Date: Tue, 2 Nov 2010 11:54:37 -0700 (PDT) From: "Justin V." <vic@yeaguy.com> To: Rob Farmer <rfarmer@predatorlabs.net> Cc: freebsd-questions@freebsd.org Subject: <SOLVED> Re: SSHgaurd and PF Message-ID: <alpine.BSF.2.00.1011021153520.20636@yeaguy.com> In-Reply-To: <AANLkTikmWqAhs4Cy0G8TsMKR%2BNGercXFYLaY1c7DoyHf@mail.gmail.com> References: <alpine.BSF.2.00.1011020930390.17971@yeaguy.com> <AANLkTikq%2BgYWD=SEY4nKboV7QUTk9DQdj2bkJ_CRpoAv@mail.gmail.com> <alpine.BSF.2.00.1011021001001.18489@yeaguy.com> <AANLkTi=e5b0OTqbxky_bgYnH3gNeRyKBeYu1McypRmGV@mail.gmail.com> <alpine.BSF.2.00.1011021038080.19472@yeaguy.com> <AANLkTi=29TVb%2BFm6o8Weom_9r6g9_J5vohqOJ=Ngn28f@mail.gmail.com> <alpine.BSF.2.00.1011021140110.20336@yeaguy.com> <AANLkTikmWqAhs4Cy0G8TsMKR%2BNGercXFYLaY1c7DoyHf@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
This message is in MIME format. The first part should be readable text, while the remaining parts are likely unreadable without MIME-aware tools. --623271173-696175327-1288724078=:20636 Content-Type: TEXT/PLAIN; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 8BIT On Tue, 2 Nov 2010, Rob Farmer wrote: > On Tue, Nov 2, 2010 at 11:42, Justin V. <vic@yeaguy.com> wrote: >> So i added this: >> >> auth.info;authpriv.info;ftp.info /var/log/auth.log >> >> >> This is existing: >> >> ftp.info /var/log/xferlog >> >> >> >> >> I see my failed attempts going to auth.log and sshguard is still not >> blocking or logging.. >> >> I restarted both syslog and sshguard.. I feel like we are almost there >> >> >> thanks, >> >> jv > > Great - then try: > > ftp.info |exec /usr/local/sbin/sshguard > > in your /etc/syslog.conf (don't forget to restart syslog) and it > should be working - I'm not sure what the threshold for sshguard to > block someone is, but you could test it - just make sure you have a > way to get back in if it works and your IP is blocked (or wait for the > next script kiddie). > > -- > Rob Farmer > _______________________________________________ > freebsd-questions@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to "freebsd-questions-unsubscribe@freebsd.org" > Your the man.. Worked like a charm. Thanks for all your help! jv --623271173-696175327-1288724078=:20636--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?alpine.BSF.2.00.1011021153520.20636>