[Logcheck-commits] CVS logcheck/rulefiles/linux/violations.ignore.d
CVS User madduck
logcheck-devel at lists.alioth.debian.org
Tue Jul 4 22:30:07 UTC 2006
Update of /cvsroot/logcheck/logcheck/rulefiles/linux/violations.ignore.d
In directory haydn:/tmp/cvs-serv19277/rulefiles/linux/violations.ignore.d
Modified Files:
logcheck-ssh
Log Message:
* ignore.d.server/ssh: ignore messages about missing shadow information
for NOUSER (when there was a NULL user passed in the SSH protocol).
* ignore.d.server/ssh: make sure that we never get bothered by scans again
(closes: #376461, #354820).
* ignore.d.server/ssh: ignore SSH disconnects (closes: #376474).
--- /cvsroot/logcheck/logcheck/rulefiles/linux/violations.ignore.d/logcheck-ssh 2006/06/04 19:22:35 1.4
+++ /cvsroot/logcheck/logcheck/rulefiles/linux/violations.ignore.d/logcheck-ssh 2006/07/04 22:30:07 1.5
@@ -2,3 +2,5 @@
^\w{3} [ :0-9]{11} [._[:alnum:]-]+ sshd\[[0-9]+\]: warning: /etc/hosts.deny, line [0-9]+: host name/name mismatch: [._[:alnum:]-]+ != [._[:alnum:]-]+$
^\w{3} [ :0-9]{11} [._[:alnum:]-]+ sshd\[[0-9]+\]: reverse mapping checking getaddrinfo for [._[:alnum:]-]+ failed - POSSIBLE BREAK-?IN ATTEMPT!$
^\w{3} [ :0-9]{11} [._[:alnum:]-]+ sshd\[[0-9]+\]: Address [._[:alnum:]-]+ maps to [._[:alnum:]-]+, but this does not map back to the address - POSSIBLE BREAKIN ATTEMPT!$
+^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ sshd\[[[:digit:]]+\]: fatal: Write failed: Broken pipe$
+^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ sshd\[[[:digit:]]+\]: fatal: Write failed: Connection timed out$
More information about the Logcheck-commits
mailing list