| Index | index by Group | index by Distribution | index by Vendor | index by creation date | index by Name | Mirrors | Help | Search |
| Name: sshguard | Distribution: openSUSE Leap 16.0 |
| Version: 2.4.3 | Vendor: openSUSE |
| Release: lp160.1.1 | Build date: Mon Oct 2 09:24:19 2023 |
| Group: Productivity/Networking/Security | Build host: reproducible |
| Size: 4753638 | Source RPM: sshguard-2.4.3-lp160.1.1.src.rpm |
| Packager: https://bugs.opensuse.org | |
| Url: https://www.sshguard.net/ | |
| Summary: SSH brute force attack protector | |
Sshguard protects networked hosts from brute force attacks against ssh servers. It detects such attacks and blocks the attacker's address with a firewall rule.
ISC
* Mon Oct 02 2023 Andrea Manzini <andrea.manzini@suse.com>
- update to version 2.4.3:
* Add signature for BIND
* Add signature for Gitea
* Add signature for Microsoft SQL Server for Linux
* Add signature for OpenVPN Portshare
* Add signature for user-defined HTTP attacks
* Update signatures for Dovecot
* Update signatures for Postfix
* Fixed Fix memset off-by-one
* Fixed Resolve DNS names in capability mode using casper
- removed patch sshguard-overflow.patch as fixed in upstream
- clean up .spec file
* Tue Aug 30 2022 Marcus Meissner <meissner@suse.com>
- sshguard-overflow.patch: fixed 1 byte 0x00 overwrite in a memset
(bsc#1202944)
* Mon Jan 24 2022 Joop Boonen <joop.boonen@opensuse.org>
- Corrected the BACKEND in /etc/sshguard.conf
* Thu Jan 20 2022 Joop Boonen <joop.boonen@opensuse.org>
- Deleted the iptables entries from sshguard.service as firewalld is used
- Added BACKEND="/usr/libexec/sshg-fw-firewalld" in stead of
BACKEND="/usr/libexec/sshg-fw-iptables" as firewalld is used
* Tue Nov 23 2021 Johannes Segitz <jsegitz@suse.com>
- Added hardening to systemd service(s) (bsc#1181400). Added patch(es):
* harden_sshguard.service.patch
Modified:
* sshguard.service
* Sun May 16 2021 Enrico Belleri <idesmi@protonmail.com>
- Changed 'BACKEND' to "/usr/libexec/sshg-fw-iptables" from incorrect syntax
* Wed May 12 2021 Ferdinand Thiessen <rpm@fthiessen.de>
- Update to version 2.4.2
* Recognize rejections from Postfix's postscreen daemon
* The parser can now be changed using the 'PARSER' and
'POST_PARSER' options
* Remove some false positive attack signatures for SSH and Cyrus
* Adjust log verbosity of some log messages
* The *firewalld* backend now uses *firewall-cmd* instead of
'iptables' to flush block lists
* Wed Aug 26 2020 Joop Boonen <joop.boonen@opensuse.org>
- Build version 2.4.1
* Recognize RFC 5424 syslog banners
* Recognize busybox syslog -S banners
* Recognize rsyslog banners
* Recognize web services TYPO3, Contao, and Joomla
* Update signatures for Dovecot
* Update signatures for OpenSSH
* Whitelist entire 127.0.0.0/8 and ::1 block
* Whitelist file allows inline comments
* Fix FILES and LOGREADER configuration file options
- boo#1124121
* Tue Jun 11 2019 Joop Boonen <joop.boonen@opensuse.org>
- Build version 2.4.0
* Match "Failed authentication attempt" for Gitea
* Log human-readable service names instead of service code
* Correctly terminate child processes when sshguard is killed
* No longer accept logs given via standard input
* Wed Feb 06 2019 joop.boonen@opensuse.org
- Removed not needed files and service files
as sshguard can now parse journal files
- /etc/sysconfig/sshguard is not used any more
as sshguard uses it's own config file
* Mon Feb 04 2019 Jan Engelhardt <jengelh@inai.de>
- Use noun phrase in summary.
- Join %service_* to reduce generated boilerplate.
