Installing sshdfilter on ubuntu 10.4 LTS

Question

FelineHazard 0 Newbie Poster

12 Years Ago

Hi all,

I am attempting to install sshdfilter on my ubuntu 10.4 LTS machine. This package is supposed to block ssh-bruteforce attacks. It does that by adding blocking rules to iptables when multiple bad ssh logins are detected, and blocks the ip that initiated them.

This package usually relies on /var/log/sshd.fifo, but in ubuntu the file is called /var/log/auth.log, so I created a symlink

sudo ln -s /var/log/auth.log /var/log/sshd.fifo

After doing that I continued the installation by the excellent instructions here.
Unfortunately, I have no idea how to test if it is really working! :-(
Any ideas hot to test it?

Thanks a log,
-R

ubuntu

2 Contributors
3 Replies
230 Views
1 Day Discussion Span
Latest Post 12 Years Ago Latest Post by FelineHazard

rch1231 169 Posting Shark

12 Years Ago

Hello,

I tried that sshdfilter and found denyhosts to be a much easier application to install and configure. And it works.

Reply to this topic

Be a part of the DaniWeb community

We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.

FelineHazard 0 Newbie Poster · Answer 1 · 2012-03-09T20:31:04+00:00

Thanks, I'll try it and report back. I'm starting to think that sshdfilter is just too much trouble for debian-based distros.

FelineHazard 0 Newbie Poster · Answer 2 · 2012-03-10T14:58:34+00:00

Ok thanks. I actually found fail2ban a bit more ubuntu-friendly.
-R