[Logcheck-devel] Bug#376462: new ignore.d.server/ssh rules

martin f krafft madduck at debian.org
Mon Jul 3 05:46:07 UTC 2006

Package: logcheck-database
Version: 1.2.44
Severity: wishlist
Tags: patch

Rationale: unless you're paranoid, you don't really care about
people banging your SSH port and trying random user names.

^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ sshd\[[[:digit:]]+\]: I(llegal|nvalid) user [-[:alnum:]]+ from (::ffff:)?[.[:digit:]]+$
^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ sshd\[[[:digit:]]+\]: \(pam_unix\) check pass; user unknown$

Please do not send copies of list mail to me; I read the list!
 .''`.     martin f. krafft <madduck at debian.org>
: :'  :    proud Debian developer and author: http://debiansystem.info
`. `'`
  `-  Debian - when you have better things to do than fixing a system
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: Digital signature (GPG/PGP)
Url : http://lists.alioth.debian.org/pipermail/logcheck-devel/attachments/20060703/b99b87a9/attachment.pgp 

More information about the Logcheck-devel mailing list