github
/
fail2ban
mirror of https://github.com/fail2ban/fail2ban
1
0
Fork 0
Code Issues Releases Wiki Activity
1,636 Commits
32 Branches
229 Tags
18 MiB
Commit Graph

171 Commits (e8aa676cf549ee45b00c1e68093c1d8467e2a8e5)

Author SHA1 Message Date
Daniel Black d90130234d TST: end of json in sshd sample log 2013-11-11 08:29:54 +11:00
Daniel Black 061a26c408 TST: fix space in sshd sample log 2013-11-11 08:28:09 +11:00
Daniel Black d955714d26 TST: test case that shows injection 2013-11-11 08:11:32 +11:00
Yaroslav Halchenko ea8fce6308 Merge pull request #426 from yarikoptic/bf/openssh6.3-regex-injection 
openssh 6.3 regex injection vectors:  inject into ruser and/or exploiting pre-specified limits set for user provided data
 2013-11-08 14:35:18 -08:00
Yaroslav Halchenko 750e0c1e3d BF: disallow exploiting of non-greedy .* in previous fix by providing too long rhost -- do not impose length limits for user-provided input 
since daemon might eventually change reported length and we would need to adjust anyways.  So limiting
in length does not provide additional security but allows for a possible injection vector
 2013-11-08 10:10:33 -08:00
Yaroslav Halchenko abb012ae5c BF: fixing injection for OpenSSH 6.3 -- making .* before <HOST> non-greedy 2013-11-08 10:00:37 -08:00
Daniel Black a148d35d70 ENH: add filter.d/nginx-http-auth. Partially forfills #405 2013-11-08 10:06:40 +11:00
Daniel Black 0730db9b2b Merge pull request #416 from grooverdan/debian-bug-665925-wuftpd-pam 
BF:  wuftpd pam filter fix (Debian bug 665925)
 2013-11-05 18:39:01 -08:00
Daniel Black e55b24c533 BF: fix dovecot filter for newer failure message. Closes Debian bug #709324 2013-11-06 12:51:21 +11:00
Daniel Black 8b54523316 BF: fix to filter.d/wuftp to support pam authentication - Debian bug #665925 2013-11-06 12:13:37 +11:00
Daniel Black 95f3f38682 MRG: merge ChangeLog and jail.conf 2013-10-30 20:19:41 +11:00
Daniel Black e3150044fd BF: fix selinux 
TST: ignore *common.conf files in test cases as these are included
BF: Remove USER_LOGIN from selinux-ssh as its a duplicate message
ENH: add sample jail.conf
 2013-10-30 20:05:49 +11:00
Daniel Black 0f85aef609 Merge pull request #407 from grooverdan/dovecot-jail 
ENH: Dovecot jail
 2013-10-29 15:15:19 -07:00
Daniel Black 7596b96d4f TST: fix date in test comparison for dovecot 2013-10-30 09:05:09 +11:00
Daniel Black cde389cadc ENH: additional tweek to dovecot regex based on http://chrisgilligan.com/portfolio/fail2ban-regex/ 2013-10-29 10:15:54 +11:00
Daniel Black d451c2a231 FIX: vsftp improvements from Rich Mellor on mailing list 2013-10-26 09:51:25 +11:00
Daniel Black b61fe0f12d Merge pull request #378 from grooverdan/sasl 
ENH: filter.d/postfix-sasl - anchor regex at start and rename from filter.d/sasl
 2013-10-22 04:51:24 -07:00
Daniel Black 92f9e049ee TST: rename test log file to match 2013-10-22 22:44:49 +11:00
Daniel Black e417a2112c Merge pull request #386 from grooverdan/qmail 
ENH: filter.d/qmail - anchor at start. Add another regex
 2013-10-14 04:24:32 -07:00
Daniel Black e227568c3b Merge pull request #384 from grooverdan/dovecot-325 
ENH: added to dovecot filter. closes gh-325
 2013-10-14 04:23:03 -07:00
Daniel Black 351eb5ec8f ENH: filter.d/qmail - anchor at start. Add another regex for http://www.tjsi.com/rblsmtpd/faq/ patch to rblsmtpd 2013-10-09 16:44:48 +11:00
Daniel Black 2d1bd54439 Merge pull request #379 from grooverdan/webmin 
ENH: filter.d/webmin anchor at start and use syslog
 2013-10-08 20:13:14 -07:00
Daniel Black d60f470096 ENH: added to dovecot filter. closes gh-325 2013-10-09 10:09:06 +11:00
Daniel Black bc10c90ffe ENH: filter.d/vsftpd - disable regex for Pam pre 0.99.2.0 2013-10-05 20:02:30 +10:00
Daniel Black b64bf3fa7b ENH: filter.d/webmin anchor at start and use syslog 2013-10-05 19:18:44 +10:00
Daniel Black 23dd734aa9 Merge pull request #366 from grooverdan/dovecot 
ENH: dovecot regex to match failure reported by Bob Cohen on mailing lis...
