• Back to project

All releases of sshguard

Changes: With respect to 1.5beta3, this release completes support for IPv6 by adding support for CIDR-based IPv6 whitelisting and whitelisting of both IPv4 and IPv6 addresses when adding hosts. IPv4-mapped IPv6 addresses are passed to backend firewalls as IPv4. This is the last release that adds features for 1.5. The next releases will only fix bugs until 1.5 stable.

Changes: Sshguard now recognizes "last message repeated N times" messages, contextually and per-source. Attackers are now gauged with dangerousness instead of attack counts by adjusting the '-a' option. Support for Sendmail relaying abuse and for vsftpd authentication failure messages has been added. The recognition of messages of Gentoo's PAM implementation for authentication failure has been added.

Changes: The Log Sucker has been extended to handle volatile files. Support was included for new attack patterns from Exim and cucipop. The recognition of certain IPv6 addresses has been corrected.

Changes: This release is capable of monitoring many log files at once without relying on logging systems such as syslog. It introduces a number of other fixes and improvements.

Changes: This release includes many new features (touchiness, automatic permanent blacklisting, IPv6 whitelisting, and more), many bugfixes to the logic, and some fixes and additions to the log analyzer.

Changes: Planned as the last Release Candidate before 1.4 stable, this series contains several new features and bugfixes. Notably, sshguard is now "touchy", reacts increasingly badly with insisting abusers, and can build a permanent blacklist of frequent attackers to be loaded at each start-up. Bugfixes cover IPv6 compatibility on the Mac and a potential BoF exploitable by local users when SSHGuard is setuid-root.

Changes: From rc3, various fixes were made to the blacklisting module, and the blacklist command line interface was improved. Revisions were made to the man page. Process names with "-" and "_" characters are now accepted. Abuse threshold = 1 is now correctly handled. Some fixes were made to SimCList.

Changes: Sshguard ignores interrupted fgets() and reloads less frequently. Support for non-POSIX libCs that require getopt.h. The iptables insertion policy complies with further filtering rules. There is an update to simclist 1.4.1 that defines EPROTO for OSes that lack it (e.g. OpenBSD). Detection of some ProFTPd and pure-ftp messages has been fixed. Detection of hostnames in the ProFTPd message has been fixed. A possible infinite loop on blacklisted addresses has been fixed.

Changes: This release fixes compiler flags for the latest version of simclist: some backend modules that gave compilation problems now work. list_find() has been moved to list_locate() according to API changes in simclist.

Changes: Touchiness was added, so repeated abusers are blocked for longer and longer. Experimental blacklisting was added to store frequent abusers for permanent blocking. The documentation was updated.