On 04/29/2016 11:24 PM, Dennis Davis wrote:
> As an alternative, sshguard: http://www.sshguard.net/ appears to have
> the capability to guard multiple services, including exim.
I only took a limited look, but it seems like sshguard has a fairly
short list of signatures built in. If you want to add something, you
might have to compile from sources (and even then I don't know if you
can easily add your own signatures).
http://www.sshguard.net/docs/reference/attack-signatures/
Does someone who has used it know differently?
(For those who have not tried fail2ban, it comes with a configuration
"tree" of multiple signatures for the logs of many services. You can
pick and choose or easily add your own, where "easily" means "if you are
handy with regular expressions or willing to do a certain amount of
trial and error".)
