sshdfilter Publisher's description
sshdfilter automatically blocks ssh brute force attacks by reading sshd log output in real time.
sshdfilter automatically blocks ssh brute force attacks by reading sshd log output in real time and adding iptables rules based on authentication failures.
Block rules are created by logging on with an invalid user name, or wrongly guessing the password for an existing account.
Block rules are removed after a week to maintain a small list of blocks. It also comes with a LogWatch filter.
What's New in This Release:В· The configuration parser and the pattern matching engine were rewritten to provide all the flexibility you could ever want.
В· sshdfilter can now read sshd messages from either sshd -eD (as with previous versions of sshdfilter) or via a named pipe maintained by syslog.
В· Hostname lookup for messages was added for PAM-based systems that show hostnames and never a source IP.
В· ipfw support was added.
System Requirements:No special requirements.
Program Release Status: Minor Update
Program Install Support: Install and Uninstall