Re: fail2ban: missing regexp for ssh
Yes: https://bugs.launchpad.net/ubuntu/+source/fail2ban/+bug/152964 Screenshot: http://nighty.ulyssis.org/fail2ban_bug.png On Mon, 2007-10-15 at 17:16 -0500, Nicolas Valcarcel wrote: > I don't know why i can't see your bug report, it says i have no > permissions did you have the specific URL? like > https://bugs.launchpad.net/ubuntu/+source/fail2ban/+bug/153092 > > > On 10/15/07, Rial Juan <[EMAIL PROTECTED]> wrote: > > Sorry, I already dit it... Should probably have done a reply > to all instead of just a reply to Matthias. > > My bug report: https://bugs.launchpad.net/bugs/152964 > > I suggest you mark your bug as a duplicate of mine or > something so it's not filed twice... > > And don't worry 'bout the typo; I was feeling quite tired > myself when I mailed this bug report to the list, otherwise I > wouldn't have been so daft as to bother you guys with it, and > filed it to lauchpad myself... > > Kind regards, > > > > On Mon, 2007-10-15 at 16:58 -0500, Nicolas Valcarcel wrote: > > > Sorry, typo mistake, s/feeling/filling/g i'm kind of tired > > > > On 10/15/07, Nicolas Valcarcel <[EMAIL PROTECTED]> > > wrote: > > > > I'm feeling the bug on LP > > > > > > On 10/15/07, Mathias Gug <[EMAIL PROTECTED] > > > wrote: > > > > Hi Rial, > > > > On Sat, Oct 13, 2007 at 11:11:18AM +0200, > > Rial Juan wrote: > > > I don't know if this can be considered a > > bug or not; are valid users > > > within the scope anyway? I for one feel > > safer, though, knowing that > > > password attacks against the passwords of > > valid users will be stopped at > > > the gates as well as random login attempts > > for invalid users. > > > > > > > Could you file a bug report on launchpad.net > > about this issue > > > (https://bugs.launchpad.net/ubuntu/+source/fail2ban/+filebug ) ? > > > > -- > > Mathias > > > > -- > > Ubuntu-motu mailing list > > Ubuntu-motu@lists.ubuntu.com > > Modify settings or unsubscribe at: > > > https://lists.ubuntu.com/mailman/listinfo/ubuntu-motu > > > > > > > > > > > > -- > > aka nxvl > > Yo uso Software Libre, y tu? > > > > > > > > > > -- > > aka nxvl > > Yo uso Software Libre, y tu? > > -- > Welcome to text-only Counterstrike. > You are in a dark, outdoor map. > > > go north > You have been pwned by a grue. > > > > > -- > aka nxvl > Yo uso Software Libre, y tu? -- Welcome to text-only Counterstrike. You are in a dark, outdoor map. > go north You have been pwned by a grue. -- Ubuntu-motu mailing list Ubuntu-motu@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-motu
Re: fail2ban: missing regexp for ssh
Sorry, I already dit it... Should probably have done a reply to all instead of just a reply to Matthias. My bug report: https://bugs.launchpad.net/bugs/152964 I suggest you mark your bug as a duplicate of mine or something so it's not filed twice... And don't worry 'bout the typo; I was feeling quite tired myself when I mailed this bug report to the list, otherwise I wouldn't have been so daft as to bother you guys with it, and filed it to lauchpad myself... Kind regards, On Mon, 2007-10-15 at 16:58 -0500, Nicolas Valcarcel wrote: > Sorry, typo mistake, s/feeling/filling/g i'm kind of tired > > > On 10/15/07, Nicolas Valcarcel <[EMAIL PROTECTED]> wrote: > > I'm feeling the bug on LP > > > > > On 10/15/07, Mathias Gug <[EMAIL PROTECTED] > wrote: > > Hi Rial, > > On Sat, Oct 13, 2007 at 11:11:18AM +0200, Rial Juan > wrote: > > I don't know if this can be considered a bug or not; > are valid users > > within the scope anyway? I for one feel safer, > though, knowing that > > password