 2013-10-01 15:50:39 -07:00
Daniel Black f998e01590 Merge pull request #359 from grooverdan/pureftpd 
ENH: Pureftpd syslog prefixing and filter achoring
 2013-10-01 15:14:33 -07:00
Daniel Black ba8183b116 Merge pull request #372 from grooverdan/uw-imap 
ENH: filter.d/uwimap-auth added. Closes #18
 2013-10-01 15:13:11 -07:00
Daniel Black 262616f7a7 ENH: filter.d/uwimap-auth - failure of an admin override to regex 2013-10-01 22:32:57 +10:00
Daniel Black 9211179d30 ENH: filter.d/uwimap-auth - add "disabled" to regex 2013-10-01 22:10:33 +10:00
Daniel Black 4649cf9608 ENH: separate selinux and selinux-ssh 2013-10-01 20:21:45 +10:00
Daniel Black cbdf4ceedd TST: test cases for uw-imapd thanks to Internet 2013-10-01 10:21:11 +10:00
Daniel Black a1eaa5f755 ENH: filter.d/selinxu added. Closes #296 2013-10-01 09:59:15 +10:00
Daniel Black b3b62d65bf ENH: filter.d/uwimap-auth added. Closes #18 2013-09-29 18:06:27 +10:00
Daniel Black 1eeb6e94bd BF: fix regex for openssh-6.3 2013-09-29 17:28:33 +10:00
Daniel Black 8c2a5612ed DOC: resolve ChangeLog conflicts 2013-09-19 19:38:28 +10:00
Daniel Black 3be7dcd701 DOC: resolve ChangeLog conflicts 2013-09-19 19:23:02 +10:00
Daniel Black 89e0520675 ENH: dovecot regex to match failure reported by Bob Cohen on mailing list 2013-09-19 08:25:50 +10:00
Daniel Black 9ce1e33313 TST: pureftpd - everything I've seen suggests that pureftpd only does syslog - even back to 2004. Not sure how this second example came into existance 2013-09-17 22:24:28 +10:00
Daniel Black ad5fb81f4b TST: failJSON set match to false on longer supported pam version 2013-09-17 21:18:24 +10:00
Daniel Black bec723b21d TST: failJSON date fix 2013-09-17 10:51:48 +10:00
Daniel Black 7e756dfada TST: correct failJSON for www3.google.com -> www.google.com changes. Disable test case for pre-0.99.2.0 version of linux-pam failure messages 2013-09-17 10:48:09 +10:00
Daniel Black 8f41422262 TST: domains need to exist for fail2ban-regex to work 2013-09-17 10:09:19 +10:00
Daniel Black ee497ff1cb ENH: filter mysqld-auth can be a is a syslog based service so anchor it using syslog prefix 2013-09-17 07:57:19 +10:00
Daniel Black 504111b0b1 ENH: filter.d/recidive - anchor regex at start and support f2b SYSLOG target 2013-09-16 01:22:42 +10:00
Daniel Black 317e82e144 TST: one more exim test case 2013-09-02 17:10:49 +10:00
Daniel Black 6b0e2289d4 Merge pull request #335 from grooverdan/gh-333-bind 
ENH: filter.d/named-refused.conf - BIND 9.9.3 regex changes. Closes gh-333
 2013-08-30 21:34:22 -07:00
Daniel Black cbed57bffd TST: fix year in named-bind test case 2013-08-28 08:52:56 +10:00
Daniel Black a401d11644 ENH: add regex for bad zone transfer request/ TST: add test for bind-9.9 zone transfer denied 2013-08-28 00:53:08 +10:00
Yaroslav Halchenko 265a85ec1f RF: do not catch for now "invalid nonce \S* received - hash is not \S*" -- imho needs more analysis 2013-08-26 09:48:56 -04:00