* Thu Jan 24 2019 liedke@rz.uni-mannheim.de
- Build version 2.3.1
* Fix OpenSSH "Did not receive identification string"
* Fix syslog banner detection on macOS
- Build version 2.3.0
* Add signatures for Courier IMAP/POP and OpenVPN
* Add signatures for TLS failures against Cyrus IMAP
* Match more attacks against SSHD, Cockpit, and Dovecot
* Update SSH invalid user signature for macOS
* Add to and remove from ipfw table quietly
* Reduce "Connection closed... [preauth]" score to 2
* Switch ipsets to hash:net
* Don't recreate existing ipsets
* Match more log banners (Fix greedy SYSLOG_BANNER)
- Build version 2.2.0
* Add '--disable-maintainer-mode' in configure for package maintainers
* BusyBox log banner detection
* Match Exim "auth mechanism not supported"
* Match Exim "auth when not advertised"
* Match Postfix greylist early retry
* OpenSMTPD monitoring support
* Recognize IPv6 addresses with interface name
* Ignore CR in addition to LF
* Only log attacks if not already blocked or whitelisted
* Use correct signal names in driver shell script
- Build version 2.1.0
* Add nftables backend
* Add monitoring support for new service: Cockpit, Linux server dashboard
* Match "maximum authentication attempts" for SSH
* Match Debian-style "Failed password for invalid user" for SSH
* Add monitoring support for new service: Common webserver probes, in
Common Log Format
* Match 'Disconnecting invalid user' for SSH
* Add monitoring support for new service: WordPress, in Common Log Format
* Add monitoring support for new service: SSHGuard
* Firewall backends now support blocking subnets.
* Add new IPV6_SUBNET and IPV4_SUBNET configuration options. Defaults
to traditional single-address blocking.
* Add monitoring support for new service: OpenSMTPD
* Log whitelist matches with higher priority
* Match port number in "invalid user" attack
* FirewallD backend reloads firewall configuration less often.
- Build version 2.0.0
* Add firewalld backend
* Add ipset backend
* Annotate logs using -a flag to sshg-parser
* Match "no matching cipher" for SSH
* Preliminary support for Capsicum and pledge()
* Resurrect ipfilter backend
* Support reading from os_log on macOS 10.12 and systemd journal
* Add warning when reading from standard input
* Build and install all backends by default
* Improve log messages and tweak logging priorities
* Runtime flags now configurable in the configuration file
* SSHGuard requires a configuration file to start
* Remove process validation (-f option)
* Fix ipfw backend on FreeBSD 11
* Fix initial block time
* Update Dovecot pattern for macOS
* Use standard score for Sendmail auth attack
* Thu Nov 08 2018 joop.boonen@opensuse.org
- Corrected the service scripts, start after network.target
* Thu Nov 23 2017 rbrown@suse.com
- Replace references to /var/adm/fillup-templates with new
%_fillupdir macro (boo#1069468)
* Wed Mar 01 2017 joop.boonen@opensuse.org
- Add a systemd journal tail so sshguard can parse this file
* Thu Dec 29 2016 joop.boonen@opensuse.org
- Build version 1.7.1
- Add sample Mac OS X 10.12 style launchd.plist
- Allow multiple forward slashes in process name
- Log released addresses only when debugging
- Process validation (``-f`` option) is deprecated
- Adjust TIMESTAMP_ISO8601 for Mac OS X 10.12
- Fix build error in hosts backend
- Fix empty functions in firewall scripts causing errors with Bash
- Flush stdout after every line in sshg-parser
- Add *sshg-logtail*
- Add *sshg-parser*
- Control firewall using *sshg-fw*
- Match "no matching key exchange method" for SSH
- Hosts backend is deprecated
- Logsuck (``-l`` option) is deprecated, use *sshg-logtail* instead
- Process validation (``-f`` option) is deprecated
- Remove external hooks (``-e`` option)
- Remove support for genfilt and ipfilter backends
- Accept socklog messages without a timestamp
- Fix excessive logging causing endless looping in logsuck
- Fix undefined assignment of initial inode number
- Match Postfix pre-authentication disconnects
- Fix bashisms in iptables backend
- Fix size argument in inet_ntop() call
- Remove excessive logging when polling from files
- Keep looking for unreadable files while polling
- Update Dovecot signature for POP3
- Match "Connection reset" message for SSH