attacks against the passwords of valid > users will be stopped at > > the gates as well as random login attempts for > invalid users. > > > > Could you file a bug report on launchpad.net about > this issue > (https://bugs.launchpad.net/ubuntu/+source/fail2ban/+filebug > ) ? > > -- > Mathias > > -- > Ubuntu-motu mailing list > Ubuntu-motu@lists.ubuntu.com > Modify settings or unsubscribe at: > https://lists.ubuntu.com/mailman/listinfo/ubuntu-motu > > > > > > > -- > aka nxvl > Yo uso Software Libre, y tu? > > > > > -- > aka nxvl > Yo uso Software Libre, y tu? -- Welcome to text-only Counterstrike. You are in a dark, outdoor map. > go north You have been pwned by a grue. -- Ubuntu-motu mailing list Ubuntu-motu@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-motu
Re: fail2ban: missing regexp for ssh
I don't know why i can't see your bug report, it says i have no permissions did you have the specific URL? like https://bugs.launchpad.net/ubuntu/+source/fail2ban/+bug/153092 On 10/15/07, Rial Juan <[EMAIL PROTECTED]> wrote: > > Sorry, I already dit it... Should probably have done a reply to all > instead of just a reply to Matthias. > > My bug report: https://bugs.launchpad.net/bugs/152964 > > I suggest you mark your bug as a duplicate of mine or something so it's > not filed twice... > > And don't worry 'bout the typo; I was feeling quite tired myself when I > mailed this bug report to the list, otherwise I wouldn't have been so daft > as to bother you guys with it, and filed it to lauchpad myself... > > Kind regards, > > On Mon, 2007-10-15 at 16:58 -0500, Nicolas Valcarcel wrote: > > Sorry, typo mistake, s/feeling/filling/g i'm kind of tired > > On 10/15/07, *Nicolas Valcarcel* <[EMAIL PROTECTED]> wrote: > > I'm feeling the bug on LP > > > > On 10/15/07, *Mathias Gug* <[EMAIL PROTECTED] > wrote: > > Hi Rial, > > On Sat, Oct 13, 2007 at 11:11:18AM +0200, Rial Juan wrote: > > I don't know if this can be considered a bug or not; are valid users > > within the scope anyway? I for one feel safer, though, knowing that > > password attacks against the passwords of valid users will be stopped at > > the gates as well as random login attempts for invalid users. > > > > Could you file a bug report on launchpad.net about this issue > (https://bugs.launchpad.net/ubuntu/+source/fail2ban/+filebug ) ? > > -- > Mathias > > -- > Ubuntu-motu mailing list > Ubuntu-motu@lists.ubuntu.com > Modify settings or unsubscribe at: > https://lists.ubuntu.com/mailman/listinfo/ubuntu-motu > > > > > > -- > aka nxvl > Yo uso Software Libre, y tu? > > > > > -- > aka nxvl > Yo uso Software Libre, y tu? > > -- > Welcome to text-only Counterstrike. > You are in a dark, outdoor map. > > > go north > You have been pwned by a grue. > > -- aka nxvl Yo uso Software Libre, y tu? -- Ubuntu-motu mailing list Ubuntu-motu@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-motu
Re: fail2ban: missing regexp for ssh
Sorry, typo mistake, s/feeling/filling/g i'm kind of tired On 10/15/07, Nicolas Valcarcel <[EMAIL PROTECTED]> wrote: > > I'm feeling the bug on LP > > On 10/15/07, Mathias Gug <[EMAIL PROTECTED]> wrote: > > > > Hi Rial, > > > > On Sat, Oct 13, 2007 at 11:11:18AM +0200, Rial Juan wrote: > > > I don't know if this can be considered a bug or not; are valid users > > > within the scope anyway? I for one feel safer, though, knowing that > > > password attacks against the passwords of valid users will be stopped > > at > > > the gates as well as random login attempts for invalid users. > > > > > > > Could you file a bug report on launchpad.net about this issue > > (https://bugs.launchpad.net/ubuntu/+source/fail2ban/+filebug ) ? > > > > -- > > Mathias > > > > -- > > Ubuntu-motu mailing list > > Ubuntu-motu@lists.ubuntu.com > > Modify settings or unsubscribe at: > > https://lists.ubuntu.com/mailman/listinfo/ubuntu-motu > > > > > > -- > aka nxvl > Yo uso Software Libre, y tu? -- aka nxvl Yo uso Software Libre, y tu? -- Ubuntu-motu mailing list Ubuntu-motu@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-motu
