[Logcheck-commits] Gerfried Fuchs: Merge ssh rule change from violations.ignore.d/ logcheck-ssh to ignore.d.server/ssh
Gerfried Fuchs
alfie at alioth.debian.org
Wed Sep 24 12:10:17 UTC 2008
Module: logcheck
Branch: 1.2
Commit: 4d92fe32b829d5c53216456c66815b9a3873d251
URL: http://git.debian.org/?p=logcheck/logcheck.git;a=commit;h=4d92fe32b829d5c53216456c66815b9a3873d251
Author: Gerfried Fuchs <rhonda at debian.at>
Date: Wed Sep 24 14:09:40 2008 +0200
Merge ssh rule change from violations.ignore.d/logcheck-ssh to ignore.d.server/ssh
---
debian/changelog | 8 ++++++++
rulefiles/linux/ignore.d.server/ssh | 2 +-
2 files changed, 9 insertions(+), 1 deletions(-)
diff --git a/debian/changelog b/debian/changelog
index a5138e6..8dc44a4 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,11 @@
+logcheck (1.2.69) unstable; urgency=low
+
+ [ Gerfried Fuchs ]
+ * Merge ssh rule change from violations.ignore.d/logcheck-ssh to
+ ignore.d.server/ssh (closes: #500017)
+
+ -- Gerfried Fuchs <rhonda at debian.at> Wed, 24 Sep 2008 14:02:56 +0200
+
logcheck (1.2.68) unstable; urgency=low
* Thanks to Hanspeter Kunz for all his patches.
diff --git a/rulefiles/linux/ignore.d.server/ssh b/rulefiles/linux/ignore.d.server/ssh
index 2123d6e..1143e61 100644
--- a/rulefiles/linux/ignore.d.server/ssh
+++ b/rulefiles/linux/ignore.d.server/ssh
@@ -21,7 +21,7 @@
^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ sshd\[[[:digit:]]+\]: pam_unix\(ssh:[[:alnum:]]+\): check pass; user unknown$
^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ sshd\[[[:digit:]]+\]: pam_unix\(ssh:auth\): auth could not identify password for \[[-_.[:alnum:]]*\]$
^\w{3} [ :0-9]{11} [._[:alnum:]-]+ sshd\[[0-9]+\]: Address [._[:alnum:]-]+ maps to [._[:alnum:]-]+, but this does not map back to the address - POSSIBLE BREAK-?IN ATTEMPT!$
-^\w{3} [ :0-9]{11} [._[:alnum:]-]+ sshd\[[0-9]+\]: reverse mapping checking getaddrinfo for [._[:alnum:]-]+ failed - POSSIBLE BREAK-?IN ATTEMPT!$
+^\w{3} [ :0-9]{11} [._[:alnum:]-]+ sshd\[[0-9]+\]: reverse mapping checking getaddrinfo for [._[:alnum:]-]+ (\[[:.[:xdigit:]]+\] )?failed - POSSIBLE BREAK-?IN ATTEMPT!$
^\w{3} [ :0-9]{11} [._[:alnum:]-]+ sshd\[[0-9]+\]: fatal: recv_rexec_state: ssh_msg_recv failed$
^\w{3} [ :0-9]{11} [._[:alnum:]-]+ sshd\[[0-9]+\]: error: ssh_msg_send: write$
^\w{3} [ :0-9]{11} [._[:alnum:]-]+ sshd\[[0-9]+\]: Disconnecting: Corrupted MAC on input\.$
More information about the Logcheck-commits
mailing list