- Resurrect PID file option by popular demand
- Adjust default abuse threshold
* Fri Feb 19 2016 joop.boonen@opensuse.org
- Added a corrected attack treshold value (40 default)
* Thu Feb 18 2016 eshmarnev@suse.com
- Build version 1.6.3
- Disable blacklisting by default
- Implement logging as wrappers around syslog(2)
- Improve log and error messages
- Match sendmail authentication failures
- Remove PID file option
- Remove SIGTSTP and SIGCONT handler
- Remove reverse mapping attack signature
- Remove safe_fgets() and exit on interrupt
- Terminate state entries for hosts blocked with pf
- Update and shorten command-line usage
- Use 'configure' to set feature-test macros
- Updated patch file for new version of sshguard
* Mon Jan 11 2016 joop.boonen@opensuse.org
- Added ip6tables support handles via init and service files
* Fri Oct 16 2015 joop.boonen@opensuse.org
- Corrected a iptables error, that prevented sshguard
from functioning correctly
* Thu Oct 15 2015 joop.boonen@opensuse.org
- Moved blacklist.db to /var/lib/sshguard/db/blacklist.db analog
most SUSE packages
* Thu Oct 15 2015 joop.boonen@opensuse.org
- Corrected the blacklist as it's auto generated
- Improved sysconfig
* Wed Oct 14 2015 joop.boonen@opensuse.org
- Build version 1.6.2
+ Make '-w' option backwards-compatible for iptables (James Harris)
+ Remove support for ip6fw and 'ipfw-range' option
+ Rewrite ipfw backend using command framework
- The white and black list now initially reside in files
/etc/sshguard/whitelist|blacklist
* Mon Sep 28 2015 joop.boonen@opensuse.org
- Build version 1.6.1
- Added sshguard-gcc5.patch so it also builds via gcc5
- Created a sshguard.service file so it'll run on systemd
systems
* Wed Mar 27 2013 joop.boonen@opensuse.org
- Reformated the spec file to the openSUSE standard
so it can be submitted to Factory
* Sat Feb 19 2011 lars@linux-schulserver.de
- update to 1.5:
+ logsucker: sshguard polls multiple log files at once
+ recognize syslog's "last message repeated N times" contextually
and per-source
+ attackers now gauged with attack *dangerousness* instead of
count (adjust your -a !)
+ improve IPv6 support
+ add detection for: Exim, vsftpd, Sendmail, Cucipop
+ improve logging granularity and descriptiveness
+ add -i command line option for saving PID file as an aid for
startup scripts
+ update some attack signatures
- cleanup specfile via spec-cleaner
* Wed Dec 01 2010 wr@rosenauer.org
- fix typo in macro
- revert a bit of cleanup to make it backwards compatible
(%_initddir)
* Tue Nov 02 2010 prusnak@opensuse.org
- cleanup spec file
* Wed Sep 29 2010 wr@rosenauer.org
- update to version 1.5rc4
* Sun Apr 04 2010 wr@rosenauer.org
- update to version 1.5rc1
* Thu Feb 11 2010 wr@rosenauer.org
- added init script and sysconfig
* Wed Feb 10 2010 wr@rosenauer.org
- initial openSUSE package
/etc/sshguard /etc/sshguard.conf /etc/sshguard/whitelist /usr/lib/systemd/system/sshguard.service /usr/libexec/sshg-blocker /usr/libexec/sshg-fw-firewalld /usr/libexec/sshg-fw-hosts /usr/libexec/sshg-fw-ipfilter /usr/libexec/sshg-fw-ipfw /usr/libexec/sshg-fw-ipset /usr/libexec/sshg-fw-iptables /usr/libexec/sshg-fw-nft-sets /usr/libexec/sshg-fw-null /usr/libexec/sshg-fw-pf /usr/libexec/sshg-logtail /usr/libexec/sshg-parser /usr/sbin/rcsshguard /usr/sbin/sshguard /usr/share/doc/packages/sshguard /usr/share/doc/packages/sshguard/CHANGELOG.rst /usr/share/doc/packages/sshguard/README.rst /usr/share/doc/packages/sshguard/doc /usr/share/doc/packages/sshguard/doc/sshguard-setup.7 /usr/share/doc/packages/sshguard/doc/sshguard-setup.7.rst /usr/share/doc/packages/sshguard/doc/sshguard.8 /usr/share/doc/packages/sshguard/doc/sshguard.8.rst /usr/share/doc/packages/sshguard/doc/sshguard.dot /usr/share/doc/packages/sshguard/examples /usr/share/doc/packages/sshguard/examples/net.sshguard.plist /usr/share/doc/packages/sshguard/examples/sshguard.conf.sample /usr/share/doc/packages/sshguard/examples/sshguard.service /usr/share/doc/packages/sshguard/examples/whitelistfile.example /usr/share/licenses/sshguard /usr/share/licenses/sshguard/COPYING /usr/share/man/man7/sshguard-setup.7.gz /usr/share/man/man8/sshguard.8.gz /var/lib/sshguard /var/lib/sshguard/db
Generated by rpm2html 1.8.1
Fabrice Bellet, Tue Nov 12 00:24:29 2024