Re: fail2ban: missing regexp for ssh
I'm feeling the bug on LP On 10/15/07, Mathias Gug <[EMAIL PROTECTED]> wrote: > > Hi Rial, > > On Sat, Oct 13, 2007 at 11:11:18AM +0200, Rial Juan wrote: > > I don't know if this can be considered a bug or not; are valid users > > within the scope anyway? I for one feel safer, though, knowing that > > password attacks against the passwords of valid users will be stopped at > > the gates as well as random login attempts for invalid users. > > > > Could you file a bug report on launchpad.net about this issue > (https://bugs.launchpad.net/ubuntu/+source/fail2ban/+filebug) ? > > -- > Mathias > > -- > Ubuntu-motu mailing list > Ubuntu-motu@lists.ubuntu.com > Modify settings or unsubscribe at: > https://lists.ubuntu.com/mailman/listinfo/ubuntu-motu > -- aka nxvl Yo uso Software Libre, y tu? -- Ubuntu-motu mailing list Ubuntu-motu@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-motu
Re: fail2ban: missing regexp for ssh
Hi Rial, On Sat, Oct 13, 2007 at 11:11:18AM +0200, Rial Juan wrote: > I don't know if this can be considered a bug or not; are valid users > within the scope anyway? I for one feel safer, though, knowing that > password attacks against the passwords of valid users will be stopped at > the gates as well as random login attempts for invalid users. > Could you file a bug report on launchpad.net about this issue (https://bugs.launchpad.net/ubuntu/+source/fail2ban/+filebug) ? -- Mathias -- Ubuntu-motu mailing list Ubuntu-motu@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-motu
fail2ban: missing regexp for ssh
Hi, The current configuration shipped with version 0.7.6-3ubuntu1 of fail2ban fails to catch failed login attempts for valid users. Example line of my /var/log/auth.log that didn't get matched: Oct 13 10:16:34 tardis sshd[18845]: Failed password for nighty from 87.238.161.11 port 38046 ssh2 Replacing the following line in /etc/fail2ban/filter.d/sshd.conf: (?:Authentication failure|Failed [-/\w+]+) for(?: [iI](?:llegal| nvalid))? user .*(?: from|FROM) with (?:Authentication failure|Failed [-/\w+]+) for .*(?: from|FROM) remedies this. Just tested it from 2 remote hosts to my machine, and it catches wrong passwords as well as empty passwords, like the old rule did, but this time also for existing users. I don't know if this can be considered a bug or not; are valid users within the scope anyway? I for one feel safer, though, knowing that password attacks against the passwords of valid users will be stopped at the gates as well as random login attempts for invalid users. In case of feedback, please include me in cc as I'm not subscribed. ps: package info tells me to mail the bugs to [EMAIL PROTECTED] but I chose to mail the address specified under "maintainer" instead; I don't see why ubuntu-users needs this bug report anyway... Perhaps an error in the package definition? Kind regards, Rial Juan -- Welcome to text-only Counterstrike. You are in a dark, outdoor map. > go north You have been pwned by a grue. -- Ubuntu-motu mailing list Ubuntu-motu@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-motu