diff options
author | Cyril Jaquier <cyril.jaquier@fail2ban.org> | 2007-06-07 21:29:25 +0000 |
---|---|---|
committer | Cyril Jaquier <cyril.jaquier@fail2ban.org> | 2007-06-07 21:29:25 +0000 |
commit | 475aa68c113da7c4d93cd5d9df490e2666e80ecf (patch) | |
tree | 28f52a61e10fb2d35dc1f32995f79f53d710e869 | |
parent | 2f0dedf206c58e1c1ac83636cd9a180063e2c6ba (diff) | |
download | fail2ban-475aa68c113da7c4d93cd5d9df490e2666e80ecf.tar.gz |
- Fixed vulnerability in sshd.conf. Thanks to Daniel B. Cid
git-svn-id: https://fail2ban.svn.sourceforge.net/svnroot/fail2ban/trunk@588 a942ae1a-1317-0410-a47c-b1dcaea8d605
-rw-r--r-- | CHANGELOG | 1 | ||||
-rw-r--r-- | config/filter.d/sshd.conf | 9 |
2 files changed, 6 insertions, 4 deletions
@@ -11,6 +11,7 @@ ver. 0.9.0 (2007/??/??) - alpha ---------- - Removed Python 2.4 code. Need more testing - Made interactive mode optional in fail2ban-client +- Fixed vulnerability in sshd.conf. Thanks to Daniel B. Cid ver. 0.8.0 (2007/05/03) - stable ---------- diff --git a/config/filter.d/sshd.conf b/config/filter.d/sshd.conf index fa1d88ad..39416f43 100644 --- a/config/filter.d/sshd.conf +++ b/config/filter.d/sshd.conf @@ -14,10 +14,11 @@ # (?:::f{4,6}:)?(?P<host>\S+) # Values: TEXT # -failregex = Authentication failure for .* from <HOST> - Failed [-/\w]+ for .* from <HOST> - ROOT LOGIN REFUSED .* FROM <HOST> - [iI](?:llegal|nvalid) user .* from <HOST> +failregex = Authentication failure for .* from <HOST>$ + Failed [-/\w]+ for .* from <HOST>$ + ROOT LOGIN REFUSED .* FROM <HOST>$ + [iI](?:llegal|nvalid) user .* from <HOST>$ + User .* from <HOST> not allowed because not listed in AllowUsers$ # Option: ignoreregex # Notes.: regex to ignore. If this regex matches, the line is ignored. |