
Daniel Black d90130234d TST: end of json in sshd sample log 2013-11-11 08:29:54 +11:00
Daniel Black 061a26c408 TST: fix space in sshd sample log 2013-11-11 08:28:09 +11:00
Daniel Black d955714d26 TST: test case that shows injection 2013-11-11 08:11:32 +11:00
Yaroslav Halchenko 750e0c1e3d BF: disallow exploiting of non-greedy .* in previous fix by providing too long rhost -- do not impose length limits for user-provided input
since daemon might eventually change reported length and we would need to adjust anyways.  So limiting
in length does not provide additional security but allows for a possible injection vector
2013-11-08 10:10:33 -08:00
Yaroslav Halchenko abb012ae5c BF: fixing injection for OpenSSH 6.3 -- making .* before <HOST> non-greedy 2013-11-08 10:00:37 -08:00
Daniel Black 1eeb6e94bd BF: fix regex for openssh-6.3 2013-09-29 17:28:33 +10:00
Steven Hiscocks e7b7815de3 TST: Add additional sshd sample logs 2013-07-21 15:22:44 +01:00
Steven Hiscocks 40f67c64b8 TST: Test sample logs' entries are matched by filter regexs 2013-07-13 23:03:01 +01:00
Yaroslav Halchenko 6d331bcbea BF: make colon after [daemon] optional. Close #267 2013-06-27 11:44:47 -04:00
Yaroslav Halchenko 5e1d8b07e8 ENH: logs/sshd -- have ":" after [daemon] (other uses are uncommon)
See https://github.com/fail2ban/fail2ban/issues/216\#issuecomment-17535577
for the analysis
2013-05-07 12:30:05 -04:00
Yaroslav Halchenko ffcac2ccee ENH: logs/sshd -- use example.com as the resolved hostname in sample log lines 2013-05-07 12:26:13 -04:00
jamesstout 932bd102fe ENH: Removed unused log line
removed #9 per
https://github.com/fail2ban/fail2ban/pull/182#discussion_r4068885
2013-05-04 18:38:05 +08:00
jamesstout 018913db6a ENH+TST: ssh failure messages for OpenSolaris and OS X 2013-04-30 04:24:56 +08:00
Yaroslav Halchenko 1e12c220e6 minor: added a note on now "negative" log entries on "POSSIBLE BREAK-IN ATTEMPT" 2012-11-05 21:22:33 -05:00
Yaroslav Halchenko 2082fee7b1 ENH: match possibly present "pam_unix(sshd:auth):" portion for sshd (Closes: #648020) 2012-07-31 15:53:41 -04:00
Petr Voralek 4007751191 ENH: catch failed ssh logins due to being listed in DenyUsers. Close gh-47 (Closes: #669063) 2012-04-16 20:36:53 -04:00
Yaroslav Halchenko fceff2d5b9 moving log samples under testcases/files 2011-11-18 11:57:20 -05:00