Date: Tue, 22 Aug 2006 06:59:17 +0800 (CST) From: Gea-Suan Lin <gslin@gslin.org> To: FreeBSD-gnats-submit@FreeBSD.org Cc: gslin@gslin.org Subject: ports/102367: [NEW PORT] security/blocksshd: Protects computers from SSH brute force attacks Message-ID: <20060821225917.73EFB10F@netnews.NCTU.edu.tw> Resent-Message-ID: <200608212300.k7LN0U3n087019@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
>Number: 102367 >Category: ports >Synopsis: [NEW PORT] security/blocksshd: Protects computers from SSH brute force attacks >Confidential: no >Severity: non-critical >Priority: low >Responsible: freebsd-ports-bugs >State: open >Quarter: >Keywords: >Date-Required: >Class: change-request >Submitter-Id: current-users >Arrival-Date: Mon Aug 21 23:00:30 GMT 2006 >Closed-Date: >Last-Modified: >Originator: Gea-Suan Lin >Release: FreeBSD 6.1-RELEASE i386 >Organization: >Environment: System: FreeBSD netnews.NCTU.edu.tw 6.1-RELEASE FreeBSD 6.1-RELEASE #0: Sat May 13 03:43:48 CST 2006 >Description: BlockSSHD protects computers from SSH brute force attacks by dynamically blocking IP addresses by adding iptables rules. WWW: http://sourceforge.net/projects/blocksshd/ Generated with FreeBSD Port Tools 0.77 >How-To-Repeat: >Fix: --- blocksshd-0.7.shar begins here --- # This is a shell archive. Save it in a file, remove anything before # this line, and then unpack it by entering "sh file". Note, it may # create directories; files and directories will be owned by you and # have default permissions. # # This archive contains: # # blocksshd # blocksshd/pkg-descr # blocksshd/Makefile # blocksshd/distinfo # blocksshd/pkg-plist # blocksshd/files # blocksshd/files/patch-blocksshd.conf # echo c - blocksshd mkdir -p blocksshd > /dev/null 2>&1 echo x - blocksshd/pkg-descr sed 's/^X//' >blocksshd/pkg-descr << 'END-of-blocksshd/pkg-descr' XBlockSSHD protects computers from SSH brute force attacks by Xdynamically blocking IP addresses by adding iptables rules. X XWWW: http://sourceforge.net/projects/blocksshd/ END-of-blocksshd/pkg-descr echo x - blocksshd/Makefile sed 's/^X//' >blocksshd/Makefile << 'END-of-blocksshd/Makefile' X# New ports collection makefile for: blocksshd X# Date created: 2006-07-20 X# Whom: Gea-Suan Lin <gslin@gslin.org> X# X# $FreeBSD$ X# X XPORTNAME= blocksshd XPORTVERSION= 0.7 XCATEGORIES= security sysutils XMASTER_SITES= ${MASTER_SITE_SOURCEFORGE} XMASTER_SITE_SUBDIR= blocksshd X XMAINTAINER= gslin@gslin.org XCOMMENT= Protects computers from SSH brute force attacks X XRUN_DEPENDS= ${SITE_PERL}/File/Tail.pm:${PORTSDIR}/devel/p5-File-Tail \ X ${SITE_PERL}/Net/DNS/Resolver.pm:${PORTSDIR}/dns/p5-Net-DNS \ X ${SITE_PERL}/Proc/Daemon.pm:${PORTSDIR}/devel/p5-Proc-Daemon \ X ${SITE_PERL}/Proc/PID/File.pm:${PORTSDIR}/devel/p5-Proc-PID-File X XMAKE_ARGS= PREFIX="${TARGETDIR}" XNO_BUILD= yes XUSE_PERL5_RUN= yes X XMAN1= blocksshd.1 X Xpost-patch: X @${CHMOD} 755 ${WRKSRC}/init X Xpost-install: X ${INSTALL_DATA} ${WRKSRC}/blocksshd.conf ${TARGETDIR}/etc X X.include <bsd.port.mk> END-of-blocksshd/Makefile echo x - blocksshd/distinfo sed 's/^X//' >blocksshd/distinfo << 'END-of-blocksshd/distinfo' XMD5 (blocksshd-0.7.tar.gz) = 166b4ecbe7bc35723d07fc4a4238c689 XSHA256 (blocksshd-0.7.tar.gz) = 40d776837af7bdebf6491286b67128e7a09c0e199b53973d1e1bcea57c8c80d1 XSIZE (blocksshd-0.7.tar.gz) = 9586 END-of-blocksshd/distinfo echo x - blocksshd/pkg-plist sed 's/^X//' >blocksshd/pkg-plist << 'END-of-blocksshd/pkg-plist' X@comment $FreeBSD$ Xbin/blocksshd Xetc/blocksshd.conf END-of-blocksshd/pkg-plist echo c - blocksshd/files mkdir -p blocksshd/files > /dev/null 2>&1 echo x - blocksshd/files/patch-blocksshd.conf sed 's/^X//' >blocksshd/files/patch-blocksshd.conf << 'END-of-blocksshd/files/patch-blocksshd.conf' X--- blocksshd.conf.orig Tue Aug 22 06:46:45 2006 X+++ blocksshd.conf Tue Aug 22 06:47:21 2006 X@@ -3,7 +3,7 @@ X $cfg = { X os => 'linux', # Target OS - either linux or bsd X chain => 'blocksshd', # Name of iptables or pf chain X- logfile => '/var/log/secure', # Log file to monitor X+ logfile => '/var/log/auth.log', # Log file to monitor X logcheck => '10', # How often to check the log file X max_attempts => '4', # Max number of failures X timeout => '360', # Reset IP count if no activity after time out in seconds X@@ -14,7 +14,7 @@ X pid_file => '/var/run/blocksshd.pid', # Location of PID file X send_email => '1', # Enable the sending of email notifications X email => 'root', # Email address to send notifications X- mail => '/bin/mail', # Location of mail binary X+ mail => '/usr/bin/mail', # Location of mail binary X iptables => '/sbin/iptables', # Location of iptables binary - only for Linux X pfctl => '/sbin/pfctl', # Location of pfctl binary - only for BSD X whitelist => [qw{ END-of-blocksshd/files/patch-blocksshd.conf exit --- blocksshd-0.7.shar ends here --- >Release-Note: >Audit-Trail: >Unformatted:
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20060821225917.73EFB10F>