summaryrefslogtreecommitdiff
path: root/network/sshguard/README
diff options
context:
space:
mode:
Diffstat (limited to 'network/sshguard/README')
-rw-r--r--network/sshguard/README14
1 files changed, 14 insertions, 0 deletions
diff --git a/network/sshguard/README b/network/sshguard/README
new file mode 100644
index 0000000000..0739e1d5d3
--- /dev/null
+++ b/network/sshguard/README
@@ -0,0 +1,14 @@
+SSHGuard protects hosts from brute-force attacks against SSH and other services.
+It has been written entirely in C and has no external dependencies and no
+configuration file. SSHGuard aggregates system logs and blocks repeat offenders.
+It can read log messages from standard input (suitable for piping from syslog)
+or monitor one or more log files. Log messages are parsed, line-by-line, for
+recognized patterns. If an attack, such as several login failures within a few
+seconds, is detected, the offending IP is blocked. Offenders are unblocked after
+a set interval, but can be semi-permanently banned using the blacklist option.
+
+IMPORTANT:
+You will need to properly set up "sshguard" chain in iptables. For further
+information PLEASE CONSULT MAN PAGE installed together with this package.
+The information available on the website tends to be outdated, (it is well
+worth reading anyway).