On Thu, Sep 17, 2009 at 08:56:23AM -0300, Gustavo Freitas wrote: > gostei desta ferramenta. só não entendi como se usa ela.. a > documentação não é lá essas > coisas..
Instala o port para o firewall/filtro de pacotes que utilizar. O prórpio port coloca no /etc/syslog.conf (na primeira linha após os comentários - dê uma olhada no arquivo pkg-install): auth.info;authpriv.info |exec /usr/local/sbin/sshguard Da manpage: sshguard does not make use of any configuration file. Instead, a combina- tion of optional arguments can be passed to its process on the command line, for modifying its default behaviour: -d run in debug mode: all logging is done to standard error, not syslog. -a num block an address after num attack attempts have been detected. (Default: 4) -p secs release a blocked address not sooner than secs seconds after being blocked. sshguard will release the address between X and 3/2 * X seconds. (Default: 7*60) -s secs forget about an address after secs seconds. If host A issues one attack every this many seconds, it will never be blocked. (Default: 20*60) -w addr/host/block/file see the WHITELISTING section. -f servicecode:pidfile see the LOG MESSAGE AUTHENTICATION section. Bastante simples, por sinal. []'s -- Ricardo Campos Passanezi ------------------------- Histórico: http://www.fug.com.br/historico/html/freebsd/ Sair da lista: https://www.fug.com.br/mailman/listinfo/freebsd