Please read this before reporting a bug:
https://wiki.archlinux.org/title/Bug_reporting_guidelines
Do NOT report bugs when a package is just outdated, or it is in the AUR. Use the 'flag out of date' link on the package page, or the Mailing List.
REPEAT: Do NOT report bugs for outdated packages!
https://wiki.archlinux.org/title/Bug_reporting_guidelines
Do NOT report bugs when a package is just outdated, or it is in the AUR. Use the 'flag out of date' link on the package page, or the Mailing List.
REPEAT: Do NOT report bugs for outdated packages!
FS#37150 - [sshguard] attacks missed due to log prefix
Attached to Project:
Community Packages
Opened by Johan R (cleanrock) - Monday, 30 September 2013, 19:23 GMT
Last edited by Massimiliano Torromeo (mtorromeo) - Wednesday, 30 October 2013, 18:23 GMT
Opened by Johan R (cleanrock) - Monday, 30 September 2013, 19:23 GMT
Last edited by Massimiliano Torromeo (mtorromeo) - Wednesday, 30 October 2013, 18:23 GMT
|
DetailsI just noticed that sshguard missed all attacks made today (Sep 30).
I am using --output=cat now to avoid this problem. sshguard 1.5-15 Steps to reproduce: Start sshguard in debug mode and paste attacks. # env SSHGUARD_DEBUG=foo /usr/bin/sshguard It will not catch: Sep 30 02:25:50 host sshd[4033]: Failed password for root from 1.2.3.4 port 40316 ssh2 Change 30 to 29 and it will be catched: Sep 29 02:25:50 host sshd[4033]: Failed password for root from 1.2.3.4 port 40316 ssh2 |
This task depends upon
Closed by Massimiliano Torromeo (mtorromeo)
Wednesday, 30 October 2013, 18:23 GMT
Reason for closing: Fixed
Additional comments about closing: sshguard-1.5-16
Wednesday, 30 October 2013, 18:23 GMT
Reason for closing: Fixed
Additional comments about closing: sshguard-1.5-16